Bug 466664

Summary: /var/lib/postfix/prng_exch needs proper selinux label
Product: [Fedora] Fedora Reporter: Jeff Layton <jlayton>
Component: postfixAssignee: Thomas Woerner <twoerner>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 8CC: steved, twoerner
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-10-14 10:51:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeff Layton 2008-10-12 13:18:13 UTC 
I'm getting avc denials when tlsmgr is trying to access 
/var/lib/postfix/prng_exch. Looks like that file needs a better SELinux context:

host=foo.bar.baz type=AVC msg=audit(1223817082.919:15632): avc:  denied  { lock } for  pid=7307 comm="tlsmgr" path="/var/lib/postfix/prng_exch" dev=dm-1 ino=820481 scontext=unconfined_u:system_r:postfix_master_t:s0 tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file



host=foo.bar.baz type=SYSCALL msg=audit(1223817082.919:15632): arch=c000003e syscall=73 success=yes exit=0 a0=9 a1=2 a2=2 a3=0 items=0 ppid=7299 pid=7307 auid=500 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=1 comm="tlsmgr" exe="/usr/libexec/postfix/tlsmgr" subj=unconfined_u:system_r:postfix_master_t:s0 key=(null)






host=foo.bar.baz type=AVC msg=audit(1223817082.919:15631): avc:  denied  { getattr } for  pid=7307 comm="tlsmgr" path="/var/lib/postfix/prng_exch" dev=dm-1 ino=820481 scontext=unconfined_u:system_r:postfix_master_t:s0 tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file



host=foo.bar.baz type=SYSCALL msg=audit(1223817082.919:15631): arch=c000003e syscall=5 success=yes exit=0 a0=9 a1=7fff9b48ba60 a2=7fff9b48ba60 a3=0 items=0 ppid=7299 pid=7307 auid=500 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=1 comm="tlsmgr" exe="/usr/libexec/postfix/tlsmgr" subj=unconfined_u:system_r:postfix_master_t:s0 key=(null)
Comment 1 Thomas Woerner 2008-10-14 10:51:47 UTC 

*** This bug has been marked as a duplicate of bug 466235 ***