On 9/1/2015 01:35, Miroslav Grepl wrote:
It will be a library call and it would require more debugging. Basically
I would also try to run it in permissive mode
# semanage permissive -a spamc_t
to see if you can get more AVCs.
Thanks for the reply. I did as you directed and got a new AVC in
addition to the one I identified previously:
SELinux is preventing pyzor from open access on the file
/var/lib/rpm/Packages.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that pyzor should be allowed open access on the Packages
file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep pyzor /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:spamc_t:s0
Target Context system_u:object_r:rpm_var_lib_t:s0
Target Objects /var/lib/rpm/Packages [ file ]
Source pyzor
Source Path pyzor
Port <Unknown>
Host impact-crater.com
Source RPM Packages
Target RPM Packages rpm-4.12.0.1-7.fc21.x86_64
Policy RPM selinux-policy-3.13.1-105.20.fc21.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name impact-crater.com
Platform Linux impact-crater.com
4.1.5-100.fc21.x86_64 #1
SMP Tue Aug 11 00:24:23 UTC 2015 x86_64
x86_64
Alert Count 1
First Seen 2015-09-01 09:01:22 EDT
Last Seen 2015-09-01 09:01:22 EDT
Local ID cd8cd6d0-38a1-40df-b4ea-34ab2020625a
Raw Audit Messages
type=AVC msg=audit(1441112482.875:16788): avc: denied { open } for
pid=22386 comm="pyzor" path="/var/lib/rpm/Packages" dev="dm-1"
ino=2103007 scontext=system_u:system_r:spamc_t:s0
tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file permissive=1
Hash: pyzor,spamc_t,rpm_var_lib_t,file,open
I will continue to monitor the logs to see if anything else occurs.
Tom
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
