postfix, procmail and SELinux - No Go

Marc Schwartz (via MN) mschwartz at mn.rr.com
Wed Jun 28 21:38:02 UTC 2006


On Wed, 2006-06-28 at 22:23 +0100, Paul Howarth wrote:
> On Wed, 2006-06-28 at 15:56 -0500, Marc Schwartz (via MN) wrote:

<snip>

> > 
> > There are no .forward files on my system at all, unless that is a temp
> > file, which does not make sense location-wise.
> > 
> > A Google search came up empty for that file, so I can only presume that
> > there are certain configuration scenarios where the pipelining of
> > e-mails would require that file.
> > 
> > Since I am using clamassassin, I also searched through that script and
> > noted nothing relevant here.
> > 
> > Not sure what else to make of it.
> 
> That might be dontaudit-able. Is /var/lib/clamav any user's home
> directory?

The /var/lib/clamav tree appears to be owned by 'clamav', both user and
group:

$ ls -l /var/lib
total 264
...
drwxr-xr-x  2 clamav    clamav   4096 Jun 28 11:00 clamav
...

 ls -l /var/lib/clamav
total 8832
-rw-r--r-- 1 clamav clamav    4050 Jun 28 11:01 clamav-4d6166b710f63075
-rw-r--r-- 1 clamav clamav 3640966 Jun  9 16:49 clamav-651c96be267fc93e
-rw-r--r-- 1 clamav clamav  380351 Jun 28 08:00 daily.cvd
-rw-r--r-- 1 clamav clamav 4978654 Jun  9 18:00 main.cvd


$ cat /etc/passwd | grep clamav
clamav:x:100:101:Clamav database update user:/var/lib/clamav:/sbin/nologin


$ cat /etc/group | grep clamav
clamav:x:101:


<snip>

> > 
> > No further avc's at this time.
> > 
> > Is it time to venture back into the Enforcing World once again?
> 
> Give it a try. Bear in mind it may fail if any of the dontaudit rules
> should be allows instead.

I'll wait for any comments that you have on the above first.

Thanks,

Marc





More information about the fedora-selinux-list mailing list