Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 458844

Summary: outgoing emails are blocked with selinux in enforcing mode
Product: Red Hat Enterprise Linux 5 Reporter: David Kovalsky <dkovalsk>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact: BaseOS QE <qe-baseos-auto>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.2CC: benl, dkovalsk, dwalsh, mmalik, pknirsch
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-02-07 11:54:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
relevant parts of audit.log none

Description David Kovalsky 2008-08-12 17:17:29 UTC 
Created attachment 314119 [details]
relevant parts of audit.log

Switching selinux to enforcing mode stops emails from being sent out. I hit this while testing bug 455235 (see for reproducers). 

hpijs-1.6.7-4.1.el5_0.3
hplip-1.6.7-4.1.el5_0.3
hplip-debuginfo-1.6.7-4.1.el5_0.3
libsane-hpaio-1.6.7-4.1.el5_0.3

libselinux.x86_64                        1.33.4-5.el5           installed
libselinux.i386                          1.33.4-5.el5           installed
libselinux-devel.x86_64                  1.33.4-5.el5           installed
libselinux-devel.i386                    1.33.4-5.el5           installed
libselinux-python.x86_64                 1.33.4-5.el5           installed
selinux-policy.noarch                    2.4.6-137.1.el5_2      installed
selinux-policy-devel.noarch              2.4.6-137.1.el5_2      installed
selinux-policy-mls.noarch                2.4.6-137.1.el5_2      installed
selinux-policy-strict.noarch             2.4.6-137.1.el5_2      installed
selinux-policy-targeted.noarch           2.4.6-137.1.el5_2      installed
Comment 1 Phil Knirsch 2008-12-22 13:02:10 UTC 
Isn't that a selinux policy problem then?
Comment 2 David Kovalsky 2008-12-22 13:19:06 UTC 
Yeah, selinux policy definitely. I always file the bug against the parent component with Dan Walsh CCed. Shall I do it the other way around next time?
Comment 3 Phil Knirsch 2008-12-22 13:31:14 UTC 
Well, if it's a change to selinux-policy component the bug needs to be assigned to that component to be included in possible erratas, so yea, i think it would be better to open it against selinux-policy and add the maintainer of the initial component as CC then. Makes sense?
Comment 4 David Kovalsky 2008-12-22 13:35:37 UTC 
Sure does :) Thanks for the info Phil.

Switching component to selinux-policy.
Comment 5 Daniel Walsh 2008-12-22 16:05:20 UTC 
Fixed in selinux-policy-2.4.6-202.el5 

This is the U3 policy.

Preview available on http://people.redhat.com/dwalsh/SELinux/RHEL5