Nicolas Mailhot wrote:
Le vendredi 28 octobre 2005 à 11:47 -0400, Daniel J Walsh a écrit :
> If you add
>
> can_exec(postfix_local_t, spamc_exec_t)
>
> does that fix the problem?
>
Don't know how to so this one
> And if you don't know how to do this,
> try
>
> chcon -t bin_t /usr/bin/spamassassin
>
This one does not work (need to replace spamassassin by spamc perhaps ?)
Yes, sorry about that, I will put out policy to fix it, so this is only
a change to see if my
fix would fix your problem.
If the machine is in enforcing mode
setenforce 0
Then run this command to allow spam to execute spamc
chcon -t bin_t /usr/bin/spamc
Run your test, See if there are additional AVC messages
Then run
restorecon /usr/bin/spamc
setenforc 1
And you will be back to your current state. I will then apply fixes to the AVC messages
you generate in the next policy package.
> And tell me if that fixes the problem
>
I can try a local fix, but I'd rather have it fixed in the default
policy, as local fixes tend to bite you when you move to another system
with vendor defaults
Regards,
--