Hi Folks - Using FC4 postfix with 'postgrey', a greylisting service that communicates via a unix socket: # ll -Z /var/spool/postfix/postgrey/socket srw-rw-rw- postgrey nobody root:object_r:postfix_spool_t /var/spool/postfix/postgrey/socket After recent updates: Sep 27 09:25:17 Updated: audit-libs.i386 1.0.4-1.fc4 Sep 27 09:25:31 Updated: audit.x86_64 1.0.4-1.fc4 Sep 27 09:25:34 Updated: selinux-policy-targeted.noarch 1.27.1-2.2 Sep 27 09:25:35 Updated: audit-libs.x86_64 1.0.4-1.fc4 and a reboot, the socket is not available for postfix to open: Sep 27 14:08:56 siamese postfix/smtpd[13486]: warning: connect to /var/spool/postfix/postgrey/socket: Permission denied Sep 27 14:08:56 siamese postfix/smtpd[13486]: warning: problem talking to server /var/spool/postfix/postgrey/socket: Permission denied Mail is then getting kicked because of this with, eg: Sep 27 14:08:57 siamese postfix/smtpd[13486]: NOQUEUE: reject: RCPT from hormel.redhat.com[209.132.177.30]: 450 Server configuration problem; from=<fedora-list-bounces@xxxxxxxxxx> to=<andy@xxxxxxxxxxx> proto=ESMTP helo=<hormel.redhat.com> However there are no avc complaints in /var/log/messages. Turning off enforcing (of the targetted mode this is) in system-config-securitylevel enables mail to work, therefore I deduce it is to do with selinux despite the lack of complaints. The socket is live alright as it appears (twice?) on: # lsof -n | grep postgrey\/socket postgrey 12989 postgrey 5u unix 0xffff81007995d800 77801 /var/spool/postfix/postgrey/socket postgrey 12989 postgrey 9u unix 0xffff810005ed3800 92050 /var/spool/postfix/postgrey/socket Any advice? -Andy
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
