procmail-related selinux messages

Thomas Molina tmolina at cablespeed.com
Sun Apr 11 16:23:33 UTC 2004


I made a fresh install of Fedora Core 2 test 2, and fully updated 
everything.  All the files have been relabled and most/all of my normal 
programs are set up for the new environment.  

I am running this on an A7V133 with an AthlonXP 2100 CPU.  

On this system I run fetchmail as a daemon.  Mail is delivered using 
sendmail with procmail recipes.  I would like to adjust policy to deal 
with the following messages whenever mail is retrieved.

Apr 11 11:51:52 dad kernel: audit(1081698712.748:0): avc:  denied  { 
search } for  pid=2915 exe=/usr/bin/procmail name=mqueue dev=hda1 
ino=819317 scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=dir
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { write 
} for  pid=2915 exe=/usr/bin/procmail name=mqueue dev=hda1 ino=819317 
scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=dir
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { 
add_name } for  pid=2915 exe=/usr/bin/procmail name=_jt.YmWeAB.dad 
scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=dir
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { 
create } for  pid=2915 exe=/usr/bin/procmail name=_jt.YmWeAB.dad 
scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=file
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { write 
} for  pid=2915 exe=/usr/bin/procmail 
path=/var/spool/mqueue/_jt.YmWeAB.dad dev=hda1 ino=825150 
scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=file
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { 
getattr } for  pid=2915 exe=/usr/bin/procmail 
path=/var/spool/mqueue/_jt.YmWeAB.dad dev=hda1 ino=825150 
scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=file
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { link 
} for  pid=2915 exe=/usr/bin/procmail name=_jt.YmWeAB.dad dev=hda1 
ino=825150 scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=file
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { 
remove_name } for  pid=2915 exe=/usr/bin/procmail name=_jt.YmWeAB.dad 
dev=hda1 ino=825150 scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=dir
Apr 11 11:51:52 dad kernel: audit(1081698712.749:0): avc:  denied  { 
unlink } for  pid=2915 exe=/usr/bin/procmail name=_jt.YmWeAB.dad dev=hda1 
ino=825150 scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=file
Apr 11 11:51:52 dad kernel: audit(1081698712.750:0): avc:  denied  { read 
} for  pid=2916 exe=/usr/bin/formail name=msgid.cache dev=hda1 ino=825130 
scontext=system_u:system_r:procmail_t 
tcontext=system_u:object_r:mqueue_spool_t tclass=file





More information about the fedora-test-list mailing list