Description of problem: when selinux is in enforce mode postfix can't send external mails Version-Release number of selected component (if applicable): selinux-policy-targeted-2.3.7-2.fc5 How reproducible: try to send an mail to an external mailserver Actual results: error in selinux log file: type=AVC msg=audit(1159529886.844:813): avc: denied { read } for pid=9403 comm="smtp" name="services" dev=md1 ino=10933846 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=user_u:object_r:rpm_script_tmp_t:s0 tclass=file type=SYSCALL msg=audit(1159529886.844:813): arch=40000003 syscall=5 success=no exit=-13 a0=2bf071 a1=0 a2=1b6 a3=95be190 items=1 pid=9403 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 type=CWD msg=audit(1159529886.844:813): cwd="/var/spool/postfix" type=PATH msg=audit(1159529886.844:813): item=0 name="/etc/services" inode=10933846 dev=09:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=user_u:object_r:rpm_script_tmp_t:s0 Expected results: outgoing mail Additional info: ll -Z /etc/services: -rw-r--r-- root root user_u:object_r:rpm_script_tmp_t services
/etc/services is labeled incorrectly. Some rpm postinstall script must have editied it and the moved it from /tmp to /etc. If you have any idea what rpm program did this, I would like to know. restorecon /etc/services should fix your problem.
Yes this was it. But I can't tell you with packed was is. But I will watch it, and when I find it I call the maintainer of it with an reference to this entry. Thanks.