# dmesg | grep spamd audit(1163345191.669:13): avc: denied { name_bind } for pid=23290 comm="spamd" src=1645 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:radius_port_t:s0 tclass=udp_socket audit(1163347735.566:14): avc: denied { name_bind } for pid=8251 comm="spamd" src=10080 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:amanda_port_t:s0 tclass=udp_socket audit(1163365031.247:15): avc: denied { name_bind } for pid=25641 comm="spamd" src=1812 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:radius_port_t:s0 tclass=udp_socket audit(1163403528.429:16): avc: denied { name_bind } for pid=31781 comm="spamd" src=64005 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:traceroute_port_t:s0 tclass=udp_socket audit(1163451560.191:26): avc: denied { name_bind } for pid=22905 comm="spamd" src=1646 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:radacct_port_t:s0 tclass=udp_socket audit(1163565784.717:36): avc: denied { name_bind } for pid=7515 comm="spamd" src=7004 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:afs_ka_port_t:s0 tclass=udp_socket
Are you running nis? This looks like the allow_ypbind boolean is not set?
not running nis, or any other centralised login mechanism. just plain local user accounts.
Is spamd failing on these or just trying another port? IE Can I dontaudit these or do I need to allow them?
I'm not noticing any misbehaviour from spamassassin. Ie, spam is getting picked up and flagged accordingly, so I'd assume that these are benign.
selinux-policy-2.4.5-4