Dovecot SELinux configuration
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I am setting up dovecot with postgresql for virtual users, but when I
configure dovecot to talk to postgresql, SELinux denies the TCP connection:
Mar 27 14:25:53 aragorn kernel: audit(1143487553.158:4): avc: denied {
name_connect } for pid=2909 comm="dovecot-auth" dest=5432
scontext=user_u:system_r:dovecot_auth_t:s0
tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket
Mar 27 14:26:53 aragorn kernel: audit(1143487613.737:5): avc: denied {
name_connect } for pid=2939 comm="dovecot-auth" dest=5432
scontext=user_u:system_r:dovecot_auth_t:s0
tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket
Okay, so while I understand that SELinux is preventing dovecot from
making a connection to the postgresql tcp port, I don't really
understand what the "correct" way to fix it is. I don't want to turn
off SELinux enforcement, but I also don't want to open up more than I
should trying to fix it. What's the best way to allow this connection?
ahp
[Index of Archives]
[Current Fedora Users]
[Fedora Desktop]
[Fedora SELinux]
[Yosemite News]
[Yosemite Photos]
[KDE Users]
[Fedora Tools]
[Fedora Docs]
