So just where is procmail_t allowed to write/create/rename etc?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Actually, let me ask that another way.  How should I go about finding
the contexts where procmail_t is allowed to create/delete/rename files?
I'm getting a flood of AVCs like the ones below and need to figure out
an appropriate context for some directories that, FWIW, are deep down
under /srv.


node=omega-3x.local type=AVC msg=audit(1267778517.644:30180): avc:  denied  { 
write } for  pid=3017 comm="decode64" name="Received-0305" dev=sda8 ino=7442469 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=dir

node=omega-3x.local type=AVC msg=audit(1267778517.644:30180): avc:  denied  { 
add_name } for  pid=3017 comm="decode64" name="jARhqK" 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=dir

node=omega-3x.local type=AVC msg=audit(1267778517.644:30180): avc:  denied  { 
create } for  pid=3017 comm="decode64" name="jARhqK" 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=file

node=omega-3x.local type=AVC msg=audit(1267778517.644:30180): avc:  denied  { 
read write open } for  pid=3017 comm="decode64" name="jARhqK" dev=sda8 
ino=5347353 scontext=system_u:system_r:procmail_t:s0 
tcontext=system_u:object_r:var_t:s0 tclass=file

node=omega-3x.local type=AVC msg=audit(1267778517.645:30181): avc:  denied  { 
setattr } for  pid=3017 comm="decode64" name="jARhqK" dev=sda8 ino=5347353 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=file

node=omega-3x.local type=AVC msg=audit(1267778517.725:30183): avc:  denied  { 
link } for  pid=3017 comm="decode64" name="jARhqK" dev=sda8 ino=5347353 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=file

node=omega-3x.local type=AVC msg=audit(1267778517.726:30184): avc:  denied  { 
remove_name } for  pid=3017 comm="decode64" name="jARhqK" dev=sda8 ino=5347353 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=dir

node=omega-3x.local type=AVC msg=audit(1267778517.726:30184): avc:  denied  { 
unlink } for  pid=3017 comm="decode64" name="jARhqK" dev=sda8 ino=5347353 
scontext=system_u:system_r:procmail_t:s0 tcontext=system_u:object_r:var_t:s0 
tclass=file

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux