SA problem, selinux seems to be killing spamassassin
Gene Heskett
gene.heskett at verizon.net
Tue Feb 26 03:56:52 UTC 2008
Greetings;
I get home tonight with the spam going wild, so I restart spamassassin, and
get another copy of this:
Summary:
SELinux is preventing spamd(/usr/bin/perl) (spamd_t) "kill" to <Unknown>
(spamd_t).
Detailed Description:
SELinux denied access requested by spamd(/usr/bin/perl). It is not expected
that
this access is required by spamd(/usr/bin/perl) and this access may signal an
intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context system_u:system_r:spamd_t:s0
Target Context system_u:system_r:spamd_t:s0
Target Objects None [ capability ]
Source spamd(/usr/bin/perl)
Port <Unknown>
Host coyote.coyote.den
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.0.8-84.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name coyote.coyote.den
Platform Linux coyote.coyote.den 2.6.24 #1 SMP PREEMPT
Sun
Feb 10 20:51:31 EST 2008 i686 athlon
Alert Count 10
First Seen Wed 20 Feb 2008 09:36:02 PM EST
Last Seen Mon 25 Feb 2008 10:51:32 PM EST
Local ID 6d119b1a-2693-43cf-b27b-f4c2d8339623
Line Numbers
Raw Audit Messages
host=coyote.coyote.den type=AVC msg=audit(1203997892.182:2127): avc: denied
{ kill } for pid=5699 comm="spamd" capability=5
scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:system_r:spamd_t:s0
tclass=capability
host=coyote.coyote.den type=SYSCALL msg=audit(1203997892.182:2127):
arch=40000003 syscall=37 success=no exit=-1 a0=3f42 a1=2 a2=4af5f5cc
a3=80775a8 items=0 ppid=1 pid=5699 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="spamd" exe="/usr/bin/perl"
subj=system_u:system_r:spamd_t:s0 key=(null)
=====================
So there's the bug report. What can I do?
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
"Hi, I'm Professor Alan Ginsburg... But you can call me... Captain Toke."
-- John Lovitz, as ex-Supreme Court nominee Alan Ginsburg, on SNL
More information about the fedora-selinux-list
mailing list