Re: Fedora 21 running sendmail, selinux preventing spamc write access to a fifo

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

You need to include the AVC messages.


On 01/02/2015 11:17 PM, jtkirk wrote:
> I'm running a Fedora 21 64-bit system, sendmail and spamassassin.
> Upgraded a little over a week ago from Fedora 20.
>
> Don't recall seeing these alerts with Fedora 20.... Only been using
> SELinux in enforcing mode for a couple months now (apologies in
> advance if I'm not providing the relevant details - please let me know
> what else to include). I searched for similar issues but couldn't find
> anything more recent than 2009.
>
> SELinux Alert:
>
> The source process: /usr/bin/spamc
> Attempted this access: write
> On this fifo_file: fifo_file
>
> SETroubleshoot Details Window reports:
>
> SELinux is preventing /usr/bin/spamc from write access on the
> fifo_file fifo_file.
>
> *****  Plugin leaks (86.2 confidence) suggests
> *****************************
>
> If you want to ignore spamc trying to write access the fifo_file
> fifo_file, because you believe it should not need this access.
> Then you should report this as a bug.
> You can generate a local policy module to dontaudit this access.
> Do
> # grep /usr/bin/spamc /var/log/audit/audit.log | audit2allow -D -M mypol
> # semodule -i mypol.pp
>
> *****  Plugin catchall (14.7 confidence) suggests
> **************************
>
> If you believe that spamc should be allowed write access on the
> fifo_file fifo_file by default.
> Then you should report this as a bug.
> You can generate a local policy module to allow this access.
> Do
> allow this access for now by executing:
> # grep spamc /var/log/audit/audit.log | audit2allow -M mypol
> # semodule -i mypol.pp
>
> Additional Information:
> Source Context                system_u:system_r:spamc_t:s0
> Target Context                system_u:system_r:sendmail_t:s0
> Target Objects                fifo_file [ fifo_file ]
> Source                        spamc
> Source Path                   /usr/bin/spamc
> Port                          <Unknown>
> Host                          mail.streetparknyc.com
> Source RPM Packages           spamassassin-3.4.0-12.fc21.x86_64
> Target RPM Packages
> Policy RPM                    selinux-policy-3.13.1-103.fc21.noarch
> Selinux Enabled               True
> Policy Type                   targeted
> Enforcing Mode                Enforcing
> Host Name                     mail.streetparknyc.com
> Platform                      Linux mail.streetparknyc.com
>                               3.17.7-300.fc21.x86_64 #1 SMP Wed Dec 17
> 03:08:44
> -- 
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux