Postfix/mailman problem
Eric Smith
eric at brouhaha.com
Thu Mar 2 22:39:32 UTC 2006
Ivan wrote:
> - the file /usr/lib/mailman/mail (which your script runs) appears to be
> a SGID executable to group mailman which runs other [mailman] programs.
[...]
> ultimately this boils down to postfix_pipe being unable to execute
> mailman.
However, it isn't even able to invoke the python script. To make that
work, does the policy need to allow postfix_pipe_t to run python?
The python script isn't that complicated; I could rewrite it in C if
necessary.
I tried my hand at adding mailman rules to postfix.te:
ifdef(`mailman.te', `
domain_auto_trans(postfix_pipe_t, mailman_exec_t, mailman_t)
')
but that doesn't appear to work, possibly because mailman.te defines
mailman_$1_t, and I don't have any idea what $1 is.
Thanks,
Eric
[and thanks for putting up with my SELinux newbie questions!]
More information about the fedora-selinux-list
mailing list