Bug 666765
Summary: | SELinux is preventing /sbin/consoletype from 'read' accesses on the file /tmp/update_spamassassin.0102. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Chris Schanzle <bugzilla> |
Component: | spamassassin | Assignee: | Warren Togami <wtogami> |
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 14 | CC: | dwalsh, kevin, mgrepl, nb, wtogami |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:5ab235feae5db28198651d4434707a9e5a9207eb23186b5646de7ac13170ede0 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-01-04 16:05:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Chris Schanzle
2011-01-03 03:43:02 UTC
Looks like a leak descriptor. You can dontaudit it using # grep consoletype /var/log/audit/audit.log | audit2allow -D -M mypol # semodule -i mypol.pp Hi - rather than paper over the alert ... is this likely from /etc/cron.daily/update_spamassassin ? Should the spamassassin guys be taking a look? I'd be happy to modify the script to help find out, but not sure of the techniques. Yes, they should be closing this file descriptor on exec. Also why are they using /tmp for a process running as root? I'm sure we would be open to adjustments to our spamassassin cron script, but is that ours or did you install from upstream? We use /etc/cron.d/sa-update It sounds like you have a /etc/cron.daily/update_spamassassin script? Where did you get it? Ah, dang. My bad for not checking: rpm -qf /etc/cron.daily/update_spamassassin mailscanner-4.81.4-1.noarch I'll work with the MailScanner.info guys to get this fixed. Closing. Thank you! |