Weird selinux problem with sendmail
Knute Johnson
knute at frazmtn.com
Mon Nov 26 22:48:54 UTC 2007
>Knute Johnson wrote:
>> I loaded F8 onto my old mail server computer and started to
>> reassemble it. But I'm getting a strange message from sendmail and a
>> selinux avc to go with it. I do not have a .forward file and I have
>> an almost identical system running that doesn't have one either and
>> doesn't give any errors. I don't know if this is a sendmail problem
>> or a selinux problem. The mail comes and goes OK. Any ideas?
>>
>> Thanks,
>>
>> knute...
>>
>> Nov 25 00:32:39 www sendmail[7802]: lAP8Wche007801: forward
>> /home/knute/.forward.www: Permission denied
>> Nov 25 00:32:39 www sendmail[7802]: lAP8Wche007801: forward
>> /home/knute/.forward: Permission denied
>>
>> Nov 25 00:40:55 www kernel: audit(1195980055.494:277): avc: denied
>> { getattr } for pid=7949 comm="sendmail" path="/home/knute" dev=dm-0
>> ino=262146 scontext=unconfined_u:system_r:sendmail_t:s0
>> tcontext=unconfined_u:object_r:unconfined_home_dir_t:s0 tclass=dir
>
>This looks to be sendmail checking to see if you have a .forward file
>and getting an SELinux denial when it does so. Since you don't have one,
>the failure doesn't have an impact.
>
>I don't know where the unconfined_home_dir_t comes from though. I'm
>running F8 with targeted policy and the home directories are
>user_home_dir_t rather than unconfined_home_dir_t.
>
>What's the output of:
>
># sestatus
>
>and:
>
># ls -lZ /home/knute
>
>and:
>
># restorecon -Fv /home/knute
>
>Paul.
The problem resolved itself about an hour after I did a yum update.
--
Knute Johnson
Molon Labe...
More information about the fedora-selinux-list
mailing list