SEL & Spamassassin

[Paul Howarth]

On 06/11/2011 02:57 PM, Dominick Grift wrote:
>
>
> On Sat, 2011-06-11 at 14:55 +0100, Arthur Dent wrote:
>
>>>
>>>> Anyway, the above AVC looked strange and I didn't want to create a local
>>>> policy module for it until I had checked with the chaps here...
>>>
>>> This does not look particularly strange. The pipe is probably created by
>>> systemd.
>>
>> So, should I create a policy module to allow it?
>>
>
> Did you notice any loss of functionality? Anyways i do not see a problem
> with allowing it.

I'm getting this when I restart opendkim on F-15:

type=AVC msg=audit(1316699607.377:150425): avc:  denied  { read } for 
pid=4151 comm="systemd-tty-ask" name="136:0" dev=tmpfs ino=209876 
scontext=unconfined_u:system_r:systemd_passwd_agent_t:s0 
tcontext=unconfined_u:object_r:init_var_run_t:s0 tclass=fifo_file

type=AVC msg=audit(1316699607.377:150425): avc:  denied  { open } for 
pid=4151 comm="systemd-tty-ask" name="136:0" dev=tmpfs ino=209876 
scontext=unconfined_u:system_r:systemd_passwd_agent_t:s0 
tcontext=unconfined_u:object_r:init_var_run_t:s0 tclass=fifo_file

type=SYSCALL msg=audit(1316699607.377:150425): arch=c000003e syscall=2 
success=yes exit=3 a0=14c60a0 a1=80900 a2=fffffffffffffed0 
a3=7ffffdee5c80 items=1 ppid=4150 pid=4151 auid=0 uid=0 gid=0 euid=0 
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=9220 
comm="systemd-tty-ask" exe="/bin/systemd-tty-ask-password-agent" 
subj=unconfined_u:system_r:systemd_passwd_agent_t:s0 key=(null)

type=CWD msg=audit(1316699607.377:150425):  cwd="/"

type=PATH msg=audit(1316699607.377:150425): item=0 
name="/run/systemd/ask-password-block/136:0" inode=209876 dev=00:12 
mode=010600 ouid=0 ogid=0 rdev=00:00 
obj=unconfined_u:object_r:init_var_run_t:s0

I don't know what's happening here and it doesn't appear to affect the 
operation of opendkim, so I'm tempted to dontaudit it rather than allow 
it. But what is it actually trying to do?

Paul.