postfix_smtp_t
Christoph Höger
choeger at cs.tu-berlin.de
Thu Jul 23 22:00:01 UTC 2009
Hi Dan,
I got something like:
type=SYSCALL msg=audit(1248337552.277:51): arch=40000003 syscall=5
success=yes exit=9 a0=2590dd8 a1=8000 a2=0 a3=0 items=0 ppid=3929
pid=3934 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=1 comm="smtp" exe="/usr/libexec/postfix/smtp"
subj=unconfined_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1248337552.277:52): avc: denied { lock } for
pid=3934 comm="smtp" path="/home/choeger/cert/sasl_passwd.db" dev=dm-1
ino=2976113 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
(that's just a simple example)
Basically postfix_smtp_t and user_home_t do not play nice - which is not
a big surprise since that is what confinement is all about, but I wish
there would be a way to handle that use case.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090724/218f4673/attachment.sig>
More information about the fedora-selinux-list
mailing list