Bug 187011
| Summary: | Dovecot pgsql/selinux policy missing | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Adam H. Pendleton <fmonkey> | ||||
| Component: | dovecot | Assignee: | Tomas Janousek <tjanouse> | ||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 5 | CC: | dwalsh, tss, wtogami | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2007-02-14 21:12:44 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 126867 [details]
Policy created by audit2allow
This should be fixed in FC6, Daniel plans to fix it for FC5 as well. I am not updating FC5 at this point, Either upgrade to FC6 policy or use audit2allow to generate local policy. |
Description of problem: Dovecot is compiled with postgresql support, but SELinux does not allow tcp connections between dovecot and postgresql. Version-Release number of selected component (if applicable): 1.0.0.beta2.7 How reproducible: 100% Steps to Reproduce: 1. Configure dovecot to access postgresql on tcp port 2. Run dovecot 3. Look at /var/log/audit/audit.log Actual results: type=AVC msg=audit(1143505368.215:14): avc: denied { name_connect } for pid=3512 comm="dovecot-auth" dest=5432 scontext=user_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket type=AVC msg=audit(1143505368.215:14): avc: denied { recv_msg } for pid=3512 comm="dovecot-auth" saddr=127.0.0.1 src=5432 daddr=127.0.0.1 dest=35472 netif=lo scontext=user_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket Expected results: Nothing Additional info: