|
On 12/23/2014 09:44 PM, Stephen Ingram
wrote:
I'm using Fedora 20 and CentOS 7 and have tried
several places to place keytab files for Postfix. Each time I'm
getting a denied message:
type=AVC msg=audit(1419366895.530:491753): avc: denied
{ search } for pid=28412 comm="lmtp" name="postfix"
dev="xvda1" ino=1223493
scontext=system_u:system_r:postfix_smtp_t:s0
tcontext=system_u:object_r:postfix_data_t:s0 tclass=dir
type=SYSCALL msg=audit(1419366895.530:491753):
arch=c000003e syscall=4 success=no exit=-13 a0=7f347b8377f0
a1=7fffa6f23670 a2=7fffa6f23670 a3=7fffa6f23540 items=0
ppid=28406 pid=28412 auid=4294967295 uid=89 gid=89 euid=89
suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none)
ses=4294967295 comm="lmtp" exe="/usr/libexec/postfix/lmtp"
subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
I see on the postfix_selinux man page that there is a
postfix_keytab_t type, however, even if I use this, postfix is
not able to read the credential file. Has anyone gotten this
to work?
Steve
What AVC do you get with the default setup?
We will need to add additional rules.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
|
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
