Bug 180107 - spamd blocked from using Razor checks
spamd blocked from using Razor checks
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
4
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-05 15:37 EST by Markku Kolkka
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: 1.27.1-2.21
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-08 10:11:11 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Markku Kolkka 2006-02-05 15:37:42 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; fi-FI; rv:1.7.12) Gecko/20060202 Fedora/1.0.7-1.2.fc4 Firefox/1.0.7

Description of problem:
I have perl-Razor-Agent-2.77-2.fc4 from Fedora Extras installed and I use spamd/spamc for mail filtering. Every incoming mail checked by spamassassin leaves avc: denied messages in the log, and spam messages don't have Razor check results in the headers. Manually checking messages by razor-check works correctly.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.27.1-2.18

How reproducible:
Always

Steps to Reproduce:
1. Install spamassassin and perl-Razor-Agent
2. chkconfig spamassassin on
3. filter mail through spamc
  

Actual Results:  Log messages:
Feb  5 22:12:45 nightshade kernel: audit(1139170365.443:231): avc:  denied  { name_connect } for  pid=2280 comm="spamd" dest=2703 scontext=system_u:system_r:spamd_t tcontext=system_u:object_r:razor_port_t tclass=tcp_socket


Expected Results:  spam messages get checked against the Razor database.

Additional info:
Comment 1 Markku Kolkka 2006-02-08 05:56:24 EST
selinux-policy-targeted-1.27.1-2.21 fixes the problem

Note You need to log in before you can comment on or make changes to this bug.