SELinux doesn't know about spamassassin and sendmail
G.Wolfe Woodbury
ggw at wolves.durham.nc.us
Tue Feb 17 23:11:55 UTC 2009
Paul Howarth wrote:
> G.Wolfe Woodbury wrote:
>> SELinux is constantly complaining that the spamassassin daemon (spamc)
>> doesn't have permissions to do various things to sendmail (read write,
>> getattr, etc...)
>>
>> This is the main reason that I have been ignoring SELinux and running
>> in permissive mode. It's probably about time to complain and ask
>> someone to fix it since I've not got the ability to do so.
>
> Might this be https://bugzilla.redhat.com/show_bug.cgi?id=485426 ?
> If so, have you tried switching to enforcing mode and testing if it
> still actually works despite the denials?
No, that section of the sendmail seems to behave in terms of file
descriptors, but is being denied by SELinux/kernel in other places.
I just doesn't work at all in enforcing mode.
> How are you using spamassassin with sendmail - spamass-milter?
No, the other method of having a spamc process filtering it from the
user's .procmailrc so that each user can opt-in/opt-out of spam
detection on their own.
>> I apologize if this is the wrong list.
>
> fedora-selinux-list would probably be a better place.
I'll have to join another list then.
More information about the fedora-devel-list
mailing list