Bug 151550 - avc: denial while trying to create a new list via the web interface
Summary: avc: denial while trying to create a new list via the web interface
Status: CLOSED DUPLICATE of bug 146890
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: selinux-policy-targeted   
(Show other bugs)
Version: 4.0
Hardware: All
OS: Linux
Target Milestone: ---
: ---
Assignee: Daniel Walsh
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2005-03-19 06:50 UTC by Ben Levenson
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-03-19 17:11:36 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Ben Levenson 2005-03-19 06:50:23 UTC
Description of problem:
audit(1111187682.841:0): avc:  denied  { create } for  pid=11305
exe=/usr/bin/python name=before-upgrade-web.mbox
scontext=root:system_r:mailman_cgi_t tcontext=root:object_r:mailman_archive_t

adding this to local.te fixes it:
allow mailman_cgi_t mailman_archive_t:dir create;

Version-Release number of selected component (if applicable):

Steps to Reproduce:
1. follow the INSTALL.REDHAT directions provided with mailman
2. after setup is complete, try to create a list via the web interface
3. you'll get the traceback below, and the avc denail above
Actual results:
resulting python traceback:
Traceback (most recent call last):
  File "/usr/lib/mailman/scripts/driver", line 87, in run_main
  File "/usr/lib/mailman/Mailman/Cgi/create.py", line 55, in main
    process_request(doc, cgidata)
  File "/usr/lib/mailman/Mailman/Cgi/create.py", line 187, in process_request
    mlist.Create(listname, owner, pw, langs, emailhost)
  File "/usr/lib/mailman/Mailman/MailList.py", line 457, in Create
    self.InitVars(name, admin, crypted_password)
  File "/usr/lib/mailman/Mailman/MailList.py", line 372, in InitVars
  File "/usr/lib/mailman/Mailman/Archiver/Archiver.py", line 95, in InitVars
    os.mkdir(self.archive_dir()+'.mbox', 02775)
OSError: [Errno 13] Permission denied:

Additional info:
Creating a new list from the command line works as expected.

Comment 1 Daniel Walsh 2005-03-19 06:58:28 UTC
Please try the policy in 

ftp://people.redhat.com/dwalsh/RHEL4/(selinux_policy_targeted* and policycoreutils)

These will be in U1.

Comment 2 Daniel Walsh 2005-03-19 07:02:10 UTC
Make that

Comment 3 Ben Levenson 2005-03-19 17:11:36 UTC
The problem goes away with the U1 packages.
duping against bug 146890.

*** This bug has been marked as a duplicate of 146890 ***

Note You need to log in before you can comment on or make changes to this bug.