[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Denial when calling /bin/mail from initscripts



This is a bit odd; I have my machines send an email when they reboot,
and this worked previous to F8 but no F8 it seems that selinux is
preventing that from working properly.  rc.local has something like:

HN=`hostname`
date | mail -s $HN obscured address

When the mail is sent I get the following denial:

audit(1202140440.123:4): avc:  denied  { read } for  pid=2752 comm="sendmail" path=2F746D702F527357566E686E52202864656C6574656429 dev=dm-3 ino=98307 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file

and a message is sent, but it's mostly empty (no body and no
subject).  audit2allow just says

#============= sendmail_t ==============
allow sendmail_t initrc_tmp_t:file read;

but as is unfortunately almost always the case with selinux things, I
understand that would work but I don't understand if it exposes me to
anything or could cause problems later.

 - J<


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]