sendmail.postfix avc denied problem

Daniel J Walsh dwalsh at redhat.com
Fri Dec 3 13:40:20 UTC 2004


Edy Corak wrote:

> Daniel J Walsh wrote:
>
>> Edy Corak wrote:
>>
>>> Helo List,
>>>
>>> i have a problem sending mail from php script.
>>>
>>> audit(1101900916.389:0): avc:  denied  { getattr } for  pid=18363 
>>> exe=/bin/bash path=/usr/sbin/sendmail.postfix dev=md0 ino=7518272 
>>> scontext=root:system_r:httpd_sys_script_t 
>>> tcontext=system_u:object_r:sbin_t tclass=file
>>>
>>> Everything other works very good with SELinux.
>>>
>>> System FC3 Postfix, SELinux enforcing, targeted.
>>>
>>> Thank you for any help.
>>>
>> Update to the latest policy, should fix this problem.
>>
>> Dan
>>
>> -- 
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>
> Thank you very much for your prompt answer.
>
> I have updated the policy-targeted to 1.17.30-2.39 but it's the same 
> problem, no chance to send mail from php script.
>
> audit(1102024220.525:0): avc:  denied  { getattr } for  pid=8178 
> exe=/bin/bash path=/usr/sbin/sendmail.postfix dev=md0 ino=7513871 
> scontext=root:system_r:httpd_sys_script_t 
> tcontext=system_u:object_r:sbin_t tclass=file
>
> I look at the policy-targeted-source under file_contexts in postfix.fc 
> there is
> sendmail.postfix labeled as /usr/sbin/sendmail.postfix -- 
> system_u:object_r:sendmail_exec_t
>
> and under /usr/sbin as system_u:object_r:sbin_t         sendmail.postfix
>
> rpm -q -l postfix | restorecon -R -v -f - changes to
> system_u:object_r:sbin_t         sendmail.postfix
>
> which of them is correct ?
>
> Sorry for my bad reply before, next time i start i will right click to 
> new.
>
> Thank you very much
>
> Edy
>
>
Ok I see the problem.  It will be fixed in 
selinux-policy-targeted-1.17.30-2.41
It is already fixed in rawhide (selinux-policy-targeted-1.19.8-1)




More information about the fedora-selinux-list mailing list