[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: postfix and selinux - newbie



John Esquivel wrote:

My yum service recently updated selinux policy which I believe broke my postfix service. I was guessing that selinux does not like me using a non-standard port for postfix stmp, but then again I am a newbie. Is there a way to disable just the postfix part of selinux? I have done this for samba by using the security level gui, but postfix isn't listed in the gui. For now I can set selinux to permissive then restart postfix (using the service config gui), then change selinux back to enforced. This works but this machine gets rebooted weekly and then postfix fails, also I don't want to leave selinux off completely. I am running fc4, postfix, amavisd, clamav, and spamassasin.
-JohnE

$ egrep 'fatal:' /var/log/maillog
Sep 25 15:06:22 lin3test postfix/master[6967]: fatal: bind 192.168.1.11 port 10050: Permission denied Sep 25 15:06:23 lin3test postfix/postfix-script: fatal: the Postfix mail system is not running

Log report:

/etc/cron.daily/0check4updates:
Updated Packages
selinux-policy-targeted.noarch 1.27.1-2.1 updates squid.i386 7:2.5.STABLE11-1.FC4 updates xinitrc.noarch 4.0.18.1-1 updates /etc/cron.daily/yum.cron: /sbin/restorecon reset /etc/postfix context system_u:object_r:etc_t->system_u:object_r:postfix_etc_t /sbin/restorecon reset /etc/postfix/postfix-script context system_u:object_r:etc_t->system_u:object_r:postfix_exec_t
..

Nevermind,
I Just saw the previous thread about this, to use audit2allow.

-Johne


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]