Samenvatting:

SELinux is preventing /usr/sbin/sendmail.sendmail access to a leaked
unix_stream_socket file descriptor.

Gedetailleerde omschrijving:

[sendmail heeft een toelatend type (system_mail_t). Deze toegang was niet
verboden.]

SELinux denied access requested by the sendmail command. It looks like this is
either a leaked descriptor or sendmail output was redirected to a file it is not
allowed to access. Leaks usually can be ignored since SELinux is just closing
the leak and reporting the error. The application does not use the descriptor,
so it will run properly. If this is a redirection, you will not get output in
the unix_stream_socket. You should generate a bugzilla on selinux-policy, and it
will get routed to the appropriate package. You can safely ignore this avc.

Teogang toestaan:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385)

Additionele informatie:

Bron context                  system_u:system_r:system_mail_t:s0
Doel context                  system_u:system_r:fail2ban_t:s0
Doel objecten                 unix_stream_socket [ unix_stream_socket ]
Bron                          sendmail
Bron pad                      /usr/sbin/sendmail.sendmail
Poort                         <Onbekend>
Host                          (removed)
Bron RPM pakketten            sendmail-8.14.3-8.fc12
Doel RPM pakketten            
Gedragslijn RPM               selinux-policy-3.6.32-59.fc12
SELinux aangezet              True
Gedragslijn type              targeted
Enforcing modus               Enforcing
Pluginnaam                    leaks
Hostnaam                      (removed)
Platform                      Linux (removed) 2.6.31.9-174.fc12.i686.PAE #1 SMP Mon
                              Dec 21 06:04:56 UTC 2009 i686 i686
Aantal waarschuwingen         190
Eerst gezien op               wo 02 dec 2009 20:12:10 CET
Laatst gezien op              zo 27 dec 2009 13:17:14 CET
Locale ID                     5db4f4cb-5799-4bc5-a13d-8bbe0f8083ae
Regelnummers                  

Onbewerkte audit boodschappen 

node=(removed) type=AVC msg=audit(1261916234.914:39784): avc:  denied  { read write } for  pid=26427 comm="sendmail" path="socket:[13841]" dev=sockfs ino=13841 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=unix_stream_socket

node=(removed) type=AVC msg=audit(1261916234.914:39784): avc:  denied  { read write } for  pid=26427 comm="sendmail" path="socket:[274867]" dev=sockfs ino=274867 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=unix_dgram_socket

node=(removed) type=SYSCALL msg=audit(1261916234.914:39784): arch=40000003 syscall=11 success=yes exit=0 a0=9b7a560 a1=9b7aa90 a2=9b7a798 a3=9b7aa90 items=0 ppid=26425 pid=26427 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=51 sgid=51 fsgid=51 tty=(none) ses=4294967295 comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:system_mail_t:s0 key=(null)



Hash String generated from  selinux-policy-3.6.32-59.fc12,leaks,sendmail,system_mail_t,fail2ban_t,unix_stream_socket,read,write
audit2allow suggests:

#============= system_mail_t ==============
allow system_mail_t fail2ban_t:unix_dgram_socket { read write };
allow system_mail_t fail2ban_t:unix_stream_socket { read write };