Bug 556666 - SELinux is preventing postfix from functioning correctly
Summary: SELinux is preventing postfix from functioning correctly
Keywords:
Status: CLOSED DUPLICATE of bug 553492
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy
Version: 5.4
Hardware: All
OS: Linux
low
high
Target Milestone: rc
: ---
Assignee: Daniel Walsh
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-01-19 01:21 UTC by Dimi Paun
Modified: 2012-10-15 14:46 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-01-19 13:11:21 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Dimi Paun 2010-01-19 01:21:23 UTC 
Description of problem:
When a server side process is trying to send an email (such as the cvs server, logwatch, etc), that fails with the following error:

sendmail: warning: premature end-of-input on /usr/sbin/postdrop -r while reading input attribute name
sendmail: fatal: root(0): unable to execute /usr/sbin/postdrop -r: Success

Please note that there are no errors/avc messages logged anywhere when that happens! However, "setenforce 0" fixes the problem.

This used to work just fine until Jan 12, when I did a system update and rebooted the box. The following packages where updated at that time:

Jan 12 13:03:38 Updated: selinux-policy-2.4.6-255.el5_4.3.noarch
Jan 12 13:03:40 Updated: perl-Archive-Tar-1.54-1.el5.rf.noarch
Jan 12 13:03:42 Updated: perl-Archive-Zip-1.30-1.el5.rf.noarch
Jan 12 13:04:08 Updated: selinux-policy-targeted-2.4.6-255.el5_4.3.noarch
Jan 12 13:04:51 Installed: kernel-2.6.18-164.10.1.el5.i686
Jan 12 13:05:01 Updated: kernel-headers-2.6.18-164.10.1.el5.i386
Jan 12 13:05:14 Updated: tzdata-2009u-1.el5.noarch
Jan 12 13:05:43 Installed: kernel-PAE-2.6.18-164.10.1.el5.i686
Jan 12 13:05:58 Updated: ruby-libs-1.8.5-5.el5_4.8.i386
Jan 12 13:06:02 Updated: ruby-1.8.5-5.el5_4.8.i386
Jan 12 13:06:06 Updated: xorg-x11-server-Xorg-1.1.1-48.67.el5_4.1.i386
Jan 12 13:06:09 Updated: perl-BerkeleyDB-0.40-1.el5.rf.i386
Jan 12 13:06:10 Installed: libdbi-0.8.1-2.1.i386
Jan 12 13:06:19 Updated: mysql-5.0.77-4.el5_4.1.i386
Jan 12 13:06:20 Updated: acpid-1.0.4-9.el5_4.2.i386
Jan 12 13:06:23 Updated: 4:vixie-cron-4.1-77.el5_4.1.i386
Jan 12 13:06:24 Updated: perl-Digest-SHA-5.48-1.el5.rf.i386
Jan 12 13:06:26 Updated: dbus-libs-1.1.2-12.el5_4.1.i386
Jan 12 13:06:28 Updated: rrdtool-1.4.2-1.el5.rf.i386
Jan 12 13:06:30 Updated: perl-rrdtool-1.4.2-1.el5.rf.i386
Jan 12 13:06:32 Updated: dbus-1.1.2-12.el5_4.1.i386

It would appear that version 2.4.6 of selinux-policy causes this problem.
Comment 1 Daniel Walsh 2010-01-19 13:11:21 UTC 
I believe you are having the same problem as 553492,  Please reopen if this is not the case.

You can try the selinux policy package on 

http://people.redhat.com/dwalsh/SELinux/RHEL5

Which should fix your problem.

*** This bug has been marked as a duplicate of bug 553492 ***
Comment 2 Dimi Paun 2010-01-19 14:55:09 UTC 
Yes, that seems to be the problem.
Note You need to log in before you can comment on or make changes to this bug.