Red Hat Bugzilla – Bug 431240
Postfix default SELinux policy generates SE alerts.
Last modified: 2008-05-21 12:06:49 EDT
Description of problem:
I get these two se alerts when postfix is started.
SELinux is preventing /usr/libexec/postfix/pickup (postfix_pickup_t) "create" to
SELinux is preventing /usr/libexec/postfix/qmgr (postfix_qmgr_t) "create" to
Version-Release number of selected component (if applicable):
5.0 and 5.1 / i386 and x86_64
Everytime the postfix service is started.
Steps to Reproduce:
1. Install postfix from distribution sources or rhn( either during the
installation or later with yum/rpm )
2. Start the service
Service starts but generates the SELinux policy errors described above.
Please attach the avc messages from /var/log/audit/audit.log
Also please try out the U2 policy, preview available on
I believe this is fixed in the U2 policy.
Fixed in selinux-policy-2.4.6-124.el5
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
Michael, could you please try the latest policy and reply whether it works for
you? In case you still get alerts, please post the AVC messages. Thank you.
Latest packages are available here:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.