postfix, procmail and SELinux - No Go
Marc Schwartz (via MN)
mschwartz at mn.rr.com
Fri Jul 21 16:57:23 UTC 2006
Well, after a couple of days and several re-boots, the following is the
only avc so far:
type=AVC msg=audit(1153435170.422:48): avc: denied { search } for pid=15586 comm="clamscan" name="marcs" dev=dm-0 ino=425153 scontext=system_u:system_r:clamscan_t:s0 tcontext=user_u:object_r:user_home_dir_t:s0 tclass=dir
type=SYSCALL msg=audit(1153435170.422:48): arch=40000003 syscall=10 success=no exit=-13 a0=9730020 a1=1 a2=448ce93c a3=972f7e0 items=1 pid=15586 auid=4294967295 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0
type=CWD msg=audit(1153435170.422:48): cwd="/home/marcs"
type=PATH msg=audit(1153435170.422:48): item=0 name="tnef" parent=58512 dev=fd:02 mode=0100600 ouid=500 ogid=500 rdev=00:00 obj=system_u:object_r:clamscan_tmp_t:s0
I am running in Enforcing mode.
Current policies:
selinux-policy-2.3.2-1.fc5
selinux-policy-targeted-2.3.2-1.fc5
amavis 1.0.5
clamav 1.0.4
dcc 1.0.1
myclamav 0.1.5
mydcc 0.1.9
mypostfix 0.1.1
mypyzor 0.2.3
myspamassassin 0.1.5
procmail 0.5.4
pyzor 1.0.4
razor 1.0.1
Regards,
Marc
More information about the selinux
mailing list