Postfix avcs (Re: Enabling SELinux on a custom kernel)
Stephen Smalley
sds at tycho.nsa.gov
Tue Jul 8 14:19:05 UTC 2008
On Tue, 2008-07-08 at 16:16 +0200, Jan Kasprzak wrote:
> Jan Kasprzak wrote:
> : > /etc/selinux/targeted/modules/active/seusers
> : > /etc/selinux/targeted/modules/active/users_extra.local
> : > /etc/selinux/targeted/modules/active/users.local
>
> I have copied those three files from the fresh F9 system
> to the system in question, and it seems that after semodule -i localpostfix.pp
> Postfix finally works. However, the "semodule -i localpostfix.pp"
> command still takes 2-3 minutes of CPU time to finish. At least
> it doesn't complain anymore.
>
> # time semodule -i localpostfix.pp
>
> real 2m55.839s
> user 2m54.195s
> sys 0m1.593s
> # echo $?
> 0
Can you check whether you have expand-check = 0
in /etc/selinux/semanage.conf? If not present or commented out, add it
and retry.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list