I am getting bombed Spamassassin for which SELinux is complaining:
Dec 22 14:03:01 gold setroubleshoot: SELinux is preventing the
spamassassin (spamassassin_t) from binding to port 31120. For complete
SELinux messages. run sealert -l d55ced24-a79c-4712-9ed3-854874f886e3
Please note, this is message one of *many* reports for which the port
numbers
are running up and down the port numbers in the thousands... and failing...
Did I mis-configure Spamassassin or is this an SELinux issue?
=========================================================
# sealert -l d55ced24-a79c-4712-9ed3-854874f886e3:
Summary:
SELinux is preventing the spamassassin (spamassassin_t) from binding to port
32733.
Detailed Description:
SELinux has denied the spamassassin from binding to a network port 32733
which
does not have an SELinux type associated with it. If spamassassin is
supposed to
be allowed to listen on this port, you can use the semanage command to
add this
port to a port type that spamassassin_t can bind to. semanage port -l
will list
all port types. Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against the
selinux-policy
package. If spamassassin is not supposed to bind to this port, this
could signal
a intrusion attempt. If this system is running as an NIS Client, turning
on the
allow_ypbind boolean, may fix the problem. setsebool -P allow_ypbind=1.
Allowing Access:
If you want to allow spamassassin to bind to this port semanage port -a -t
PORT_TYPE -p PROTOCOL 32733 Where PORT_TYPE is a type that
spamassassin_t can
bind and PROTOCOL is udp or tcp.
Additional Information:
Source Context system_u:system_r:spamassassin_t:s0
Target Context system_u:object_r:port_t:s0
Target Objects None [ udp_socket ]
Source spamassassin
Source Path /usr/bin/perl
Port 32733
Host gold.cdkkt.com
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.3.1-111.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name bind_ports
Host Name gold.cdkkt.com
Platform Linux gold.cdkkt.com 2.6.27.7-53.fc9.i686
#1 SMP
Thu Nov 27 02:29:03 EST 2008 i686 i686
Alert Count 3378
First Seen Mon Dec 22 14:00:08 2008
Last Seen Mon Dec 22 14:00:20 2008
Local ID d55ced24-a79c-4712-9ed3-854874f886e3
Line Numbers
Raw Audit Messages
node=gold.cdkkt.com type=AVC msg=audit(1229983220.80:14243): avc:
denied { name_bind } for pid=6493 comm="spamassassin" src=32733
scontext=system_u:system_r:spamassassin_t:s0
tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
=========================================================
Thanks!
Dan
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
