emails, selinux and Fedora 17

Daniel J Walsh dwalsh at redhat.com
Mon Nov 5 22:08:29 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/05/2012 04:59 PM, lee wrote:
> Daniel J Walsh <dwalsh at redhat.com> writes:
> 
>> On 11/05/2012 04:35 AM, lee wrote:
>>> Hi,
>>> 
>>> it seems that selinux gets in the way of my self-compiled emacs when
>>> gnus is trying to get mails from /var/spool/mail/lee.  Movemail isn't
>>> permitted to get the mail from there.  I have tried to adjust the file
>>> permissions on movemail, and it's like this now:
>>> 
>>> 
>>> -bash-4.2$ ls -laZ 
>>> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail 
>>> -rwxr-xr-x. root root system_u:object_r:bin_t:s0 
>>> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail 
>>> -bash-4.2$ ls -laZ 
>>> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail -rwxr-xr-x.
>>> root root system_u:object_r:bin_t:s0 
>>> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail
>>> 
>>> 
>>> The version of emacs that is in Fedora works, though I'd rather use my
>>>  self-compiled version because there have been bug fixes to gnus which
>>> might not be in emacs 24.1.
>>> 
>>> What am I missing?
>> 
>> Please attach the AVC Messages.
>> 
>> ausearch -m avc -ts recent
> 
> That shows no matches.  "ausearch -m avc" shows a lot of messages, the last
> one being:
> 
> 
> time->Mon Nov  5 21:34:33 2012 type=SYSCALL msg=audit(1352147673.756:131):
> arch=c000003e syscall=59 success=no exit=-13 a0=238867e a1=7fff1f776498
> a2=23909b0 a3=6 items=0 ppid=976 pid=1001 auid=1000 uid=1000 gid=1000
> euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=tty1
> ses=6 comm="login" exe="/usr/bin/login" subj=system_u:system_r:kernel_t:s0
> key=(null) type=AVC msg=audit(1352147673.756:131): avc:  denied  {
> entrypoint } for  pid=1001 comm="login" path="/usr/bin/bash"
> dev="cciss!c0d0p2" ino=1310967
> scontext=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:file_t:s0 tclass=file
> 
> 
> There don't seem to be any messages mentioning movemail: "ausearch -m all
> |grep movemail" returns nothing.  I can't try it again atm because I moved
> the installation to a different disk and didn't keep /usr/local where the
> self-compiled emacs was installed.  The move caused more problems with
> rights and I better fix those first ...
> 


file_t means you have a file or file system without labels.  You need to fix
the labeling on your machine.

touch /.autorelabel; reboot

Will label the entire machine.  If you just put a disk in from another machine
you could just run restorecon on that disk.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlCYON0ACgkQrlYvE4MpobNGWQCgiLHLenmDpld+UjbcNNEIG1Z0
YykAnRE4Gtra7ohhPZQ3Dyhsdlxd7y4h
=lhRl
-----END PGP SIGNATURE-----

More information about the users mailing list