Selinux issue
M. Lewis
_fedoralist_ at cajuninc.com
Sun Sep 25 01:15:45 UTC 2005
Alexander Dalloz wrote:
> Am So, den 25.09.2005 schrieb Craig White um 1:13:
>
>
>>>>>type=AVC msg=audit(1127594745.645:394): avc: denied { name_bind } for
>>>>> pid=4155 comm="master" src=10025
>>>>>scontext=root:system_r:postfix_master_t
>>>>>tcontext=system_u:object_r:amavisd_send_port_t tclass=tcp_socket
>
>
>>My version of Postfix (admittedly CentOS 4) doesn't have those files
>>which means that there is no context to restore because they weren't
>>part of the default definitions. Is this fedora version of Postfix? Did
>>you create those files? If so, you would have to set the contexts
>>yourself...
>>
>>This is what I use as my bible for SELinux...
>>
>>http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-
>>guide/
>>
>>Craig
>
>
> I think the problem comes from the non standard port 10025, which could
> be too any other for the mail transport between amavisd-new and Postfix.
> And I guess a custom SELinux rule is needed for that - audit2allow can
> help.
>
> Alexander
>
Thanks Alexander and Craig. Yes, I'm using amavisd-new and Postfix. I'll
read up on the audit2allow.
Strange though, I didn't have to do anything before to make it work.
Thanks,
Mike
More information about the fedora-list
mailing list