[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Selinux issue



Alexander Dalloz wrote:
Am So, den 25.09.2005 schrieb Craig White um 1:13:


type=AVC msg=audit(1127594745.645:394): avc: denied { name_bind } for pid=4155 comm="master" src=10025 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:amavisd_send_port_t tclass=tcp_socket


My version of Postfix (admittedly CentOS 4) doesn't have those files
which means that there is no context to restore because they weren't
part of the default definitions. Is this fedora version of Postfix? Did
you create those files? If so, you would have to set the contexts
yourself...

This is what I use as my bible for SELinux...

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-
guide/

Craig


I think the problem comes from the non standard port 10025, which could
be too any other for the mail transport between amavisd-new and Postfix.
And I guess a custom SELinux rule is needed for that - audit2allow can
help.

Alexander


Thanks Alexander and Craig. Yes, I'm using amavisd-new and Postfix. I'll read up on the audit2allow.

Strange though, I didn't have to do anything before to make it work.

Thanks,
Mike



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]