this bug still exists in selinux-policy-targeted-2.4.6-163.el5: # audit2allow -i /var/log/audit/audit.log #============= postfix_postdrop_t ============== allow postfix_postdrop_t sendmail_t:unix_stream_socket getattr; --------------------------------------------- type=AVC msg=audit(1223863321.803:4945): avc: denied { getattr } for pid=21205 comm="postdrop" path="socket:[5532294]" dev=sockfs ino=5532294 scontext=user _u:system_r:postfix_postdrop_t:s0 tcontext=user_u:system_r:sendmail_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1223863321.803:4945): arch=c000003e syscall=5 success=no exit=-13 a0=0 a1=7fff16012cd0 a2=7fff16012cd0 a3=0 items=0 ppid=21198 pid=2120 5 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=90 sgid=90 fsgid=90 tty=(none) ses=475 comm="postdrop" exe="/usr/sbin/postdrop" subj=user_u:system_r:postfix_p ostdrop_t:s0 key=(null) type=AVC msg=audit(1223863321.803:4946): avc: denied { getattr } for pid=21205 comm="postdrop" path="socket:[5532294]" dev=sockfs ino=5532294 scontext=user _u:system_r:postfix_postdrop_t:s0 tcontext=user_u:system_r:sendmail_t:s0 tclass=unix_stream_socket ---------------------------------------------
Fixed in selinux-policy-2.4.6-166.el5
and where is it?
http://people.redhat.com/dwalsh/SELinux/RHEL5
but just now:-) and still some strange output: Updating : selinux-policy ######################### [1/6] Updating : selinux-policy-devel ######################### [2/6] Syntax error on line 1 ; [type=SEMI] Updating : selinux-policy-targeted ######################### [3/6]
You can ignore that error it will be fixed in 167, the policy should work properly.
please close this bug
ping?
Yes?
would you close this bug? it's fixed a long ago!
VERIFIED is the same as closed from our point of view. I believe I am not supposed to close RHEL5 bugs.
imho only the owner (and some rh administer) can close a bug (ie. i can't). all of my other bug is closed as nextrelease (in this case current release). so you can do it.
anybody can close this bug???
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).