John Esquivel wrote:
My yum service recently updated selinux policy which I believe broke
my postfix service. I was guessing that selinux does not like me
using a non-standard port for postfix stmp, but then again I am a newbie.
Is there a way to disable just the postfix part of selinux? I have
done this for samba by using the security level gui, but postfix isn't
listed in the gui. For now I can set selinux to permissive then
restart postfix (using the service config gui), then change selinux
back to enforced. This works but this machine gets rebooted weekly
and then postfix fails, also I don't want to leave selinux off
completely. I am running fc4, postfix, amavisd, clamav, and spamassasin.
-JohnE
$ egrep 'fatal:' /var/log/maillog
Sep 25 15:06:22 lin3test postfix/master[6967]: fatal: bind
192.168.1.11 port 10050: Permission denied
Sep 25 15:06:23 lin3test postfix/postfix-script: fatal: the Postfix
mail system is not running
Log report:
/etc/cron.daily/0check4updates:
Updated Packages
selinux-policy-targeted.noarch 1.27.1-2.1
updates squid.i386
7:2.5.STABLE11-1.FC4 updates
xinitrc.noarch 4.0.18.1-1
updates /etc/cron.daily/yum.cron:
/sbin/restorecon reset /etc/postfix context
system_u:object_r:etc_t->system_u:object_r:postfix_etc_t
/sbin/restorecon reset /etc/postfix/postfix-script context
system_u:object_r:etc_t->system_u:object_r:postfix_exec_t
..
Nevermind,
I Just saw the previous thread about this, to use audit2allow.
-Johne