On 06/21/2010 03:40 PM, B Wooster wrote:
>> On Mon, Jun 21, 2010 at 7:14 AM, B Wooster<bwooster47@xxxxxxxxx> wrote:
>>> Just installed Fedora 13, and ran into problems with spamassassin.>
>> SELinux disallows a lot of spamassassin tasks - reporting>
>> "If you want to allow spamassassin to bind to port 61706,> you can execute
>> # semanage port -a -t PORT_TYPE -p udp 61706"
>
> And someone else asked:
>> Could you attach the AVC messages. I need to change the priority.
>
> I am not very familiar with SELinux - do you mean the whole audit.log?
> Sending it to audit2allow shows:
> #============= spamc_t ==============
> allow spamc_t afs_bos_port_t:udp_socket name_bind;
> ...
> allow spamc_t clockspeed_port_t:udp_socket name_bind;
> ...
> allow spamc_t zebra_port_t:udp_socket name_bind;
> (hundreds of lines like that).
>
> Some type=AVC messages:
> type=AVC msg=audit(1277083468.889:102923): avc: denied { name_bind }
> for pid=19577 comm="spamassassin" src=14208
> scontext=system_u:system_r:spamc_t:s0
> tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
> ...
> type=AVC msg=audit(1277083468.889:102924): avc: denied { name_bind }
> for pid=19577 comm="spamassassin" src=14209
> scontext=system_u:system_r:spamc_t:s0
> tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
> ...
> type=AVC msg=audit(1277124674.356:111483): avc: denied { name_bind }
> for pid=17830 comm="spamassassin" src=31063
> scontext=unconfined_u:system_r:spamc_t:s0
> tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
Did you turn on the boolean
# setsebool -P spamassassin_can_network 1
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
