Simon, thanks! I'll test that Monday when I'm back at work. I have to
weed though a few thousand alerts as I learn. :)
Leam
On 03/30/2018 05:18 PM, Simon Sekidde wrote:
Leam,
----- Original Message -----
From: "leam hall" <leamhall@xxxxxxxxx>
To: selinux@xxxxxxxxxxxxxxxxxxxxxxx
Sent: Friday, March 30, 2018 1:08:26 PM
Subject: Newbie asking about first policy file
Good morning!
I'm trying to learn SELinux and reduce the number of alerts that refer
to normal processes. Postfix is one of the biigies, here's what I've
gotten so far. I'd appreciate critique.
This rule should already exist in the current policy to suppress the alerts
dontaudit postfix_domain kernel_t : system module_request ;
Note that the file is hand transcribed, not cut and pasted. It does
compile and install, so typographic errors are mine.
###
module postfix 0.0.1;
require {
type kernel_t;
type postfix_bounce_t;
type postfix_master_t;
type postfix_smtp_t;
}
allow postfix_bounce_t kernel_t:system module_request;
allow postfix_master_t kernel_t;system module_request;
allow postfix_smtp_t kernel_t:system module request;
###
If you are not using IPv6 then make Postfix use IPv4 only by setting the line 'inet_protocols' to ipv4 in /etc/postfix/main.cf
# Enable IPv4, and IPv6 if supported
inet_protocols = all
Thanks!
Leam
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
