I am using selinux-policy-targeted-3.5.13-71.fc10.noarch on Fedora 10.
I am getting these AVCs. They do not seem to inhibit functionality but
still troublesome to get the selinux alerts all the time. Are these
bugs in the policy or something that will not be addressed and I need
to generate local policy?
1) SELinux is preventing postdrop (postfix_postdrop_t)
"getattr" httpd_t.
Raw Audit Messages :
node=elijah.suretrak21.net type=AVC msg=audit(1253716264.867:65886):
avc: denied { getattr } for pid=30094 comm="postdrop"
path="pipe:[2618550]" dev=pipefs ino=2618550
scontext=system_u:system_r:postfix_postdrop_t:s0
tcontext=system_u:system_r:httpd_t:s0 tclass=fifo_file
node=elijah.suretrak21.net type=SYSCALL
msg=audit(1253716264.867:65886): arch=40000003 syscall=197 success=no
exit=-13 a0=2 a1=bfc167c8 a2=94eff4 a3=2 items=0 ppid=30093 pid=30094
auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=90 sgid=90
fsgid=90 tty=(none) ses=4294967295 comm="postdrop"
exe="/usr/sbin/postdrop" subj=system_u:system_r:postfix_postdrop_t:s0
key=(null)
2) SELinux is preventing sendmail (system_mail_t) "read" to
/usr/share/GeoIP/GeoIP.dat (usr_t).
Raw Audit Messages :
node=elijah.suretrak21.net type=AVC msg=audit(1253643380.763:60806):
avc: denied { read } for pid=1311 comm="sendmail"
path="/usr/share/GeoIP/GeoIP.dat" dev=dm-0 ino=663651
scontext=system_u:system_r:system_mail_t:s0
tcontext=system_u:object_r:usr_t:s0 tclass=file
node=elijah.suretrak21.net type=SYSCALL
msg=audit(1253643380.763:60806): arch=40000003 syscall=11 success=yes
exit=0 a0=9ad05d0 a1=9acfd18 a2=9acfb08 a3=0 items=0 ppid=14784
pid=1311 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48
sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="sendmail"
exe="/usr/sbin/sendmail.postfix"
subj=system_u:system_r:system_mail_t:s0 key=(null)
Regards,
John Griffiths
|
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list