-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Derek Atkins wrote: > Paul, > > Quoting Paul Howarth <paul@xxxxxxxxxxxx>: > >>> [snip] >>> > Do your milters exec other programs? There are a couple of sockets >>> >>> I don't think so, but I don't know. I'm using clamav-milter, >>> spamass-milter, and milter-sender. I'm pretty sure that the >>> latter doesn't fork/exec. I don't know about clamav or spamass. >> >> spamass-milter forks and execs sendmail to deliver spam if you use the >> "-b" option - that's how I discovered the problem. > > Thanks. But I'm not using the -b option. It's run with: > > -p /path/to/sock -P /path/to/pid -m -r 5 -i ... > >> The audit log entries you posted suggest that mailman inherited a >> socket descriptor from sendmail. > > I believe that.. Yet it doesn't look like it actually stopped anything > from happening.. The mail seemed to flow okay. But it would be > nice to fix this. I don't like getting audit warnings. Maybe sendmail > is leaking fds as you suggest? Should I file a bug with fedora > about this? > > [snip] >>> Okay, how would I do that? >> >> You'll need to create a local policy module. I'd do it this way: >> > [instructions snipped] > > Thanks, Paul. I'll consider doing this. > > Is there any easy way to figure out what's connected to the sockets > that it's complaining about? I certainly can't find anything via > lsof or netstat -a. Most likely because the sockets get closed > before I see the audit message and try to track it down. > >> Cheers, Paul. > > And to you! Thanks. > > -derek > Yes any leaked file descriptors should be reported. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmRjLMACgkQrlYvE4MpobNzTACfZEluAaWq3Z0KXxyqAVXfQImz /ZsAoLoGlwB/Sh1iWq8J3tAg+ReW2YhR =wuve -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
