Bug 217221
| Summary: | selinux policy (selinux-policy-2.4.3-10.fc6) breaks spamassassin | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | greg hosler <greg> |
| Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6 | CC: | dwalsh |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-11-27 16:46:00 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
well... i dunno. I just rebooted and did an selinux auto-relabel, and now everything works. Apparently somehow something was not labeled properly. don't know what. don't know how. please close this bug. -Greg |
Description of problem: spamassassin does not work with selinux-policy-2.4.3-10.fc6; have not tried with the original selinux-policy in FC-6. Once Version-Release number of selected component (if applicable): How reproducible: install sendmail, spamassassin, send yourself mail. Mail fails to be delivered. Look in /var/log/maillog, and you will see the following: Nov 21 05:48:38 genesis procmail[23960]: Unknown user "hosler" (or whatever your name is) Look in /var/log/messages, and you will see: Nov 25 14:13:50 genesis kernel: audit(1164435230.716:49): avc: denied { read } for pid=8666 comm="procmail" name="passwd" dev=hda5 ino=156422 scontext=system_u:system_r:procmail_t:s0 tcontext=user_u:object_r:shadow_t:s0 tclass=file Nov 25 14:13:50 genesis kernel: audit(1164435230.716:50): avc: denied { getattr } for pid=8666 comm="procmail" name="passwd" dev=hda5 ino=156422 scontext=system_u:system_r:procmail_t:s0 tcontext=user_u:object_r:shadow_t:s0 tclass=file Nov 25 14:13:50 genesis kernel: audit(1164435230.888:51): avc: denied { search } for pid=8666 comm="procmail" name="hosler" dev=hda17 ino=390913 scontext=system_u:system_r:procmail_t:s0 tcontext=root:object_r:file_t:s0 tclass=dir putting selinux in non-enforcing mode (hardly desireable) enables procmail to run (procmail is how spamassassin is triggered, kinda) Steps to Reproduce: See above Actual results: Mail is rejected Expected results: Mail to be delivered to local mailbox. Additional info: