Avcs for spamc

Tue Sep 17 03:30:02 UTC 2013

The avcs listed below seem to have been around for a long time. Is pyzor
really trying to run rpm to install something?

type=SYSCALL msg=audit(1376212087.230:525): arch=c000003e syscall=4
success=no e
xit=-13 a0=24121b0 a1=7fff9e82e820 a2=7fff9e82e820 a3=7f889c8a35d0
items=0 ppid=9709 pid=9710 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="pyzor"
exe="/usr/bin/python2.7" subj=system_u:system_r:spamc_t:s0 key=(null)
type=AVC msg=audit(1376212087.230:525): avc:  denied  { getattr } for
pid=9710 comm="pyzor" path="/usr/bin/rpm" dev="dm-1" ino=691636
scontext=system_u:system_r:spamc_t:s0
tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1376217670.157:605): arch=c000003e syscall=4
success=no exit=-13 a0=1b511b0 a1=7fffab9ca4a0 a2=7fffab9ca4a0
a3=7fafd093b5d0 items=0 ppid=10665 pid=12274 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none)
comm="pyzor" exe="/usr/bin/python2.7" subj=system_u:system_r:spamc_t:s0
key=(null)
type=AVC msg=audit(1376217670.157:605): avc:  denied  { getattr } for
pid=12274 comm="pyzor" path="/usr/bin/rpm" dev="dm-1" ino=691636
scontext=system_u:system_r:spamc_t:s0
tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1376218163.947:614): arch=c000003e syscall=4
success=no exit=-13 a0=1d191b0 a1=7fff04d2fd70 a2=7fff04d2fd70
a3=35101c15d0 items=0 ppid=24224 pid=24226 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none)
comm="pyzor" exe="/usr/bin/python2.7" subj=system_u:system_r:spamc_t:s0
key=(null)
type=AVC msg=audit(1376218163.947:614): avc:  denied  { getattr } for
pid=24226 comm="pyzor" path="/usr/bin/rpm" dev="dm-1" ino=9914
scontext=system_u:system_r:spamc_t:s0
tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file