SELinux won't let dovecot connect to postgresql
Roland Roberts
roland at astrofoto.org
Mon Nov 30 01:44:59 UTC 2009
On 11/29/2009 05:11 AM, Sandro Janke wrote:
> Actually, you don't need to have any of the setroubleshoot packages
> installed to get AVC messages logged. What you need is auditd running
> and it will log AVC messages to /var/log/audit/audit.log
>
> With setroubleshoot-server installed you can watch the logged messages
> using:
>
> # sealert -a /var/log/audit/audit.log
>
> The output will be long and in the style of setroubleshoot browser, so
> take your measures.
>
> Another tool - from the audit package - that can prove very useful is
> ausearch. It will search the audit logs for messages matching the
> given criteria.
But I'm not getting any messages there. And changing enforcing mode
fixes the problem, so it seems like it has to be SELinux, but with no
log, I can't figure out what rule needs to be changed.
--
PGP Key ID: 66 BC 3B CD
Roland B. Roberts, PhD RL Enterprises
roland at rlenter.com 6818 Madeline Court
roland at astrofoto.org Brooklyn, NY 11220
More information about the fedora-selinux-list
mailing list