We have a server in permissive, thank you, so this is just an annoyance,
but I want to make it go away.
Centos 6.3, current
torque 2.5.7-9.el6
It's the head node of a torque cluster. I found someone, while googling,
who describes the same error, and presumably the same action resulting in
the same result. He writes:
Excerpt:
We're running Torque 2.3.7 on a central Torque server running RHEL6.3 OS
(this old version of Torque is *required* for stable use with the Maui
scheduler, see an older thread in this list).
We're seeing the following syslog message every time a job completes and
sends an E-mail message to the user:
setroubleshoot: SELinux is preventing /usr/sbin/sendmail.sendmail from
write access on the file /var/spool/torque/server_priv/server.lock.
SELinux is enabled in permissive mode, so this is not a severe problem,
but it's still a nuisance to have extraneous syslog messages. I prefer
having SELinux enabled in order to log security related events.
I looked at the Torque code server/svr_mail.c which opens a pipe to
execute Sendmail, writes some data and then closes the pipe. The
pbs_server's lockfile filename is never written to the Sendmail pipe, so
why on earth would SELinux complain about Sendmail trying to write to
that lockfile?? Could it be because svr_mail.c closes the pipe by
fclose(outmail) in stead of pclose(outmail) as is done in the Torque 2.5
code?
--- end excerpt ---
So, what can I do to make selinux shut up about this? server.lock is in
/var/lib/torque/server_priv, and shows as
ll -Z /var/lib/torque/server_priv/
drwxr-x---. root root system_u:object_r:var_lib_t:s0 ./
drwxr-xr-x. root root system_u:object_r:var_lib_t:s0 ../
<...>
-rw-------. root root system_u:object_r:var_lib_t:s0 server.lock
mark
Show replies by date