Bug 247847 - selinux complains about sendmail accessing a file in tmp every day
selinux complains about sendmail accessing a file in tmp every day
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
i686 Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2007-07-11 13:30 EDT by stanl
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-08-22 10:08:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
setroubleshoot page for this error (2.24 KB, text/plain)
2007-07-11 13:30 EDT, stanl
no flags Details

  None (edit)
Description stanl 2007-07-11 13:30:52 EDT
Description of problem:
SELinux has denied /usr/sbin/sendmail.sendmail access to potentially mislabeled
file(s) (/tmp/file6bChg8 (deleted)). This means that SELinux will not allow
/usr/sbin/sendmail.sendmail to use these files. It is common for users to edit
files in their home directory or tmp directories and then move (mv) them to
system directories. The problem is that the files end up with the wrong file
context which confined applications are not allowed to access.

Version-Release number of selected component (if applicable):
latest package in FC7

How reproducible:
Happens every day when the logwatch file is created and sent to root

Steps to Reproduce:
1.Run logwatch on FC7 using sendmail.  System set it up.
Actual results:
Running in permissive mode, so sendmail deletes the file.

Expected results:
No warning for sendmail to use temporary file.

Additional info:
Running the restorecon command recommended by setroubleshoot has no effect
because this is a temporary file.
Comment 1 stanl 2007-07-11 13:30:52 EDT
Created attachment 158977 [details]
setroubleshoot page for this error
Comment 2 Daniel Walsh 2007-07-11 15:56:53 EDT
Fixed in selinux-policy-2.6.4-27
Comment 3 Daniel Walsh 2007-08-22 10:08:37 EDT
Closing as fixes are in the current release

Note You need to log in before you can comment on or make changes to this bug.