First Last Prev Next    This bug is not in your last search results.
Bug 452571 - SELinux is preventing the spamc from using potentially mislabeled files (/home/davej/Mail/procmail.log).
SELinux is preventing the spamc from using potentially mislabeled files (/hom...
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
9
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-06-23 15:45 EDT by Dave Jones
Modified: 2015-01-04 17:30 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-11-17 17:04:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Dave Jones 2008-06-23 15:45:18 EDT 
my procmailrc has this..

LOGFILE=$HOME/Mail/procmail.log

# a spam assassin invocation
:0fw
* < 256000
| /usr/bin/spamc

This causes..

host=gelk type=AVC msg=audit(1214248091.620:1740): avc: denied { append } for
pid=23143 comm="spamc" path="/home/davej/Mail/procmail.log" dev=md0 ino=58917117
scontext=system_u:system_r:spamc_t:s0
tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file host=gelk type=SYSCALL
msg=audit(1214248091.620:1740): arch=c000003e syscall=59 success=yes exit=0
a0=16ae310 a1=16b0050 a2=16b0140 a3=8 items=0 ppid=23142 pid=23143
auid=4294967295 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500
fsgid=500 tty=(none) ses=4294967295 comm="spamc" exe="/usr/bin/spamc"
subj=system_u:system_r:spamc_t:s0 key=(null)
Comment 1 Daniel Walsh 2008-06-24 05:59:13 EDT 
# audit2allow -M mypol -l -i /var/log/audit/audit.log
# semodule -i mypol.pp

Fixed in selinux-policy-3.3.1-71.fc9.noarch
Comment 2 Daniel Walsh 2008-11-17 17:04:45 EST 
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.