Bug 997710 - SELinux is preventing deliver (dovecot_deliver_t) "signull" to <Unknown> (dovecot_deliver_t).
SELinux is preventing deliver (dovecot_deliver_t) "signull" to <Unknown> (dov...
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
x86_64 Linux
medium Severity medium
: rc
: ---
Assigned To: Miroslav Grepl
Milos Malik
Depends On:
  Show dependency treegraph
Reported: 2013-08-16 00:08 EDT by jessicahu
Modified: 2014-09-15 20:29 EDT (History)
3 users (show)

See Also:
Fixed In Version: selinux-policy-2.4.6-349.el5
Doc Type: Bug Fix
Doc Text:
Due to missing rules in the SELinux policy, SELinux did not allow the dovecot_deliver_t process to send the SIGNULL signal. With this update, the SELinux rules have been modified accordingly and SELinux no longer prevents dovecot_deliver_t from sending SIGNULL.
Story Points: ---
Clone Of:
Last Closed: 2014-09-15 20:29:48 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description jessicahu 2013-08-16 00:08:36 EDT
Description of problem:

SELinux message shown as below:

SELinux is preventing deliver (dovecot_deliver_t) "signull" to <Unknown> (dovecot_deliver_t). 

Detailed Description
[SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.]
SELinux denied access requested by deliver. It is not expected that this access is required by deliver and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. 

Allowing Access
You can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package. 

Additional Information
Source Context:  root:system_r:dovecot_deliver_t
Target Context:  root:system_r:dovecot_deliver_t
Target Objects:  None [ process ]
Source:  deliver
Source Path:  /usr/libexec/dovecot/deliver
Port:  <Unknown>
Host:  (removed)
Source RPM Packages:  dovecot-1.0.7-7.el5 dovecot-1.0.7-7.el5_7.1
Target RPM Packages:  
Policy RPM:  selinux-policy-2.4.6-316.el5 selinux-policy-2.4.6-327.el5 selinux-policy-2.4.6-338.el5
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Permissive
Plugin Name:  catchall
Host Name:  (removed)
Platform:  Linux (removed) 2.6.18-308.16.1.el5xen #1 SMP Tue Oct 2 22:50:05 EDT 2012 x86_64 x86_64
Alert Count:  120
First Seen:  Tue 05 Mar 2013 04:30:55 PM CST
Last Seen:  Fri 16 Aug 2013 10:51:04 AM CST
Local ID:  278dd0ce-a957-4726-a46a-19f2601699e2
Line Numbers:  
Raw Audit Messages :
host=(removed) type=AVC msg=audit(1376621464.231:2655670): avc: denied { signull } for pid=9991 comm="deliver" scontext=root:system_r:dovecot_deliver_t:s0 tcontext=root:system_r:dovecot_deliver_t:s0 tclass=process host=(removed) type=SYSCALL msg=audit(1376621464.231:2655670): arch=c000003e syscall=62 success=yes exit=0 a0=2704 a1=0 a2=0 a3=0 items=0 ppid=9855 pid=9991 auid=0 uid=519 gid=519 euid=519 suid=519 fsuid=519 egid=519 sgid=519 fsgid=519 tty=(none) ses=27 comm="deliver" exe="/usr/libexec/dovecot/deliver" subj=root:system_r:dovecot_deliver_t:s0 key=(null) 

Distributor ID: CentOS
Description:    CentOS release 5.8 (Final)
Comment 1 RHEL Product and Program Management 2014-01-22 11:26:44 EST
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 6 errata-xmlrpc 2014-09-15 20:29:48 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.