Re: Selinux issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Selinux issue
From: "M. Lewis" <_fedoralist_@xxxxxxxxxxxx>
Date: Sat, 24 Sep 2005 20:15:45 -0500
In-reply-to: <1127608691.3710.115.camel@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <4335BDE1.1080207@xxxxxxxxxxxx> <1127597440.8073.3.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <4335C964.3030003@xxxxxxxxxxxx> <1127603600.4121.2.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <1127608691.3710.115.camel@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.6-1.1.fc4 (X11/20050720)

Alexander Dalloz wrote:

Am So, den 25.09.2005 schrieb Craig White um 1:13:

type=AVC msg=audit(1127594745.645:394): avc: denied { name_bind } forpid=4155 comm="master" src=10025scontext=root:system_r:postfix_master_ttcontext=system_u:object_r:amavisd_send_port_t tclass=tcp_socket

My version of Postfix (admittedly CentOS 4) doesn't have those files
which means that there is no context to restore because they weren't
part of the default definitions. Is this fedora version of Postfix? Did
you create those files? If so, you would have to set the contexts
yourself...

This is what I use as my bible for SELinux...

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-
guide/

Craig



I think the problem comes from the non standard port 10025, which could
be too any other for the mail transport between amavisd-new and Postfix.
And I guess a custom SELinux rule is needed for that - audit2allow can
help.

Alexander

Thanks Alexander and Craig. Yes, I'm using amavisd-new and Postfix. I'llread up on the audit2allow.


Strange though, I didn't have to do anything before to make it work.

Thanks,
Mike

Follow-Ups:
- Re: Selinux issue
  - From: James Wilkinson

References:
- Selinux issue
  - From: M. Lewis
- Re: Selinux issue
  - From: Craig White
- Re: Selinux issue
  - From: M. Lewis
- Re: Selinux issue
  - From: Craig White
- Re: Selinux issue
  - From: Alexander Dalloz

Prev by Date: Imap: no login... ps aux - imapd.pid -nodnslookup -noidentlookup
Next by Date: Re: How does RPM know what architecture we're on?
Previous by thread: Re: Selinux issue
Next by thread: Re: Selinux issue
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux