Bug 442207 - SELinux is preventing sendmail (sendmail_t) "getattr" to /var/spool/MIMEDefang/mimedefang.sock (var_spool_t).
Summary: SELinux is preventing sendmail (sendmail_t) "getattr" to /var/spool/MIMEDefa...
Keywords:
Status: CLOSED DUPLICATE of bug 442209
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 8
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-04-12 19:03 UTC by Bruce M. Kantor
Modified: 2008-05-02 19:57 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-05-02 19:57:16 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Bruce M. Kantor 2008-04-12 19:03:54 UTC 
Description of problem:

mimedefang 2.64
sendmail 8.14.2

SELinux is preventing sendmail (sendmail_t) "getattr" to
/var/spool/MIMEDefang/mimedefang.sock (var_spool_t).

Detailed Description:

SELinux denied access requested by sendmail. It is not expected that this access
is required by sendmail and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.

Additional Information:

Source Context                system_u:system_r:sendmail_t:s0
Target Context                system_u:object_r:var_spool_t:s0
Target Objects                /var/spool/MIMEDefang/mimedefang.sock [ sock_file
                              ]
Source                        newaliases
Source Path                   /usr/sbin/sendmail.sendmail
Port                          <Unknown>
Host                          fedora1.kantors.net
Source RPM Packages           sendmail-8.14.2-1.fc8
Target RPM Packages           
Policy RPM                    selinux-policy-3.0.8-95.fc8
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall_file
Host Name                     fedora1.kantors.net
Platform                      Linux fedora1.kantors.net 2.6.24.4-64.fc8 #1 SMP
                              Sat Mar 29 09:54:46 EDT 2008 i686 i686
Alert Count                   22
First Seen                    Sat 12 Apr 2008 12:36:36 PM EDT
Last Seen                     Sat 12 Apr 2008 01:48:12 PM EDT
Local ID                      7977b54a-ef5b-43b0-a5fa-ab49e1361a7f
Line Numbers                  

Raw Audit Messages            

host=fedora1.kantors.net type=AVC msg=audit(1208022492.418:22): avc:  denied  {
getattr } for  pid=2685 comm="sendmail"
path="/var/spool/MIMEDefang/mimedefang.sock" dev=dm-0 ino=4751382
scontext=system_u:system_r:sendmail_t:s0
tcontext=system_u:object_r:var_spool_t:s0 tclass=sock_file

host=fedora1.kantors.net type=SYSCALL msg=audit(1208022492.418:22):
arch=40000003 syscall=196 success=no exit=-13 a0=bfc45da8 a1=bfc45c40 a2=608ff4
a3=3 items=0 ppid=2684 pid=2685 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=51 sgid=51 fsgid=51 tty=(none) comm="sendmail"
exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:sendmail_t:s0 key=(null)
Comment 1 Robert Scheck 2008-04-12 21:15:34 UTC 
Reassigning to selinux-policy, as it has to be fixed there. Daniel, are you
able to take care about it? It is a mimedefang specific thing which is not yet
handled in the policy.
Comment 2 Daniel Walsh 2008-05-02 19:57:16 UTC 

*** This bug has been marked as a duplicate of 442209 ***
Note You need to log in before you can comment on or make changes to this bug.