-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/06/2013 12:55 PM, Cristian Sava wrote: >>> Anyways Crhitian, I have added the allow rules to the base policy to >>> allow this. You can do this for now by executing >>> >>> # grep courier /var/log/audit/audit.log | audit2allow -M mycourier # >>> semodule -i mycourier.pp > > Well, I tested as you advised but is much more to do. > > I did for courier-amavis-postfix: # grep courier /var/log/audit/audit.log | > audit2allow -M mycourier # semodule -i mycourier.pp > > and also > > # grep /usr/sbin/amavi /var/log/audit/audit.log | audit2allow -M myamavis # > semodule -i myamavis.pp # grep virtual /var/log/audit/audit.log | > audit2allow -M myvirtual # semodule -i myvirtual.pp > > And now the mail server is working. But I use (as many others) fail2ban and > this is not working until we do: > > # grep pidof /var/log/audit/audit.log | audit2allow -M mypidof # semodule > -i mypidof.pp > > Now, with such/these modules in place, many tutorials from > www.howtoforge.com are working with selinux enabled and many people are > happy and fedora's users base is growing. The problem is that not many > users want or can to debug and solve such things. It's simple but not for > them. That's why I ask on this list to relax a little bit the rules and > accept some little changes to default and let people use their desired > software. Sometimes a very simple option can make miracles. > > And now a very very good thing: Fedora 19 seems to me a rock solid > distribution! Congrats to all of you! > > Cristian Sava > > Please send me the te files that you created, or the original avc messages. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGwv5wACgkQrlYvE4MpobPeAACeIUp96M4cb0ROHw9lRXUCo/2+ giMAoND0Q42AAN8iaJcu11ENCqouWBDs =Nspx -----END PGP SIGNATURE----- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
