Hide Forgot
I apologize that I haven't investigated this to my usual high standards; let me know if you need more details. The following: rlpowell@stodi> mail robin <<EOF heredoc> aoeuaoeu heredoc> aoeuoe heredoc> EOF as a staff_t user or a user_t user, causes the following AVC: type=AVC msg=audit(02/02/2012 22:38:29.827:4019338) : avc: denied { read } for pid=32345 comm=sendmail path=/tmp/RsEewohS (deleted) dev=vda2 ino=135919 scontext=staff_u:staff_r:exim_t:s0 tcontext=staff_u:object_r:user_mail_tmp_t:s0 tclass=file -Robin
Could you add me full AVC msg? I am interested in syscall and success fields. # ausearch -m avc |grep exim_t Thank you.
I think this is the right avcs: type=SYSCALL msg=audit(1328250736.935:4019215): arch=c000003e syscall=59 success=yes exit=0 a0=451bd0 a1=1b7b470 a2=7fff23fa7520 a3=8 items=3 ppid=1 pid=32166 auid=1001 uid=1001 gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 tty=pts11 ses=43628 comm="sendmail" exe="/usr/sbin/exim" subj=staff_u:staff_r:exim_t:s0 key="64bit_execs" type=AVC msg=audit(1328250736.935:4019215): avc: denied { read } for pid=32166 comm="sendmail" path=2F746D702F527352466637554B202864656C6574656429 dev=vda2 ino=131491 scontext=staff_u:staff_r:exim_t:s0 tcontext=staff_u:object_r:user_mail_tmp_t:s0 tclass=file type=SYSCALL msg=audit(1328250777.514:4019239): arch=c000003e syscall=59 success=yes exit=0 a0=451bd0 a1=21c7470 a2=7fff44573f80 a3=8 items=3 ppid=1 pid=32207 auid=1000 uid=1000 gid=1000 euid=0 suid=0 fsuid=0 egid=1000 sgid=1000 fsgid=1000 tty=pts6 ses=28614 comm="sendmail" exe="/usr/sbin/exim" subj=staff_u:staff_r:exim_t:s0 key="64bit_execs" type=AVC msg=audit(1328250777.514:4019239): avc: denied { read } for pid=32207 comm="sendmail" path=2F746D702F5273673731435147202864656C6574656429 dev=vda2 ino=131497 scontext=staff_u:staff_r:exim_t:s0 tcontext=staff_u:object_r:user_mail_tmp_t:s0 tclass=file type=SYSCALL msg=audit(1328251109.827:4019338): arch=c000003e syscall=59 success=yes exit=0 a0=451bd0 a1=19fd430 a2=7fff890d0f00 a3=8 items=3 ppid=1 pid=32345 auid=1000 uid=1000 gid=1000 euid=0 suid=0 fsuid=0 egid=1000 sgid=1000 fsgid=1000 tty=pts6 ses=28614 comm="sendmail" exe="/usr/sbin/exim" subj=staff_u:staff_r:exim_t:s0 key="64bit_execs" type=AVC msg=audit(1328251109.827:4019338): avc: denied { read } for pid=32345 comm="sendmail" path=2F746D702F52734565776F6853202864656C6574656429 dev=vda2 ino=135919 scontext=staff_u:staff_r:exim_t:s0 tcontext=staff_u:object_r:user_mail_tmp_t:s0 tclass=file -Robin
We allow sendmail_t to read all tmpfile so I guess we should for this domain also.
This message is a notice that Fedora 15 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 15. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At this time, all open bugs with a Fedora 'version' of '15' have been closed as WONTFIX. (Please note: Our normal process is to give advanced warning of this occurring, but we forgot to do that. A thousand apologies.) Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, feel free to reopen this bug and simply change the 'version' to a later Fedora version. Bug Reporter: Thank you for reporting this issue and we are sorry that we were unable to fix it before Fedora 15 reached end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" (top right of this page) and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping