Bug 456255 - AVC sendmail (system_mail_t) "getattr" to /var/run/sm-client.pid (sendmail_var_run_t).
Summary: AVC sendmail (system_mail_t) "getattr" to /var/run/sm-client.pid (sendmail_va...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 9
Hardware: x86_64
OS: Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-07-22 14:34 UTC by Phil Moors
Modified: 2008-11-17 22:05 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-11-17 22:05:12 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
First of 2 avc troubleshooter logs. (2.87 KB, text/plain)
2008-07-22 14:34 UTC, Phil Moors
no flags Details
2nd troubleshooter log (2.49 KB, text/plain)
2008-07-22 14:36 UTC, Phil Moors
no flags Details

Description Phil Moors 2008-07-22 14:34:55 UTC
Description of problem:

I find that, in the morning, sendmail no longer is sending mail. This has been
happening for, I believe, through the last 3 targeted policy updates. The error
pops up at 4:04:25, right after the cron.daily tasks have run. The 'mailq'
command shows no messages in the queue. However, doing an 'ls' on
/var/spool/clientmqueue shows mail waiting for transport. This results in a
silent failure of mail delivery.

Doing a /etc/init.d/sendmail restart gets the mail moving for another day.

Performing the 'restorecon' operations indicated by the troubleshooter does not
make any changes in the security contexts of the files indicated. The process
15057 indicated in the log is the 'sendmail: Queue runner' process.

I'm guessing that one of the cron.daily jobs may be the real culprit.


Version-Release number of selected component (if applicable):
selinux-policy-3.3.1-78.fc9.noarch
selinux-policy-targeted-3.3.1-78.fc9.noarch
sendmail-8.14.2-4.fc9.x86_64

How reproducible:
Occurs nightly.

Steps to Reproduce:
1. Check /var/spool/clientmqueue in the morning.
2.
3.
  
Actual results:
Mail is piling up.

Expected results:
Mail should be delivered.

Additional info:

Comment 1 Phil Moors 2008-07-22 14:34:55 UTC
Created attachment 312350 [details]
First of 2 avc troubleshooter logs.

Comment 2 Phil Moors 2008-07-22 14:36:53 UTC
Created attachment 312351 [details]
2nd troubleshooter log

Comment 3 Daniel Walsh 2008-07-24 11:33:33 UTC
The problem seems to be cron does a restart of sendmail and this does not
transition properly.

Fixed in selinux-policy-3.3.1-80.fc9.noarch

Comment 4 Daniel Walsh 2008-11-17 22:05:12 UTC
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.


Note You need to log in before you can comment on or make changes to this bug.