Red Hat Bugzilla – Bug 997710
SELinux is preventing deliver (dovecot_deliver_t) "signull" to <Unknown> (dovecot_deliver_t).
Last modified: 2014-09-15 20:29:48 EDT
Description of problem: SELinux message shown as below: Summary SELinux is preventing deliver (dovecot_deliver_t) "signull" to <Unknown> (dovecot_deliver_t). Detailed Description [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by deliver. It is not expected that this access is required by deliver and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package. Additional Information Source Context: root:system_r:dovecot_deliver_t Target Context: root:system_r:dovecot_deliver_t Target Objects: None [ process ] Source: deliver Source Path: /usr/libexec/dovecot/deliver Port: <Unknown> Host: (removed) Source RPM Packages: dovecot-1.0.7-7.el5 dovecot-1.0.7-7.el5_7.1 Target RPM Packages: Policy RPM: selinux-policy-2.4.6-316.el5 selinux-policy-2.4.6-327.el5 selinux-policy-2.4.6-338.el5 Selinux Enabled: True Policy Type: targeted MLS Enabled: True Enforcing Mode: Permissive Plugin Name: catchall Host Name: (removed) Platform: Linux (removed) 2.6.18-308.16.1.el5xen #1 SMP Tue Oct 2 22:50:05 EDT 2012 x86_64 x86_64 Alert Count: 120 First Seen: Tue 05 Mar 2013 04:30:55 PM CST Last Seen: Fri 16 Aug 2013 10:51:04 AM CST Local ID: 278dd0ce-a957-4726-a46a-19f2601699e2 Line Numbers: Raw Audit Messages : host=(removed) type=AVC msg=audit(1376621464.231:2655670): avc: denied { signull } for pid=9991 comm="deliver" scontext=root:system_r:dovecot_deliver_t:s0 tcontext=root:system_r:dovecot_deliver_t:s0 tclass=process host=(removed) type=SYSCALL msg=audit(1376621464.231:2655670): arch=c000003e syscall=62 success=yes exit=0 a0=2704 a1=0 a2=0 a3=0 items=0 ppid=9855 pid=9991 auid=0 uid=519 gid=519 euid=519 suid=519 fsuid=519 egid=519 sgid=519 fsgid=519 tty=(none) ses=27 comm="deliver" exe="/usr/libexec/dovecot/deliver" subj=root:system_r:dovecot_deliver_t:s0 key=(null) Distributor ID: CentOS Description: CentOS release 5.8 (Final)
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1205.html