SELinux and spamass-milter
Paul Howarth
paul at city-fan.org
Mon Jul 24 07:20:14 UTC 2006
On Mon, 2006-07-24 at 09:06 +0700, Lutfi wrote:
> It's like SELinux problem here. Cannot handle spamass-milter form Fedora
> Extras. Any help?
> Here log maillog n audit.log
>
> ==== /var/log/maillog
> Jul 24 08:58:31 beta spamd[2358]: spamd: connection from beta.rg.co.id
> [127.0.0.1] at port 39319
> Jul 24 08:58:31 beta spamd[2358]: spamd: setuid to mail succeeded
> Jul 24 08:58:31 beta spamd[2358]: spamd: creating default_prefs:
> /var/spool/mail/.spamassassin/user_prefs
> Jul 24 08:58:31 beta spamd[2358]: mkdir
> /var/run/spamass-milter/.spamassassin: Permission denied at
> /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm line 1486
> Jul 24 08:58:31 beta spamd[2358]: config: cannot write to
> /var/spool/mail/.spamassassin/user_prefs: Permission denied
> Jul 24 08:58:31 beta spamd[2358]: spamd: failed to create readable
> default_prefs: /var/spool/mail/.spamassassin/user_prefs
> Jul 24 08:58:31 beta spamd[2358]: spamd: processing message
> <008b01c6ad38$52a114e0$c000a8c0 at rbrana.co.id> for mail:8
> Jul 24 08:58:36 beta spamd[2358]: locker: safe_lock: cannot create tmp
> lockfile
> /var/spool/mail/.spamassassin/auto-whitelist.lock.beta.rg.co.id.2358 for
> /var/spool/mail/.spamassassin/auto-whitelist.lock: Permission denied
> Jul 24 08:58:36 beta spamd[2358]: auto-whitelist: open of auto-whitelist
> file failed: locker: safe_lock: cannot create tmp lockfile
> /var/spool/mail/.spamassassin/auto-whitelist.lock.beta.rg.co.id.2358 for
> /var/spool/mail/.spamassassin/auto-whitelist.lock: Permission denied
> Jul 24 08:58:36 beta spamd[2358]: bayes: locker: safe_lock: cannot
> create tmp lockfile
> /var/spool/mail/.spamassassin/bayes.lock.beta.rg.co.id.2358 for
> /var/spool/mail/.spamassassin/bayes.lock: Permission denied
> Jul 24 08:58:36 beta spamd[2358]: spamd: clean message (-0.6/5.0) for
> mail:8 in 4.7 seconds, 21826 bytes.
> Jul 24 08:58:36 beta spamd[2358]: spamd: result: . 0 -
> ADVANCE_FEE_1,ALL_TRUSTED,HTML_MESSAGE,INFO_TLD
> scantime=4.7,size=21826,user=mail,uid=8,required_score=5.0,rhost=beta.rg.co.id,raddr=127.0.0.1,rport=39319,mid=<008b01c6ad38$52a114e0$c000a8c0 at rbrana.co.id>,autolearn=failed
> Jul 24 08:59:55 beta spamd[2358]: spamd: connection from beta.rg.co.id
> [127.0.0.1] at port 39352
> Jul 24 08:59:55 beta spamd[2358]: spamd: setuid to mail succeeded
> Jul 24 08:59:55 beta spamd[2358]: spamd: creating default_prefs:
> /var/spool/mail/.spamassassin/user_prefs
> Jul 24 08:59:55 beta spamd[2358]: config: cannot write to
> /var/spool/mail/.spamassassin/user_prefs: Permission denied
> Jul 24 08:59:55 beta spamd[2358]: spamd: failed to create readable
> default_prefs: /var/spool/mail/.spamassassin/user_prefs
> Jul 24 08:59:55 beta spamd[2358]: spamd: processing message
> <200607220320.k6M3JtH9002594 at sigma.rbrana.co.id> for mail:8
> Jul 24 09:00:00 beta spamd[2358]: locker: safe_lock: cannot create tmp
> lockfile
> /var/spool/mail/.spamassassin/auto-whitelist.lock.beta.rg.co.id.2358 for
> /var/spool/mail/.spamassassin/auto-whitelist.lock: Permission denied
> Jul 24 09:00:00 beta spamd[2358]: auto-whitelist: open of auto-whitelist
> file failed: locker: safe_lock: cannot create tmp lockfile
> /var/spool/mail/.spamassassin/auto-whitelist.lock.beta.rg.co.id.2358 for
> /var/spool/mail/.spamassassin/auto-whitelist.lock: Permission denied
> Jul 24 09:00:00 beta spamd[2358]: bayes: locker: safe_lock: cannot
> create tmp lockfile
> /var/spool/mail/.spamassassin/bayes.lock.beta.rg.co.id.2358 for
> /var/spool/mail/.spamassassin/bayes.lock: Permission denied
> Jul 24 09:00:00 beta spamd[2358]: spamd: clean message (-0.6/5.0) for
> mail:8 in 4.9 seconds, 40771 bytes.
> Jul 24 09:00:00 beta spamd[2358]: spamd: result: . 0 -
> ADVANCE_FEE_1,ALL_TRUSTED,HTML_MESSAGE,INFO_TLD
> scantime=4.9,size=40771,user=mail,uid=8,required_score=5.0,rhost=beta.rg.co.id,raddr=127.0.0.1,rport=39352,mid=<200607220320.k6M3JtH9002594 at sigma.rbrana.co.id>,autolearn=failed
I think that this is a spamassassin problem rather than a spamass-milter
problem.
Try having spamassassin write user preferences/bayes data
to /var/spool/spamassassin instead of /var/spool/mail/.spamassassin.
You may need to create /var/spool/spamassassin and run:
# restorecon /var/spool/spamassassin
I'm not sure what the exact configuration setting you need to adjust is;
possibly add this to SPAMDOPTIONS in /etc/sysconfig/spamassassin:
--virtual-config-dir=/var/spool/spamassassin
You'd need to restart spamassassin for that to take effect.
Paul.
More information about the fedora-selinux-list
mailing list