postfix, procmail and SELinux - No Go

Marc Schwartz MSchwartz at mn.rr.com
Thu Jun 29 23:38:12 UTC 2006 

Paul,

I just got home and noted the following avc's which appear to be a
post-reboot scenario.

There are some that appear to be networking related, which may indeed be
associated with the kernel related reports. I have more than one network
profile, where I used one at home that has a fixed IP address behind a
router. At work, I use NM with DHCP. As I noted in a prior post, some
network things have been flaky with the new kernel.

Is this an indication that I should consider the 'updates testing'
initscripts update as referenced in other threads on the general lists?

Up until the reboot, there were no other avc's.

Note also what appears to be a double "//" in the path to the
razor-agent.log.  Not sure where that comes from, as the mods that I
made in the config files are:

local.cf:
razor_config /etc/mail/spamassassin/razor/razor-agent.conf

razor-agent.conf :
razorhome              = /etc/mail/spamassassin/razor/

The trailing '/' in the second file was there previously.


New avc's:

type=AVC msg=audit(1151607255.655:1577): avc:  denied  { signal } for  pid=2283 comm="spamd" scontext=system_u:system_r:spamd_t:s0 t context=system_u:system_r:dcc_client_t:s0 tclass=process
type=SYSCALL msg=audit(1151607255.655:1577): arch=40000003 syscall=37 success=no exit=-13 a0=780b a1=f a2=2b5b8c a3=90e7894 items=0 pid=2283 auid=4294967295 uid=0 gid=0 euid=500 suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) comm="spamd" exe="/usr/bin/perl"  subj=system_u:system_r:spamd_t:s0
type=AVC msg=audit(1151620643.074:452): avc:  denied  { append } for  pid=2312 comm="spamd" name="razor-agent.log" dev=hdc7 ino=1081 390 scontext=system_u:system_r:spamd_t:s0 tcontext=user_u:object_r:etc_mail_t:s0 tclass=file
type=SYSCALL msg=audit(1151620643.074:452): arch=40000003 syscall=5 success=no exit=-13 a0=b5c6ee0 a1=8441 a2=1b6 a3=8441 items=1 pi d=2312 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="spamd" exe="/usr/bin/perl" subj=syst em_u:system_r:spamd_t:s0
type=CWD msg=audit(1151620643.074:452):  cwd="/"
type=PATH msg=audit(1151620643.074:452): item=0 name="/etc/mail/spamassassin/razor//razor-agent.log" parent=1081385 dev=16:07 mode=0 40755 ouid=0 ogid=0 rdev=00:00 obj=user_u:object_r:etc_mail_t:s0
type=AVC msg=audit(1151620645.415:453): avc:  denied  { setgid } for  pid=2410 comm="dccproc" capability=6 scontext=system_u:system_ r:dcc_client_t:s0 tcontext=system_u:system_r:dcc_client_t:s0 tclass=capability
type=SYSCALL msg=audit(1151620645.415:453): arch=40000003 syscall=210 success=yes exit=0 a0=ffffffff a1=0 a2=ffffffff a3=47fcfcc0 it ems=0 pid=2410 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="dccproc" exe="/usr/local/bin /dccproc" subj=system_u:system_r:dcc_client_t:s0
type=AVC msg=audit(1151620795.471:481): avc:  denied  { use } for  pid=5120 comm="dhclient" name="[10508]" dev=pipefs ino=10508 scon text=user_u:system_r:dhcpc_t:s0 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
type=AVC msg=audit(1151620795.471:481): avc:  denied  { use } for  pid=5120 comm="dhclient" name="[10508]" dev=pipefs ino=10508 scon text=user_u:system_r:dhcpc_t:s0 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
type=SYSCALL msg=audit(1151620795.471:481): arch=40000003 syscall=11 success=yes exit=0 a0=99120f8 a1=993b580 a2=9912608 a3=993b5f0 items=2 pid=5120 auid=500 uid=0 gid=500 euid=0 suid=0 fsuid=0 egid=500 sgid=500 fsgid=500 tty=(none) comm="dhclient" exe="/sbin/dhcl ient" subj=user_u:system_r:dhcpc_t:s0
type=AVC_PATH msg=audit(1151620795.471:481):  path="pipe:[10508]"
type=AVC_PATH msg=audit(1151620795.471:481):  path="pipe:[10508]"
type=CWD msg=audit(1151620795.471:481):  cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1151620795.471:481): item=0 name="/sbin/dhclient" inode=3542818 dev=16:07 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:dhcpc_exec_t:s0
type=PATH msg=audit(1151620795.471:481): item=1 name=(null) inode=754491 dev=16:07 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_ u:object_r:ld_so_t:s0
type=AVC msg=audit(1151620808.228:498): avc:  denied  { use } for  pid=5217 comm="dhclient-script" name="[10508]" dev=pipefs ino=105 08 scontext=user_u:system_r:dhcpc_t:s0 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
type=AVC msg=audit(1151620808.228:498): avc:  denied  { use } for  pid=5217 comm="dhclient-script" name="[10508]" dev=pipefs ino=105 08 scontext=user_u:system_r:dhcpc_t:s0 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
type=SYSCALL msg=audit(1151620808.228:498): arch=40000003 syscall=11 success=yes exit=0 a0=9fdff30 a1=a0044c8 a2=9fe1378 a3=a002498 items=3 pid=5217 auid=500 uid=0 gid=500 euid=0 suid=0 fsuid=0 egid=500 sgid=500 fsgid=500 tty=(none) comm="dhclient-script" exe="/bi n/bash" subj=user_u:system_r:dhcpc_t:s0
type=AVC_PATH msg=audit(1151620808.228:498):  path="pipe:[10508]"
type=AVC_PATH msg=audit(1151620808.228:498):  path="pipe:[10508]"
type=CWD msg=audit(1151620808.228:498):  cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1151620808.228:498): item=0 name="/sbin/dhclient-script" inode=3548518 dev=16:07 mode=0100755 ouid=0 ogid=0 rdev =00:00 obj=system_u:object_r:dhcpc_exec_t:s0
type=PATH msg=audit(1151620808.228:498): item=1 name=(null) inode=1966191 dev=16:07 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system _u:object_r:shell_exec_t:s0
type=PATH msg=audit(1151620808.228:498): item=2 name=(null) inode=754491 dev=16:07 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_ u:object_r:ld_so_t:s0


Thanks,

Marc

More information about the fedora-selinux-list mailing list