Bug 171406
Summary: | Postfix can't access Saslauthd socket | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Ben Carner <kwalker> |
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-05-05 15:02:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ben Carner
2005-10-21 15:57:42 UTC
This is no prostfix problem, assigning to selinux-prolicy-targeted. Fixed in selinux-policy-targeted-1.27.1-2.14 Still no worky. Now it is denying write for the mux socket to the postfix daemon. This is what shows up in my audit.log: type=AVC msg=audit(1134082992.536:6821): avc: denied { write } for pid=29186 comm="smtpd" name="mux" dev=dm-0 ino=113 0952 scontext=system_u:system_r:postfix_smtpd_t tcontext=system_u:object_r:var_run_t tclass=sock_file type=SYSCALL msg=audit(1134082992.536:6821): arch=40000003 syscall=102 success=no exit=-13 a0=3 a1=bf8f5bd0 a2=5b6228 a3 =bf8f5c34 items=1 pid=29186 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 comm="smtpd" exe="/usr/libexec/postfix/smtpd" type=SOCKADDR msg=audit(1134082992.536:6821): saddr=01002F7661722F72756E2F7361736C61757468642F6D757800000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000 type=SOCKETCALL msg=audit(1134082992.536:6821): nargs=3 a0=10 a1=bf8f801a a2=6e type=PATH msg=audit(1134082992.536:6821): item=0 flags=1 inode=1130952 dev=fd:00 mode=0140777 ouid=0 ogid=0 rdev=00:00 And this is what audit2allow says should be added: allow postfix_smtpd_t var_run_t:sock_file write; Closing as these have been marked as modified, for a while. Feel free to reopen if not fixed Just tested again and it is working as of selinux-policy-targeted-1.27.1-2.28 |