postfix, procmail and SELinux - No Go
Marc Schwartz (via MN)
mschwartz at mn.rr.com
Fri Jul 21 16:57:23 UTC 2006
Well, after a couple of days and several re-boots, the following is the
only avc so far:
type=AVC msg=audit(1153435170.422:48): avc: denied { search } for pid=15586 comm="clamscan" name="marcs" dev=dm-0 ino=425153 scontext=system_u:system_r:clamscan_t:s0 tcontext=user_u:object_r:user_home_dir_t:s0 tclass=dir
type=SYSCALL msg=audit(1153435170.422:48): arch=40000003 syscall=10 success=no exit=-13 a0=9730020 a1=1 a2=448ce93c a3=972f7e0 items=1 pid=15586 auid=4294967295 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0
type=CWD msg=audit(1153435170.422:48): cwd="/home/marcs"
type=PATH msg=audit(1153435170.422:48): item=0 name="tnef" parent=58512 dev=fd:02 mode=0100600 ouid=500 ogid=500 rdev=00:00 obj=system_u:object_r:clamscan_tmp_t:s0
I am running in Enforcing mode.
Current policies:
selinux-policy-2.3.2-1.fc5
selinux-policy-targeted-2.3.2-1.fc5
amavis 1.0.5
clamav 1.0.4
dcc 1.0.1
myclamav 0.1.5
mydcc 0.1.9
mypostfix 0.1.1
mypyzor 0.2.3
myspamassassin 0.1.5
procmail 0.5.4
pyzor 1.0.4
razor 1.0.1
Regards,
Marc
More information about the fedora-selinux-list
mailing list