Selinux issue
Alexander Dalloz
ad+lists at uni-x.org
Sun Sep 25 00:38:11 UTC 2005
Am So, den 25.09.2005 schrieb Craig White um 1:13:
> > >>type=AVC msg=audit(1127594745.645:394): avc: denied { name_bind } for
> > >> pid=4155 comm="master" src=10025
> > >>scontext=root:system_r:postfix_master_t
> > >>tcontext=system_u:object_r:amavisd_send_port_t tclass=tcp_socket
> My version of Postfix (admittedly CentOS 4) doesn't have those files
> which means that there is no context to restore because they weren't
> part of the default definitions. Is this fedora version of Postfix? Did
> you create those files? If so, you would have to set the contexts
> yourself...
>
> This is what I use as my bible for SELinux...
>
> http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-
> guide/
>
> Craig
I think the problem comes from the non standard port 10025, which could
be too any other for the mail transport between amavisd-new and Postfix.
And I guess a custom SELinux rule is needed for that - audit2allow can
help.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 02:34:55 up 4 days, 10:20, load average: 0.14, 0.16, 0.19
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050925/53f1eadb/attachment-0001.sig>
More information about the fedora-list
mailing list