Stephen John Smoogen wrote:
On 9/29/06, Stephen John Smoogen <smooge@xxxxxxxxx> wrote:
I installed a system from the original FC5 disks and updated to latest
versions in yum repos. I changed over to postfix and found that it
wasnt working for some reason.. no errros to /var/log/messages or
/var/log/secure.. and I completely forgot for a day to look at audit.
That has to be the worst subject I could have come up with. Probably
not enough sleep.
...
postfix was able to start email but could not do a mailq
doing a mailq showed me things like
allow postfix_local_t initrc_var_run_t:file { read write };
allow postfix_showq_t initrc_var_run_t:file { read write };
type=AVC msg=audit(1159574724.622:397): avc: denied { read write }
for pid=2621 comm="local" name="unix.local" dev=dm-3 ino=163870
scontext=system_u:system_r:postfix_local_t:s0
tcontext=user_u:object_r:initrc_var_run_t:s0 tclass=file
Was caused by:
Missing or disabled TE allow rule.
Allow rules may exist but be disabled by boolean
settings; check boolean settings.
You can see the necessary allow rules by running
audit2allow with this audit message as input.
type=AVC msg=audit(1159574753.636:398): avc: denied { read write }
for pid=2625 comm="showq" name="unix.showq" dev=dm-3 ino=163871
scontext=system_u:system_r:postfix_showq_t:s0
tcontext=user_u:object_r:initrc_var_run_t:s0 tclass=file
Was caused by:
Missing or disabled TE allow rule.
Allow rules may exist but be disabled by boolean
settings; check boolean settings.
You can see the necessary allow rules by running
audit2allow with this audit message as input.
Not sure what I should do next. Turning off the selinux
selinux-policy-targeted-2.3.7-2.fc5
selinux-policy-2.3.7-2.fc5
This looks like a labeing problem. Which directory are unix.showq and
unix.local in?
Labeled initrc_var_run_t means they were created in an init script and
SELinux policy is denying
access to these files.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
