Bug 441435 - AVC denial from epylog + sendmail
AVC denial from epylog + sendmail
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-07 23:15 EDT by Jerry James
Modified: 2008-05-02 16:11 EDT (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-02 16:11:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jerry James 2008-04-07 23:15:48 EDT
Description of problem:
I got the following AVC denial when the epylog cron job ran.  It looks like the
epylog + sendmail combination isn't allowed to do some things.  I don't know
which component to file this under.

host=localhost.localdomain type=AVC msg=audit(1207616073.200:35): avc: denied {
write } for pid=3846 comm="sendmail"
path="/var/tmp/tmp8UeDK2EPYLOG/tmpXornfoFILT" dev=dm-0 ino=8126713
scontext=system_u:system_r:system_mail_t:s0
tcontext=system_u:object_r:system_crond_tmp_t:s0 tclass=file

host=localhost.localdomain type=AVC msg=audit(1207616073.200:35): avc: denied {
read } for pid=3846 comm="sendmail" path="/var/log/messages" dev=dm-0
ino=8061240 scontext=system_u:system_r:system_mail_t:s0
tcontext=system_u:object_r:var_log_t:s0 tclass=file

host=localhost.localdomain type=SYSCALL msg=audit(1207616073.200:35):
arch=40000003 syscall=11 success=yes exit=0 a0=81fa188 a1=81fa210 a2=81f9748
a3=40 items=0 ppid=3770 pid=3846 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=51 sgid=51 fsgid=51 tty=(none) comm="sendmail"
exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:system_mail_t:s0
key=(null) 

Version-Release number of selected component (if applicable):
selinux-policy-3.0.8-95.fc8

How reproducible:
I've only seen it once.

Steps to Reproduce:
1. Install epylog
2. Wait for the cron job to run
  
Actual results:
An AVC denial

Expected results:
Mail with the log entries is sent

Additional info:
SELinux is in permissive mode on the machine where this occurred.
Comment 1 Daniel Walsh 2008-04-08 10:12:19 EDT
Are you saying that mail does not get sent?  Or just that you see this AVC message?
Comment 2 Jerry James 2008-04-09 10:26:15 EDT
SELinux is in permissive mode on that machine; I have no idea what would have
happened had it been in enforcing mode.  I just saw the AVC message.
Comment 3 Daniel Walsh 2008-04-09 13:31:23 EDT
I would figure it would work.

Anyways this should be fixed in selinux-policy-3.0.8-98.fc8

Note You need to log in before you can comment on or make changes to this bug.