squirrelmail / postfix mail lost policy 1.17.30-2.80

Daniel J Walsh dwalsh at redhat.com
Fri Feb 25 16:46:50 UTC 2005 

Jeremy Ardley wrote:

> Daniel J Walsh wrote:
>
>> Jeremy Ardley wrote:
>>
>>> Daniel J Walsh wrote:
>>>
>>>> Could you try the selinux-policy-targeted-1.17.30-2.84 on
>>>> ftp://people.redhat.com/dwalsh/SELinux/FC3
>>>>
>>> The latest copy there is selinux-policy-targeted-1.17.30-2.81
>>>
>>> Should I try this ?
>>>
>> I see 84.
>>
> So do I now that I hit refresh on my browser.
>
> Installed using rpm -Uvh selinux-policy-targeted-1.17.30-2.84.noarch.rpm
>
> Then I ran  restorecon -R -v /var/lib/squirrelmail 
> /usr/sbin/sendmail.postfix /var/spool
>
> And got
>
> Feb 25 04:56:27 mail kernel: audit(1109278587.831:0): avc:  denied  { 
> append } for  pid=9795 exe=/usr/sbin/sendmail.postfix 
> path=/var/log/httpd/error_log dev=dm-0 ino=4033974 
> scontext=user_u:system_r:system_mail_t 
> tcontext=root:object_r:httpd_runtime_t tclass=file
> Feb 25 04:56:27 mail kernel: audit(1109278587.832:0): avc:  denied  { 
> append } for  pid=9795 exe=/usr/sbin/sendmail.postfix 
> path=/var/log/httpd/error_log dev=dm-0 ino=4033974 
> scontext=user_u:system_r:system_mail_t 
> tcontext=root:object_r:httpd_runtime_t tclass=file
> Feb 25 04:56:27 mail kernel: audit(1109278587.832:0): avc:  denied  { 
> append } for  pid=9795 exe=/usr/sbin/sendmail.postfix 
> path=/var/log/httpd/ssl_error_log dev=dm-0 ino=4033975 
> scontext=user_u:system_r:system_mail_t 
> tcontext=root:object_r:httpd_runtime_t tclass=file
> Feb 25 04:56:27 mail kernel: audit(1109278587.832:0): avc:  denied  { 
> append } for  pid=9795 exe=/usr/sbin/sendmail.postfix 
> path=/var/log/httpd/access_log dev=dm-0 ino=4032679 
> scontext=user_u:system_r:system_mail_t 
> tcontext=root:object_r:httpd_runtime_t tclass=file
> Feb 25 04:56:27 mail kernel: audit(1109278587.832:0): avc:  denied  { 
> append } for  pid=9795 exe=/usr/sbin/sendmail.postfix 
> path=/var/log/httpd/ssl_access_log dev=dm-0 ino=3784723 
> scontext=user_u:system_r:system_mail_t 
> tcontext=root:object_r:httpd_runtime_t tclass=file
> Feb 25 04:56:27 mail kernel: audit(1109278587.832:0): avc:  denied  { 
> append } for  pid=9795 exe=/usr/sbin/sendmail.postfix 
> path=/var/log/httpd/ssl_request_log dev=dm-0 ino=3784724 
> scontext=user_u:system_r:system_mail_t 
> tcontext=root:object_r:httpd_runtime_t tclass=file
> Feb 25 04:56:27 mail kernel: audit(1109278587.856:0): avc:  denied  { 
> search } for  pid=9795 exe=/usr/sbin/sendmail.postfix name=postfix 
> dev=dm-0 ino=4032524 scontext=user_u:system_r:system_mail_t 
> tcontext=system_u:object_r:mail_spool_t tclass=dir
>
> On a hunch I ran restorecon -R -v /var/log
>
> and then got
>
> Feb 25 05:01:08 mail kernel: audit(1109278868.985:0): avc:  denied  { 
> search } for  pid=9813 exe=/usr/sbin/sendmail.postfix name=postfix 
> dev=dm-0 ino=4032524 scontext=user_u:system_r:system_mail_t 
> tcontext=system_u:object_r:mail_spool_t tclass=dir
>
Could you run one more test. 

Run setenforce 0
and then try to use the mail program.  What other AVC messages do you see?

> -- 
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list

More information about the fedora-selinux-list mailing list