Bug 439836 - SELinux is preventing sh (procmail_t) "ioctl" to /usr/bin/spamc (spamc_exec_t).
Summary: SELinux is preventing sh (procmail_t) "ioctl" to /usr/bin/spamc (spamc_exec_t).
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-31 17:15 UTC by Dave Jones
Modified: 2015-01-04 22:30 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-04-01 05:57:00 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Dave Jones 2008-03-31 17:15:17 UTC
not sure what to make of this.

host=gelk type=AVC msg=audit(1206954096.938:326): avc: denied { ioctl } for
pid=15415 comm="sh" path="/usr/bin/spamc" dev=md0 ino=30782362
scontext=system_u:system_r:procmail_t:s0-s0:c0.c1023
tcontext=system_u:object_r:spamc_exec_t:s0 tclass=file host=gelk type=SYSCALL
msg=audit(1206954096.938:326): arch=c000003e syscall=16 success=no exit=-13 a0=3
a1=5401 a2=7fff6be0e710 a3=3ec416da10 items=0 ppid=15414 pid=15415 auid=500
uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500
tty=(none) ses=58 comm="sh" exe="/bin/bash"
subj=system_u:system_r:procmail_t:s0-s0:c0.c1023 key=(null) 

This happened three times.  All my usual mail doesn't trigger it, so I'm
wondering if it's just something special about the mail that cron.daily sent.
My .procmailrc is fairly benign, just a spamc invocation and filtering into
folders, so I'm not sure where the ioctl comes in.

Comment 1 Daniel Walsh 2008-04-01 05:57:00 UTC
I have no idea but I will add the ability for domtrans pattern to ioctl

Fixed in selinux-policy-3.3.27.fc9


Note You need to log in before you can comment on or make changes to this bug.