Red Hat Bugzilla – Bug 620271
SELinux is preventing /usr/bin/perl "search" access on /var/spool/postfix.
Last modified: 2010-08-23 14:03:39 EDT
Souhrn: SELinux is preventing /usr/bin/perl "search" access on /var/spool/postfix. Podrobný popis: [spamd je v toleratním režimu (spamd_t). Přístup byl povolen.] SELinux denied access requested by spamd. It is not expected that this access is required by spamd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Povolení přístupu: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Další informace: Kontext zdroje staff_u:system_r:spamd_t:s0 Kontext cíle system_u:object_r:postfix_spool_t:s0 Objekty cíle /var/spool/postfix [ dir ] Zdroj spamd Cesta zdroje /usr/bin/perl Port <Neznámé> Počítač (removed) RPM balíčky zdroje perl-5.10.1-115.el6 RPM balíčky cíle postfix-2.6.6-2.el6 RPM politiky selinux-policy-3.7.19-34.el6 Selinux povolen True Typ politiky targeted Vynucovací režim Enforcing Název zásuvného modulu catchall Název počítače (removed) Platforma Linux johanka.ceplovi.cz 2.6.32-52.el6.x86_64 #1 SMP Wed Jul 21 11:50:07 EDT 2010 x86_64 x86_64 Počet upozornění 1 Poprvé viděno Po 2. srpen 2010, 00:41:29 CEST Naposledy viděno Po 2. srpen 2010, 00:41:29 CEST Místní ID e8e6b76d-39b3-46d6-bb7c-f21b1c63fdfe Čísla řádků Původní zprávy auditu node=johanka.ceplovi.cz type=AVC msg=audit(1280702489.817:10984): avc: denied { search } for pid=26927 comm="spamd" name="postfix" dev=dm-1 ino=131481 scontext=staff_u:system_r:spamd_t:s0 tcontext=system_u:object_r:postfix_spool_t:s0 tclass=dir node=johanka.ceplovi.cz type=SYSCALL msg=audit(1280702489.817:10984): arch=c000003e syscall=4 success=yes exit=73014444160 a0=15e6fd0 a1=15a3130 a2=15a3130 a3=28 items=0 ppid=26926 pid=26927 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=378 comm="spamd" exe="/usr/bin/perl" subj=staff_u:system_r:spamd_t:s0 key=(null)
This issue has been proposed when we are only considering blocker issues in the current Red Hat Enterprise Linux release. ** If you would still like this issue considered for the current release, ask your support representative to file as a blocker on your behalf. Otherwise ask that it be considered for the next Red Hat Enterprise Linux release. **
Should spamd be able to read the contents of /var/spool/postfix?
Thank you for your bug report. This issue was evaluated for inclusion in the current release of Red Hat Enterprise Linux. Unfortunately, we are unable to address this request in the current release. Because we are in the final stage of Red Hat Enterprise Linux 6 development, only significant, release-blocking issues involving serious regressions and data corruption can be considered. If you believe this issue meets the release blocking criteria as defined and communicated to you by your Red Hat Support representative, please ask your representative to file this issue as a blocker for the current release. Otherwise, ask that it be evaluated for inclusion in the next minor release of Red Hat Enterprise Linux.
I never got a response on this?
(In reply to comment #5) > I never got a response on this? I hope you won't expect it form me. Besides having no clue about Perl and Spamassassin I have also switched back to Fedora 14 and Thunderbird, so I am now reporter AWOL. Hopefully, Matthew will have more to say.