Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187974
Summary: selinux denials of spamd reading files
Product: Fedora Core
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: dbaron(a)dbaron.org
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm(a)jmason.org,parkerm
@pobox.com,rcoker@redhat.com,reg+redhat(a)sidney.com,wtoga
mi(a)redhat.com
Description of problem: with the recent selinux and spamassassin updates to FC5
(which I picked up at the same time last week), there have started to be selinux
denials of spamd, three at a time, when spamd starts:
type=AVC msg=audit(1144179464.345:5): avc: denied { search } for pid=1768
comm="spamd" name="lib" dev=hda3 ino=423490
scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_lib_t:s0
tclass=dir
type=SYSCALL msg=audit(1144179464.345:5): arch=40000003 syscall=195 success=no
exit=-13 a0=97843b0 a1=93dd0c8 a2=9bfff4 a3=97843b0 items=1 pid=1768
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="spamd" exe="/usr/bin/perl"
type=CWD msg=audit(1144179464.345:5): cwd="/"
type=PATH msg=audit(1144179464.345:5): item=0
name="/var/lib/spamassassin/3.001001" flags=1
type=AVC msg=audit(1144179464.753:6): avc: denied { search } for pid=1768
comm="spamd" name="lib" dev=hda3 ino=423490
scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_lib_t:s0
tclass=dir
type=SYSCALL msg=audit(1144179464.753:6): arch=40000003 syscall=195 success=no
exit=-13 a0=97843b0 a1=93dd0c8 a2=9bfff4 a3=97843b0 items=1 pid=1768
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="spamd" exe="/usr/bin/perl"
type=CWD msg=audit(1144179464.753:6): cwd="/"
type=PATH msg=audit(1144179464.753:6): item=0
name="/var/lib/spamassassin/3.001001/languages" flags=101
type=AVC msg=audit(1144179466.234:7): avc: denied { search } for pid=1768
comm="spamd" name="lib" dev=hda3 ino=423490
scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_lib_t:s0
tclass=dir
type=SYSCALL msg=audit(1144179466.234:7): arch=40000003 syscall=195 success=no
exit=-13 a0=97843b0 a1=93dd0c8 a2=9bfff4 a3=97843b0 items=1 pid=1768
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="spamd" exe="/usr/bin/perl"
type=CWD msg=audit(1144179466.234:7): cwd="/"
type=PATH msg=audit(1144179466.234:7): item=0
name="/var/lib/spamassassin/3.001001/triplets.txt" flags=1
I'm not sure what this effects, but having selinux prevent spamd from doing
things seems like it could break something.
Version-Release number of selected component (if applicable):
spamassassin-3.1.1-1.fc5
selinux-policy-2.2.25-3.fc5
selinux-policy-targeted-2.2.25-3.fc5
How reproducible: Always (when spamd starts/restarts).
Steps to Reproduce:
1. tail -f /var/log/audit.log
2. /sbin/service spamassassin restart
Actual results: selinux denials
Expected results: no selinux denials
Additional information:
As a note, the directory /var/lib/spamassassin/ does not exist. And the files
in question live in /usr/share/spamassassin/ ... which is why I'm filing this as
a bug on spamassassin rather than selinux-policy-targeted.
--
Configure bugmail:
https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.