Bug 158181
Summary: | squirrelmail can't make an imap connection | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Thomas J. Baker <tjb> |
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | james |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-06-23 12:59:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Thomas J. Baker
2005-05-19 13:02:50 UTC
OK, to clear things up a bit, if I "setenforce 0" and restart dovecot, squirrelmail works normally. With enforcing enabled, squirrelmail reports the permission denied error and can't make an imap connection. Nothing is logged as to why even though it's clearly an selinux problem. I have audit-0.8.1 installed (bug #158011). Did you look in /var/log/audit/audit.log? Dan As I said before, nothing is logged anywhere I can find. Not in the audit log or messages or dmesg or maillog or anywhere. Other things are logging to the audit log fine. Ok, do you have policy sources in stalled? Please try cd /etc/selinux/targeted/src/policy make enableaudit; make load Then try the connection and see if you get audit messages. Dan That helped: type=AVC msg=audit(1117130474.312:7160534): avc: denied { name_connect } for pid=4126 comm="httpd" dest=143 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:pop_port_t tclass=tcp_socket type=SYSCALL msg=audit(1117130474.312:7160534): arch=c000003e syscall=42 success=no exit=-13 a0=13 a1=555556004b38 a2=10 a3=42960eea items=0 pid=4126 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 comm="httpd" exe="/usr/sbin/httpd" type=SOCKADDR msg=audit(1117130474.312:7160534): saddr=0200008F7F0000010000000000000000 Does setting the boolean httpd_can_network_connect fix the problem? setsebool -P httpd_can_network_connect=1 I had a similar problem with squirrelmail / dovecot The error message in "messages" says: Jun 20 19:13:22 HomeServer kernel: audit(1119287602.556:0): avc: denied { connect } for pid=2949 exe=/usr/sbin/httpd scontext=user_u:system_r:httpd_t tcontext=user_u:system_r:httpd_t tclass=tcp_socket I have tried settig the boolean as described, and that solved the problem for me. Is php5 that comnes with FC4 compiled with imap abilities? if not you problem may be found here. |