Bug 458844 - outgoing emails are blocked with selinux in enforcing mode
outgoing emails are blocked with selinux in enforcing mode
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: rc
: ---
Assigned To: Daniel Walsh
Depends On:
  Show dependency treegraph
Reported: 2008-08-12 13:17 EDT by David Kovalsky
Modified: 2014-03-31 19:44 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-02-07 06:54:15 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
relevant parts of audit.log (2.56 KB, text/plain)
2008-08-12 13:17 EDT, David Kovalsky
no flags Details

  None (edit)
Description David Kovalsky 2008-08-12 13:17:29 EDT
Created attachment 314119 [details]
relevant parts of audit.log

Switching selinux to enforcing mode stops emails from being sent out. I hit this while testing bug 455235 (see for reproducers). 


libselinux.x86_64                        1.33.4-5.el5           installed
libselinux.i386                          1.33.4-5.el5           installed
libselinux-devel.x86_64                  1.33.4-5.el5           installed
libselinux-devel.i386                    1.33.4-5.el5           installed
libselinux-python.x86_64                 1.33.4-5.el5           installed
selinux-policy.noarch                    2.4.6-137.1.el5_2      installed
selinux-policy-devel.noarch              2.4.6-137.1.el5_2      installed
selinux-policy-mls.noarch                2.4.6-137.1.el5_2      installed
selinux-policy-strict.noarch             2.4.6-137.1.el5_2      installed
selinux-policy-targeted.noarch           2.4.6-137.1.el5_2      installed
Comment 1 Phil Knirsch 2008-12-22 08:02:10 EST
Isn't that a selinux policy problem then?
Comment 2 David Kovalsky 2008-12-22 08:19:06 EST
Yeah, selinux policy definitely. I always file the bug against the parent component with Dan Walsh CCed. Shall I do it the other way around next time?
Comment 3 Phil Knirsch 2008-12-22 08:31:14 EST
Well, if it's a change to selinux-policy component the bug needs to be assigned to that component to be included in possible erratas, so yea, i think it would be better to open it against selinux-policy and add the maintainer of the initial component as CC then. Makes sense?
Comment 4 David Kovalsky 2008-12-22 08:35:37 EST
Sure does :) Thanks for the info Phil.

Switching component to selinux-policy.
Comment 5 Daniel Walsh 2008-12-22 11:05:20 EST
Fixed in selinux-policy-2.4.6-202.el5 

This is the U3 policy.

Preview available on http://people.redhat.com/dwalsh/SELinux/RHEL5

Note You need to log in before you can comment on or make changes to this bug.