emails, selinux and Fedora 17

lee lee at yun.yagibdah.de
Mon Nov 5 21:59:37 UTC 2012 

Daniel J Walsh <dwalsh at redhat.com> writes:

> On 11/05/2012 04:35 AM, lee wrote:
>> Hi,
>> 
>> it seems that selinux gets in the way of my self-compiled emacs when gnus
>> is trying to get mails from /var/spool/mail/lee.  Movemail isn't permitted
>> to get the mail from there.  I have tried to adjust the file permissions on
>> movemail, and it's like this now:
>> 
>> 
>> -bash-4.2$ ls -laZ
>> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail 
>> -rwxr-xr-x. root root system_u:object_r:bin_t:s0
>> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail 
>> -bash-4.2$ ls -laZ
>> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail -rwxr-xr-x. root
>> root system_u:object_r:bin_t:s0
>> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail
>> 
>> 
>> The version of emacs that is in Fedora works, though I'd rather use my 
>> self-compiled version because there have been bug fixes to gnus which might
>> not be in emacs 24.1.
>> 
>> What am I missing?
>
> Please attach the AVC Messages.
>
> ausearch -m avc -ts recent

That shows no matches.  "ausearch -m avc" shows a lot of messages, the
last one being:


time->Mon Nov  5 21:34:33 2012
type=SYSCALL msg=audit(1352147673.756:131): arch=c000003e syscall=59 success=no exit=-13 a0=238867e a1=7fff1f776498 a2=23909b0 a3=6 items=0 ppid=976 pid=1001 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=tty1 ses=6 comm="login" exe="/usr/bin/login" subj=system_u:system_r:kernel_t:s0 key=(null)
type=AVC msg=audit(1352147673.756:131): avc:  denied  { entrypoint } for  pid=1001 comm="login" path="/usr/bin/bash" dev="cciss!c0d0p2" ino=1310967 scontext=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file


There don't seem to be any messages mentioning movemail: "ausearch -m
all |grep movemail" returns nothing.  I can't try it again atm because I
moved the installation to a different disk and didn't keep /usr/local
where the self-compiled emacs was installed.  The move caused more
problems with rights and I better fix those first ...

More information about the users mailing list