F9: sendmail AVC complaint

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




I got this AVC complaint fairly recently so please
let me know how to fix this one thanks!

File: /var/log/messages
=================================================
setroubleshoot: SELinux is preventing sendmail (system_mail_t) "read" to /var/log/messages (var_log_t). For complete SELinux messages. run sealert -l 5672ff6c-ad2c-4d3b-aa2b-4c53178ed5f2


$ sealert -l 5672ff6c-ad2c-4d3b-aa2b-4c53178ed5f2
=================================================
Summary:

SELinux is preventing sendmail (system_mail_t) "read" to /var/log/messages
(var_log_t).

Detailed Description:

SELinux denied access requested by sendmail. It is not expected that this access is required by sendmail and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /var/log/messages,

restorecon -v '/var/log/messages'

If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:system_mail_t:s0-s0:c0.c1023
Target Context                system_u:object_r:var_log_t:s0
Target Objects                /var/log/messages [ file ]
Source                        sendmail
Source Path                   /usr/sbin/sendmail.sendmail
Port                          <Unknown>
Host                          mysystem.mydomain.com
Source RPM Packages           sendmail-8.14.2-4.fc9
Target RPM Packages Policy RPM selinux-policy-3.3.1-135.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall_file
Host Name                     mysystem.mydomain.com
Platform Linux mysystem.mydomain.com 2.6.27.25-78.2.56.fc9.i686 #1
                             SMP Thu Jun 18 12:47:50 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Mon Aug 10 04:47:23 2009
Last Seen                     Mon Aug 10 04:47:23 2009
Local ID                      5672ff6c-ad2c-4d3b-aa2b-4c53178ed5f2
Line Numbers Raw Audit Messages node=mysystem.mydomain.com type=AVC msg=audit(1249904843.352:37350): avc: denied { read } for pid=16757 comm="sendmail" path="/var/log/messages" dev=sda6 ino=86361 scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=file

node=mysystem.mydomain.com type=AVC msg=audit(1249904843.352:37350): avc: denied { read } for pid=16757 comm="sendmail" path="/var/log/secure" dev=sda6 ino=86369 scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=file

node=mysystem.mydomain.com type=AVC msg=audit(1249904843.352:37350): avc: denied { read } for pid=16757 comm="sendmail" path="/var/log/maillog" dev=sda6 ino=4956165 scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=file

node=mysystem.mydomain.com type=SYSCALL msg=audit(1249904843.352:37350): arch=40000003 syscall=11 success=yes exit=0 a0=8f4e3d0 a1=8f4e458 a2=8f4da48 a3=0 items=0 ppid=16704 pid=16757 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=51 sgid=51 fsgid=51 tty=(none) ses=6305 comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 key=(null)

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux