postfix, procmail and SELinux - No Go
Marc Schwartz (via MN)
mschwartz at mn.rr.com
Mon Jun 19 20:07:03 UTC 2006
On Mon, 2006-06-12 at 17:40 +0100, Paul Howarth wrote:
> At this point it might be worth trying to remove some of the "strange"
> policy items, such as:
>
> allow postfix_master_t man_t:file getattr;
>
> and see what, if anything fails. By doing this we might get some insight
> into what is actually happening, or if nothing breaks, we could
> dontaudit it instead of allowing it.
>
> Paul.
Paul,
Apologies for the delay in my reply, as I was traveling (Vienna,
Austria) all of last week and got back late yesterday. My schedule there
ended up being busier than I expected and did not have a chance to get
to this.
I tried to make the above modification to mypostfix.te, however when
going back to build all of the policy modules, I now get an error:
Compiling targeted procmail module
/usr/bin/checkmodule: loading policy configuration from
tmp/procmail.tmp
procmail.te:41:ERROR 'syntax error' at token 'clamscan_domtrans' on line
57484:
clamscan_domtrans(procmail_t)
# ==============================================
/usr/bin/checkmodule: error(s) encountered while parsing configuration
make: *** [tmp/procmail.mod] Error 1
Line 41 in procmail.te (as noted above) is:
clamscan_domtrans(procmail_t)
This error occurs even without the modification to mypostfix.te, so I am
unclear as to what happened since the last time I was able to build them
all.
I plead jet lag here and suspect that you might rapidly recognize what
is happening and have an easy fix. If you need me to check some files,
let me know.
Regards and thanks,
Marc
More information about the selinux
mailing list