Postfix and SELinux
Rudi Chiarito
nutello at sweetness.com
Mon Mar 29 23:42:59 UTC 2004
I successfully - or so it seems - convinced a box to work in enforcing
mode, but as of today I still see these error messages whenever postfix
is started:
Mar 29 17:33:35 pizza kernel: audit(1080603215.577:0): avc: denied {
write } for pid=5102 exe=/usr/sbin/postalias name=aliases.db dev=sda3
ino=245461 scontext=root:system_r:postfix_master_t
tcontext=system_u:object_r:postfix_etc_t tclass=file
Mar 29 17:33:36 pizza kernel: audit(1080603216.592:0): avc: denied {
search } for pid=5103 exe=/bin/bash dev= ino=1
scontext=root:system_r:postfix_master_t
tcontext=system_u:object_r:devpts_t tclass=dir
Mar 29 17:33:36 pizza kernel: audit(1080603216.597:0): avc: denied {
execute } for pid=5104 exe=/bin/bash name=master dev=sda3 ino=1407396
scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:lib_t
tclass=file
Does this ring a bell? As far as I can tell, all contexts are properly
set. To play safe, I even removed and reinstalled the postfix RPM. The
system has all the latest Raw Hide packages.
Rudi
More information about the fedora-selinux-list
mailing list