Bug 147466 - Policy for Mailman too strict about temporary files
Summary: Policy for Mailman too strict about temporary files
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
(Show other bugs)
Version: 3
Hardware: i386 Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL: http://www.mail-archive.com/mailman-u...
Depends On:
TreeView+ depends on / blocked
Reported: 2005-02-08 10:16 UTC by Alberto Barbati
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version: RHBA-2005-251
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-06-07 18:11:19 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2005:251 low SHIPPED_LIVE selinux-policy-targeted bug fix update 2005-06-09 04:00:00 UTC

Description Alberto Barbati 2005-02-08 10:16:17 UTC
Description of problem:
Mailman is not able to create temporary files when accessed through
the web interface because of a too strict SELinux policy. This fact
disallows certain features, such as importing a list a members.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Go to Mailman web interface
2. Add a few members to a list   

Actual Results:  The operation will fail with a python tracedump. The
most relevant message is the following:

IOError: [Errno 2] No usable temporary directory found in ['/tmp',
'/var/tmp', '/usr/tmp', '/usr/lib/mailman/cgi-bin']

Expected Results:  The operation should succeed without errors.

Additional info:

A quick workaround is to add these two lines to

allow mailman_cgi_t tmp_t:dir rw_dir_perms;
allow mailman_cgi_t tmp_t:file create_file_perms;

and then do a "make reload"

This bug is probably related with bug #146890.

Comment 1 Daniel Walsh 2005-02-09 15:12:18 UTC
Fixed in selinux-policy-targeted-1.17.30-2.80

Comment 2 David Juran 2005-06-01 13:04:09 UTC
I see this issue on RHEL4 with selinux-policy-targeted-1.17.30-2.52.1 and
mailman-2.1.5-33.rhel4 as well.

Comment 3 Daniel Walsh 2005-06-02 12:03:35 UTC
Please update the the u1 policy files in 

These should fix your problems.

Comment 4 David Juran 2005-06-07 12:20:22 UTC
Yes, selinux-policy-targeted-1.17.30-2.88 solves the problem (-:

Comment 5 Tim Powers 2005-06-09 13:06:17 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.