Re: Mailman/Postfix execute_no_trans denial

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I wrote:
> When I get a moment I'll boot to FC5 and try changing the context to
> see what happens.

Changing the context on /usr/lib/mailman/mail/mailman from lib_t to
bin_t does get things further, and on to the next set of denials.

The avc messages:

May 22 20:06:36 localhost kernel: audit(1148342796.414:35): avc:  denied  { create } for  pid=9382 comm="python" scontext=user_u:system_r:postfix_local_t:s0 tcontext=user_u:system_r:postfix_local_t:s0 tclass=netlink_route_socket
May 22 20:06:36 localhost kernel: audit(1148342796.578:36): avc:  denied  { search } for  pid=9382 comm="python" name="log" dev=sda2 ino=489147 scontext=user_u:system_r:postfix_local_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=dir
May 22 20:06:36 localhost kernel: audit(1148342796.582:37): avc:  denied  { write } for  pid=9382 comm="python" name="in" dev=sda2 ino=491751 scontext=user_u:system_r:postfix_local_t:s0 tcontext=user_u:object_r:mailman_data_t:s0 tclass=dir

The postfix messages:

May 22 20:06:36 localhost postfix/pickup[9212]: 4CD6513687C: uid=500 from=<tmz>
May 22 20:06:36 localhost postfix/cleanup[9379]: 4CD6513687C: message-id=<20060523000636.GE9258@xxxxxxxxxxxxxxxxxxxxx>
May 22 20:06:36 localhost postfix/qmgr[9213]: 4CD6513687C: from=<tmz@xxxxxxxxxxxxxxxxxxxxx>, size=463, nrcpt=1 (queue active)
May 22 20:06:36 localhost postfix/local[9381]: 4CD6513687C: to=<pgp-test@xxxxxxxxxxxxxxxxxxxxx>, relay=local, delay=0, status=bounced (Command died with status 1: "/usr/lib/mailman/mail/mailman post pgp-test". Command output: Traceback (most recent call last):   File "/usr/lib/mailman/scripts/post", line 69, in ?     main()   File "/usr/lib/mailman/scripts/post", line 64, in main     tolist=1, _plaintext=1)   File "/usr/lib/mailman/Mailman/Queue/Switchboard.py", line 126, in enqueue     fp = open(tmpfile, 'w') IOError: [Errno 13] Permission denied: '/var/spool/mailman/in/1148342796.5827579+b203c4871f8a8269deaef98890980ed0bff9cedb.pck.tmp' )
May 22 20:06:36 localhost postfix/cleanup[9379]: 989B4136A2C: message-id=<20060523000636.989B4136A2C@xxxxxxxxxxxxxxxxxxxxx>

I'm not sure whether it's worth trying to chase every denial down this
path or if there is a better fix that can be applied.

- -- 
Todd        OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
======================================================================
life, n.: A whim of several billion cells to be you for a while.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iG0EARECAC0FAkRyVKUmGGh0dHA6Ly93d3cucG9ib3guY29tL350bXovcGdwL3Rt
ei5hc2MACgkQuv+09NZUB1rmngCfc27XjGsipxCQBzLedxAVxAgyz0MAn3CMcE4l
5SzqENSLqmG001dYT4id
=Ts1k
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux