SELinux won't let dovecot connect to postgresql
Justin P. Mattock
justinmattock at gmail.com
Mon Nov 30 02:30:48 UTC 2009
On 11/29/09 17:46, Roland Roberts wrote:
> On 11/29/2009 05:18 AM, Justin P. Mattock wrote:
>> In my case I normaly just do:
>> audit2allow -d > to_the_allow_rules
>> audit2allow -i /var/log/*(and the rest of
>> the log messages havng any left over avc's
>> to define into the policy);
>
> Guys, you're driving me crazy :-/ I can't *find* a log entry to fix.
> There's nothing where it's supposed to be. So...if you agree that that
> looks like a bug, I'll just go on and file a bug. Otherwise I'm really
> stuck.
>
> roland
>
What you might try is
in the source tree of the policy
(/usr/share/selinux/*)
do a
make clean
make enableaudit
make policy
make install
make load(reboot)
then you should be able to see some
avc's in /var/log/messages,audit.log.
keep in mind if this is the targeted policy
you might have to download the source for that policy
then(depending on binary/monolithic) build
your module for that policy(semodule) once you've
collected the extra dontaudit avc's(/var/log/*) that's probably
preventing you from going further.
Justin P. Mattock
More information about the fedora-selinux-list
mailing list