This is the first Fedora I've come across a files called dead-letter.
I don't use sendmail, exim is installed, if relevant.
Summary:
SELinux is preventing the sendmail from using potentially mislabeled files
(./dead.letter).
Detailed Description:
SELinux has denied sendmail access to potentially mislabeled file(s)
(./dead.letter). This means that SELinux will not allow sendmail to use
these
files. It is common for users to edit files in their home directory or tmp
directories and then move (mv) them to system directories. The problem
is that
the files end up with the wrong file context which confined applications
are not
allowed to access.
Allowing Access:
If you want sendmail to access this files, you need to relabel them using
restorecon -v './dead.letter'. You might want to relabel the entire
directory
using restorecon -R -v './dead.letter'.
Additional Information:
Source Context system_u:system_r:logwatch_t:s0
Target Context system_u:object_r:admin_home_t:s0
Target Objects ./dead.letter [ dir ]
Source sendmail
Source Path /usr/sbin/ssmtp
Port <Unknown>
Host frank01.frankly3d.local
Source RPM Packages ssmtp-2.61-11.7.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-34.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name home_tmp_bad_labels
Host Name frank01.frankly3d.local
Platform Linux frank01.frankly3d.local
2.6.27.9-159.fc10.i686 #1 SMP Tue Dec 16
15:12:04
EST 2008 i686 i686
Alert Count 1
First Seen Sun 28 Dec 2008 12:18:46 GMT
Last Seen Sun 28 Dec 2008 12:18:46 GMT
Local ID 6feff0bd-d81b-472e-8c9b-a4538c69479f
Line Numbers
Raw Audit Messages
node=frank01.frankly3d.local type=AVC msg=audit(1230466726.28:154): avc:
denied { add_name } for pid=4443 comm="sendmail"
name="dead.letter"
scontext=system_u:system_r:logwatch_t:s0
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
node=frank01.frankly3d.local type=SYSCALL msg=audit(1230466726.28:154):
arch=40000003 syscall=5 success=no exit=-13 a0=97312d0 a1=441 a2=1b6
a3=440 items=0 ppid=4311 pid=4443 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="sendmail" exe="/usr/sbin/ssmtp"
subj=system_u:system_r:logwatch_t:s0 key=(null)
====================================================
Dead-Letter contents
====================================================
/etc/cron.daily/0logwatch:
sendmail: Cannot open mail:25
/etc/cron.daily/rkhunter:
send-mail: Cannot open mail:25
send-mail: Cannot open mail:25
/bin/sh: opt/f-prot/fpscan: No such file or directory
Show replies by date