[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Sudden exim selinux problem


I'm running F7 on my work PC, and use the Exim MTA to receive mail on
the PC from our central mailhubs. This has not been a problem since I
first installed F7, and I have been running it with selinux enabled.

However, for the past couple of days Exim has been rejecting
(temporarily) the mail due to what seems to be an selinux problem.
The exim mail log shows:

  2007-10-04 11:07:06 cannot accept message: failed to stat spool
  directory /var/spool/exim: Permission denied

The directory /var/spool/exim has not changed at all. However, if I
disable selinux using 'setenforce 0', then the mail comes though okay.

When the mail fails, the audit.log shows:

type=AVC msg=audit(1191493092.844:2346): avc:  denied  { getattr } for
pid=19983 comm="exim" name="/" dev=sda2 ino=2
scontext=user_u:system_r:exim_t:s0 tcontext=system_u:object_r:fs_t:s0
type=SYSCALL msg=audit(1191493092.844:2346): arch=c000003e syscall=137
success=no exit=-13 a0=555555612ef0 a1=7fff8f28bf70 a2=0 a3=0 items=0
ppid=25399 pid=19983 auid=500 uid=93 gid=93 euid=93 suid=93 fsuid=93
egid=93 sgid=93 fsgid=93 tty=(none) comm="exim" exe="/usr/sbin/exim"
subj=user_u:system_r:exim_t:s0 key=(null)

I have yum automatic updates enabled, and can see that
selinux-policy-targeted has changed (updated to
selinux-policy-targeted-2.6.4-45.fc7), but cannot see any reference to
any Exim changes in the changelog. Exim itself has not been updated.

Anyone else noticed this, or any ideas about it? I'm currently looking
for that F7 utility that explains the audit.log entries a bit better and
how to (possibly) correct the problem. Trouble is I can't remember what
it is called! :-)


John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: John Horne plymouth ac uk       Fax: +44 (0)1752 233839

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]