SA problem, selinux seems to be killing spamassassin

Gene Heskett gene.heskett at verizon.net
Tue Feb 26 03:56:52 UTC 2008 

Greetings;

I get home tonight with the spam going wild, so I restart spamassassin, and 
get another copy of this:


Summary:

SELinux is preventing spamd(/usr/bin/perl) (spamd_t) "kill" to <Unknown>
(spamd_t).

Detailed Description:

SELinux denied access requested by spamd(/usr/bin/perl). It is not expected 
that
this access is required by spamd(/usr/bin/perl) and this access may signal an
intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not 
recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:spamd_t:s0
Target Context                system_u:system_r:spamd_t:s0
Target Objects                None [ capability ]
Source                        spamd(/usr/bin/perl)
Port                          <Unknown>
Host                          coyote.coyote.den
Source RPM Packages           
Target RPM Packages           
Policy RPM                    selinux-policy-3.0.8-84.fc8
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     coyote.coyote.den
Platform                      Linux coyote.coyote.den 2.6.24 #1 SMP PREEMPT 
Sun
                              Feb 10 20:51:31 EST 2008 i686 athlon
Alert Count                   10
First Seen                    Wed 20 Feb 2008 09:36:02 PM EST
Last Seen                     Mon 25 Feb 2008 10:51:32 PM EST
Local ID                      6d119b1a-2693-43cf-b27b-f4c2d8339623
Line Numbers                  

Raw Audit Messages            

host=coyote.coyote.den type=AVC msg=audit(1203997892.182:2127): avc:  denied  
{ kill } for  pid=5699 comm="spamd" capability=5 
scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:system_r:spamd_t:s0 
tclass=capability

host=coyote.coyote.den type=SYSCALL msg=audit(1203997892.182:2127): 
arch=40000003 syscall=37 success=no exit=-1 a0=3f42 a1=2 a2=4af5f5cc 
a3=80775a8 items=0 ppid=1 pid=5699 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 
egid=0 sgid=0 fsgid=0 tty=(none) comm="spamd" exe="/usr/bin/perl" 
subj=system_u:system_r:spamd_t:s0 key=(null)
=====================
So there's the bug report.  What can I do?

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
"Hi, I'm Professor Alan Ginsburg... But you can call me... Captain Toke."
-- John Lovitz, as ex-Supreme Court nominee Alan Ginsburg, on SNL

More information about the fedora-selinux-list mailing list