mailq.postfix.gz.1 incorrectly labeled in FC6T1
Jay Cliburn
jacliburn at bellsouth.net
Fri Jul 14 00:44:05 UTC 2006
After installing postfix under FC6T1, I kept getting this avc:
audit(1152836951.218:8): avc: denied { getattr } for pid=3130
comm="sh" name="mailq.postfix.1.gz" dev=dm-0 ino=1084752
scontext=user_u:system_r:postfix_master_t:s0
tcontext=system_u:object_r:man_t:s0 tclass=file
It's a manpage and it looks to me like it came from the factory labeled
incorrectly. A chcon to system_u:object_r:man_t seems to have fixed it.
More information about the fedora-selinux-list
mailing list