Problem with SELinux and Postfix (sending from Python scripts)

Jeff Coffler jeff-list-fedora at
Tue Apr 25 17:56:31 UTC 2006

>> Is this an SELinux policy problem?  How can I go about fixing this?  I'd 
>> prefer to run with SELinux enabled ...
> # grep postfix_spool /var/log/message | audit2allow -M postfixpickup
> # semodule -i postfixpickup.pp
> Will fix it for now.
> I will update policy to allow searching of this directory

Hmm, this didn't work ...

[root jeff]# grep postfix_spool /var/log/messages | audit2allow -M 
Generating type enforcment file: postfixpickup.te
Compiling policy
checkmodule -M -m -o postfixpickup.mod postfixpickup.te
semodule_package -o postfixpickup.pp -m postfixpickup.mod

******************** IMPORTANT ***********************

In order to load this newly created policy package into the kernel,
you are required to execute

semodule -i postfixpickup.pp

[root jeff]# semodule -i postfixpickup.pp
slimserver homedir /usr/local/slimserver or its parent directory conflicts 
with a
defined context in /etc/selinux/targeted/contexts/files/file_contexts,
/usr/sbin/genhomedircon will not create a new context.
[root jeff]# grep -i slim /etc/selinux/targeted/contexts/files/file_contexts
[root jeff]#

I'm not sure why it's complaining about slimserver since there's no "slim" 
in that file.  I could deinstall that to do the semodule command, then 
reinstall.  Or I could wait until you guys push out the next SELinux policy, 
then enable SELinux.



    -- Jeff 

More information about the fedora-selinux-list mailing list