Bug 216063 - spamd avc's
spamd avc's
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
6
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-11-16 21:04 EST by Dave Jones
Modified: 2015-01-04 17:29 EST (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-03-08 08:52:22 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Dave Jones 2006-11-16 21:04:37 EST
# dmesg | grep spamd
audit(1163345191.669:13): avc:  denied  { name_bind } for  pid=23290
comm="spamd" src=1645 scontext=system_u:system_r:spamd_t:s0
tcontext=system_u:object_r:radius_port_t:s0 tclass=udp_socket
audit(1163347735.566:14): avc:  denied  { name_bind } for  pid=8251 comm="spamd"
src=10080 scontext=system_u:system_r:spamd_t:s0
tcontext=system_u:object_r:amanda_port_t:s0 tclass=udp_socket
audit(1163365031.247:15): avc:  denied  { name_bind } for  pid=25641
comm="spamd" src=1812 scontext=system_u:system_r:spamd_t:s0
tcontext=system_u:object_r:radius_port_t:s0 tclass=udp_socket
audit(1163403528.429:16): avc:  denied  { name_bind } for  pid=31781
comm="spamd" src=64005 scontext=system_u:system_r:spamd_t:s0
tcontext=system_u:object_r:traceroute_port_t:s0 tclass=udp_socket
audit(1163451560.191:26): avc:  denied  { name_bind } for  pid=22905
comm="spamd" src=1646 scontext=system_u:system_r:spamd_t:s0
tcontext=system_u:object_r:radacct_port_t:s0 tclass=udp_socket
audit(1163565784.717:36): avc:  denied  { name_bind } for  pid=7515 comm="spamd"
src=7004 scontext=system_u:system_r:spamd_t:s0
tcontext=system_u:object_r:afs_ka_port_t:s0 tclass=udp_socket
Comment 1 Daniel Walsh 2006-11-17 13:02:22 EST
Are you running nis?

This looks like the allow_ypbind boolean is not set?
Comment 2 Dave Jones 2006-11-20 20:46:54 EST
not running nis, or any other centralised login mechanism. just plain local user
accounts.
Comment 3 Daniel Walsh 2006-11-21 15:51:34 EST
Is spamd failing on these or just trying another port?  IE Can I dontaudit these
or do I need to allow them?
Comment 4 Dave Jones 2006-11-24 22:36:55 EST
I'm not noticing any misbehaviour from spamassassin. Ie, spam is getting picked
up and flagged accordingly, so I'd assume that these are benign.
Comment 5 Daniel Walsh 2006-11-25 05:48:00 EST
selinux-policy-2.4.5-4

Note You need to log in before you can comment on or make changes to this bug.