squirrelmail / postfix mail lost policy 1.17.30-2.80

Jeremy Ardley jeremy at ardley.org
Thu Feb 24 19:39:43 UTC 2005 

Daniel J Walsh wrote:

> Jeremy Ardley wrote:
>
>> When I check the messages log I see the following avc entries
>>
>> Feb 24 17:14:46 mail kernel: audit(1109236486.039:0): avc:  denied  { 
>> read append } for  pid=7589 exe=/bin/bash 
>> path=/var/lib/squirrelmail/prefs/jeremy.abook dev=dm-0 ino=6438914 
>> scontext=user_u:system_r:httpd_sys_script_t t 
>> context=root:object_r:httpd_var_lib_t tclass=file
>> Feb 24 17:14:46 mail kernel: audit(1109236486.128:0): avc:  denied  { 
>> create } for  pid=7589 exe=/usr/sbin/sendmail.postfix 
>> scontext=user_u:system_r:httpd_sys_script_t 
>> tcontext=user_u:system_r:httpd_sys_script_t tclass=unix_ dgram_socket
>> Feb 24 17:14:46 mail kernel: audit(1109236486.136:0): avc:  denied  { 
>> search } for  pid=7589 exe=/usr/sbin/sendmail.postfix name=spool 
>> dev=dm-0 ino=4030501 scontext=user_u:system_r:httpd_sys_script_t 
>> tcontext=system_u:object _r:var_spool_t tclass=dir
>> Feb 24 17:14:46 mail kernel: audit(1109236486.137:0): avc:  denied  { 
>> create } for  pid=7589 exe=/usr/sbin/sendmail.postfix 
>> scontext=user_u:system_r:httpd_sys_script_t 
>> tcontext=user_u:system_r:httpd_sys_script_t tclass=unix_ dgram_socket
>>
>> I have seen previous correspondence regarding similar faults but 
>> nothing I have tried has improved things. Is there a definitive fix I 
>> can apply?
>
>
> restorecon -R -v /usr/lib/squirrelmail /usr/sbin/sendmail.postfix 
> /var/spool
>
> Should help.
>
I had to change the command to

restorecon -R -v /var/lib/squirrelmail /usr/sbin/sendmail.postfix 
/var/spool

However I still get errors - though different ones - and the mail is 
still dropped

Feb 25 03:30:47 mail kernel: audit(1109273447.864:0): avc:  denied  { 
create } for  pid=8704 exe=/usr/sbin/sendmail.postfix 
scontext=user_u:system_r:httpd_sys_script_t 
tcontext=user_u:system_r:httpd_sys_script_t tclass=unix_dgram_socket
Feb 25 03:30:47 mail kernel: audit(1109273447.878:0): avc:  denied  { 
search } for  pid=8704 exe=/usr/sbin/sendmail.postfix name=spool 
dev=dm-0 ino=4030501 scontext=user_u:system_r:httpd_sys_script_t 
tcontext=system_u:object_r:var_spool_t tclass=dir
Feb 25 03:30:47 mail kernel: audit(1109273447.880:0): avc:  denied  { 
create } for  pid=8704 exe=/usr/sbin/sendmail.postfix 
scontext=user_u:system_r:httpd_sys_script_t 
tcontext=user_u:system_r:httpd_sys_script_t tclass=unix_dgram_socket

More information about the fedora-selinux-list mailing list