F13 - Exim / SELinux Issue

Frank Chiulli frankc.fedora at gmail.com
Thu Jul 15 03:37:14 UTC 2010


I recently did a fresh install of F13 on my system.  My home directory
which is on a separate disk was not touched.  Now whenever exim
retrieves a message I get two SELinux alerts.



Summary:

SELinux is preventing /usr/sbin/exim "getattr" access on
/home/frank/.procmailrc.

Detailed Description:

SELinux denied access requested by exim. It is not expected that this access is
required by exim and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                system_u:system_r:exim_t:s0
Target Context                unconfined_u:object_r:procmail_home_t:s0
Target Objects                /home/frank/.procmailrc [ file ]
Source                        exim
Source Path                   /usr/sbin/exim
Port                          <Unknown>
Host                          flinux
Source RPM Packages           exim-4.72-1.fc13
Target RPM Packages
Policy RPM                    selinux-policy-3.7.19-33.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     flinux
Platform                      Linux flinux 2.6.33.6-147.fc13.i686.PAE #1 SMP Tue
                              Jul 6 22:24:44 UTC 2010 i686 i686
Alert Count                   6
First Seen                    Sun 11 Jul 2010 08:14:38 AM PDT
Last Seen                     Sun 11 Jul 2010 08:14:39 AM PDT
Local ID                      d8803924-02a3-446e-b20d-15ae78163c71
Line Numbers

Raw Audit Messages

node=flinux type=AVC msg=audit(1278861279.461:42): avc:  denied  {
getattr } for  pid=2279 comm="exim" path="/home/frank/.procmailrc"
dev=sdb1 ino=4480740 scontext=system_u:system_r:exim_t:s0
tcontext=unconfined_u:object_r:procmail_home_t:s0 tclass=file

node=flinux type=SYSCALL msg=audit(1278861279.461:42): arch=40000003
syscall=196 success=no exit=-13 a0=2164020 a1=bf91420c a2=6fcff4
a3=216cd55 items=0 ppid=2278 pid=2279 auid=4294967295 uid=500 gid=500
euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none)
ses=4294967295 comm="exim" exe="/usr/sbin/exim"
subj=system_u:system_r:exim_t:s0 key=(null)


More information about the users mailing list