Description of problem: I got the following AVC denial when the epylog cron job ran. It looks like the epylog + sendmail combination isn't allowed to do some things. I don't know which component to file this under. host=localhost.localdomain type=AVC msg=audit(1207616073.200:35): avc: denied { write } for pid=3846 comm="sendmail" path="/var/tmp/tmp8UeDK2EPYLOG/tmpXornfoFILT" dev=dm-0 ino=8126713 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:object_r:system_crond_tmp_t:s0 tclass=file host=localhost.localdomain type=AVC msg=audit(1207616073.200:35): avc: denied { read } for pid=3846 comm="sendmail" path="/var/log/messages" dev=dm-0 ino=8061240 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1207616073.200:35): arch=40000003 syscall=11 success=yes exit=0 a0=81fa188 a1=81fa210 a2=81f9748 a3=40 items=0 ppid=3770 pid=3846 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=51 sgid=51 fsgid=51 tty=(none) comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:system_mail_t:s0 key=(null) Version-Release number of selected component (if applicable): selinux-policy-3.0.8-95.fc8 How reproducible: I've only seen it once. Steps to Reproduce: 1. Install epylog 2. Wait for the cron job to run Actual results: An AVC denial Expected results: Mail with the log entries is sent Additional info: SELinux is in permissive mode on the machine where this occurred.
Are you saying that mail does not get sent? Or just that you see this AVC message?
SELinux is in permissive mode on that machine; I have no idea what would have happened had it been in enforcing mode. I just saw the AVC message.
I would figure it would work. Anyways this should be fixed in selinux-policy-3.0.8-98.fc8