Selinux and exim
Daniel J Walsh
dwalsh at redhat.com
Wed Sep 5 03:35:06 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frank Chiulli wrote:
> I have been the messages below for awhile. But since everything seems
> to be working, I just ignored them. But now I've decided to fix them.
> I tried:
> touch /.autorelabel
> reboot
>
> But that did not fix it. Does anyone have any suggestions?
>
> Messages:
> avc: denied { append } for comm="sendmail" dev=hda2 egid=93 euid=93
> exe="/usr/sbin/exim" exit=-13 fsgid=93 fsuid=93 gid=93 items=0
> name="main.log" pid=7094
> scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 sgid=93
> subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 suid=93
> tclass=file tcontext=user_u:object_r:var_log_t:s0 tty=(none) uid=93
>
> avc: denied { append } for comm="sendmail" dev=hda2 egid=93 euid=93
> exe="/usr/sbin/exim" exit=-13 fsgid=93 fsuid=93 gid=93 items=0
> name="panic.log" pid=7094
> scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 sgid=93
> subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 suid=93
> tclass=file tcontext=system_u:object_r:var_log_t:s0 tty=(none) uid=93
>
>
> More info:
> ls -Z /usr/sbin/exim
> -rwsr-xr-x root root system_u:object_r:sendmail_exec_t /usr/sbin/exim
>
> ls -Z /var/log/exim/panic.log
> -rw-r----- exim exim system_u:object_r:var_log_t /var/log/exim/panic.log
>
> ls -Z /var/log/exim/main.log
> -rw-r----- exim exim user_u:object_r:var_log_t /var/log/exim/main.log
>
> Thanks,
> Frank
>
If you change the context of /var/log/exim to sendmail_log_t, it will
probably work.
# semanage fcontext -a -t sendmail_log_t '/var/log/exim(/.*)?'
# restorecon -R -v /var/log/exim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFG3iPqrlYvE4MpobMRAo6dAKCblxqopFd4eRQFNI0SQ/7wvUF8pwCfU2pZ
VpRE2Y2O26NmgVQpvXOi094=
=NYgJ
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list