Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 599189 Details for
Bug 841252
SELinux is preventing /usr/sbin/dovecot from search access on the directory /var/ftp.
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
sealert -l 7537287f-cc2a-4e16-adab-6bd034c3738a > sealert.txt 2>&1
sealert.txt (text/plain), 2.52 KB, created by
Ralf Corsepius
on 2012-07-19 15:36:40 UTC
(
hide
)
Description:
sealert -l 7537287f-cc2a-4e16-adab-6bd034c3738a > sealert.txt 2>&1
Filename:
MIME Type:
Creator:
Ralf Corsepius
Created:
2012-07-19 15:36:40 UTC
Size:
2.52 KB
patch
obsolete
>WARNING: Policy would be downgraded from version 27 to 26. >WARNING: Policy would be downgraded from version 27 to 26. >WARNING: Policy would be downgraded from version 27 to 26. >SELinux is preventing /usr/sbin/dovecot from search access on the directory /var/ftp. > >***** Plugin catchall (100. confidence) suggests *************************** > >If you believe that dovecot should be allowed search access on the ftp directory by default. >Then you should report this as a bug. >You can generate a local policy module to allow this access. >Do >allow this access for now by executing: ># grep dovecot /var/log/audit/audit.log | audit2allow -M mypol ># semodule -i mypol.pp > > >Additional Information: >Source Context system_u:system_r:dovecot_t:s0 >Target Context system_u:object_r:public_content_t:s0 >Target Objects /var/ftp [ dir ] >Source dovecot >Source Path /usr/sbin/dovecot >Port <Unknown> >Host beck >Source RPM Packages dovecot-2.1.8-1.fc17.x86_64 >Target RPM Packages vsftpd-3.0.0-2.fc17.x86_64 >Policy RPM selinux-policy-3.10.0-137.fc17.noarch >Selinux Enabled True >Policy Type targeted >Enforcing Mode Enforcing >Host Name beck >Platform Linux beck 3.4.4-5.fc17.x86_64 #1 SMP Thu Jul 5 > 20:20:59 UTC 2012 x86_64 x86_64 >Alert Count 2 >First Seen Mon 16 Jul 2012 02:07:15 PM CEST >Last Seen Wed 18 Jul 2012 03:39:07 PM CEST >Local ID 7537287f-cc2a-4e16-adab-6bd034c3738a > >Raw Audit Messages >type=AVC msg=audit(1342618747.818:1299): avc: denied { search } for pid=12863 comm="dovecot" name="ftp" dev="sda3" ino=3028475 scontext=system_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:public_content_t:s0 tclass=dir > > >type=SYSCALL msg=audit(1342618747.818:1299): arch=x86_64 syscall=stat success=no exit=EACCES a0=153bc47 a1=7fff9bf6e110 a2=7fff9bf6e110 a3=0 items=0 ppid=1 pid=12863 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=dovecot exe=/usr/sbin/dovecot subj=system_u:system_r:dovecot_t:s0 key=(null) > >Hash: dovecot,dovecot_t,public_content_t,dir,search > >audit2allow > >#============= dovecot_t ============== >allow dovecot_t public_content_t:dir search; > >audit2allow -R > >#============= dovecot_t ============== >allow dovecot_t public_content_t:dir search; > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=599189">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 841252
: 599189