Connecting to cyrus via sasl and mysql (pam-mysql.so - plugin)

Roger Grosswiler roger at gwch.net
Sat Jul 30 14:25:54 UTC 2005 

Hi, 

i cannot connect to my cyrus, whilst selinux enabled. Here the snip of
my log:
type=AVC msg=audit(1122733280.281:9657218): avc:  denied  { search } for
pid=28898 comm="imapd" name="saslauthd" dev=dm-0 ino=262199
scontext=root:system_r:cyrus_t
tcontext=system_u:object_r:saslauthd_var_run_t tclass=dir
type=SYSCALL msg=audit(1122733280.281:9657218): arch=40000003
syscall=102 success=no exit=-13 a0=3 a1=bfd2e4b0 a2=dd0228 a3=bfd2e513
items=1 pid=28898 auid=0 uid=76 gid=12 euid=76 suid=76 fsuid=76 egid=12
sgid=12 fsgid=12 comm="imapd" exe="/usr/lib/cyrus-imapd/imapd"
type=SOCKADDR msg=audit(1122733280.281:9657218):
saddr=01002F7661722F72756E2F7361736C61757468642F6D75780000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
type=SOCKETCALL msg=audit(1122733280.281:9657218): nargs=3 a0=b
a1=bfd308fa a2=6e
type=PATH msg=audit(1122733280.281:9657218): item=0 flags=1
inode=262199 dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1122733284.635:9659874): avc:  denied  { search } for
pid=28898 comm="imapd" name="saslauthd" dev=dm-0 ino=262199
scontext=root:system_r:cyrus_t
tcontext=system_u:object_r:saslauthd_var_run_t tclass=dir
type=SYSCALL msg=audit(1122733284.635:9659874): arch=40000003
syscall=102 success=no exit=-13 a0=3 a1=bfd2e4b0 a2=dd0228 a3=bfd2e513
items=1 pid=28898 auid=0 uid=76 gid=12 euid=76 suid=76 fsuid=76 egid=12
sgid=12 fsgid=12 comm="imapd" exe="/usr/lib/cyrus-imapd/imapd"
type=SOCKADDR msg=audit(1122733284.635:9659874):
saddr=01002F7661722F72756E2F7361736C61757468642F6D75780000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
type=SOCKETCALL msg=audit(1122733284.635:9659874): nargs=3 a0=b
a1=bfd308fa a2=6e
type=PATH msg=audit(1122733284.635:9659874): item=0 flags=1
inode=262199 dev=fd:00 mode=040755 ouid=0 ogid=0 rdev=00:00


...if selinux is in permissive mode, i can connect without any problem.
cyrus is set to disabled btw.

Roger

More information about the fedora-list mailing list