-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pad Hosmane wrote: > >> Can I know why email option is not working? > > The email option should work assuming that SE Linux policy allows it. I > just checked the source code. If the email address has a '@' symbol, > auditd calls gethostbyname to make sure that you don't have a typo in > the email address and it can't send an email when it needs to. Since SE > Linux policy fails that, it rejects that address and then in turn fails > the startup to let you know that you have something wrong in the > configuration. > > There's possibly a workaround where you use a local alias that > sendmail/postfix resolves into your real email address. This way you do > not need an email address with a '@' in it. This should be temporary > until policy is fixed. > > Also, when it does come time for auditd to send its first email, we > still need a transition from auditd to a mta domain. Auditd calls > /usr/lib/sendmail if that matters to anyone. > > -Steve > > > Hi Steve, > Thanks a lot for all the help. I truly appreciate your help and all > others who helped me to resolve the issue. > > Thanks. > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Current audit policy allows the transition to an mta (mta_send_mail(auditd_t) It did not however allow the communications with dns, as you stated. Fixes in selinux-policy-2.4.6-126.el5 selinux-policy-3.0.8-95.fc8 selinux-policy-3.3.1-22.fc9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkfiyPUACgkQrlYvE4MpobPejgCfe+GB7VG9gT639fFLesl0bBht v6MAn2FyU5be/TXTQrHJ4TcqjBQIv6pV =bh9N -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
