Paul,
Quoting Paul Howarth <paul@xxxxxxxxxxxx>:
[snip]
> Do your milters exec other programs? There are a couple of sockets
I don't think so, but I don't know. I'm using clamav-milter,
spamass-milter, and milter-sender. I'm pretty sure that the
latter doesn't fork/exec. I don't know about clamav or spamass.
spamass-milter forks and execs sendmail to deliver spam if you use the
"-b" option - that's how I discovered the problem.
Thanks. But I'm not using the -b option. It's run with:
-p /path/to/sock -P /path/to/pid -m -r 5 -i ...
The audit log entries you posted suggest that mailman inherited a
socket descriptor from sendmail.
I believe that.. Yet it doesn't look like it actually stopped anything
from happening.. The mail seemed to flow okay. But it would be
nice to fix this. I don't like getting audit warnings. Maybe sendmail
is leaking fds as you suggest? Should I file a bug with fedora
about this?
[snip]
Okay, how would I do that?
You'll need to create a local policy module. I'd do it this way:
[instructions snipped]
Thanks, Paul. I'll consider doing this.
Is there any easy way to figure out what's connected to the sockets
that it's complaining about? I certainly can't find anything via
lsof or netstat -a. Most likely because the sockets get closed
before I see the audit message and try to track it down.
Cheers, Paul.
And to you! Thanks.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@xxxxxxx PGP key available
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
