selinux + mailman +postfix security problem (F14)
Marcos Luis Ortiz Valmaseda
marcosluis2186 at googlemail.com
Thu Aug 25 16:13:04 UTC 2011
Can you provide the ls -Z of your content in /etc/mailman/aliases
A advice:, use sealert to see a more human-readable approach to analyze the
SELinux logs.
2011/8/25 Fulko Hew <fulko.hew at gmail.com>
> On Fedora 14, I am setting up postfix and mailman.
>
> I had this working once, but I decided to yum erase postfix and mailman
> and redo the configuration to prove I knew how to recreate it.
>
> Turns out I don't know how to recreate a working combination
> because when creating a new list I now have mailman error log that
> talks about:
>
> command failed: /usr/sbin/postalias /etc/mailman/aliases (status: 1,
> Operation not permitted)
>
> and a corresponding AVC error:
>
> Aug 25 10:28:54 (null) (null): audit(1314282534.501:4326): avc: denied {
> search } for
> pid=12121 comm=postalias name=postfix ino=295074 dev=dm-0
> scontext=system_u:system_r:mailman_cgi_t:s0
> tcontext=system_u:object_r:postfix_etc_t:s0 tclass=dir
>
> Suggestions?
>
> Fulko
>
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>
>
--
--
Marcos Luis Ortíz Valmaseda
Software Engineer (UCI)
Linux User # 418229
http://marcosluis2186.posterous.com
http://www.linkedin.com/in/marcosluis2186
https://fedoraproject.org/wiki/User:Marcosluis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20110825/503eb9d9/attachment.html
More information about the users
mailing list