[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Two AVCs



I am using selinux-policy-targeted-3.5.13-71.fc10.noarch on Fedora 10. I am getting these AVCs. They do not seem to inhibit functionality but still troublesome to get the selinux alerts all the time. Are these bugs in the policy or something that will not be addressed and I need to generate local policy?
1) SELinux is preventing postdrop (postfix_postdrop_t) "getattr" httpd_t.

Raw Audit Messages :

node=elijah.suretrak21.net type=AVC msg=audit(1253716264.867:65886): avc: denied { getattr } for pid=30094 comm="postdrop" path="pipe:[2618550]" dev=pipefs ino=2618550 scontext=system_u:system_r:postfix_postdrop_t:s0 tcontext=system_u:system_r:httpd_t:s0 tclass=fifo_file

node=elijah.suretrak21.net type=SYSCALL msg=audit(1253716264.867:65886): arch=40000003 syscall=197 success=no exit=-13 a0=2 a1=bfc167c8 a2=94eff4 a3=2 items=0 ppid=30093 pid=30094 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=90 sgid=90 fsgid=90 tty=(none) ses=4294967295 comm="postdrop" exe="/usr/sbin/postdrop" subj=system_u:system_r:postfix_postdrop_t:s0 key=(null)

2) SELinux is preventing sendmail (system_mail_t) "read" to /usr/share/GeoIP/GeoIP.dat (usr_t).

Raw Audit Messages :

node=elijah.suretrak21.net type=AVC msg=audit(1253643380.763:60806): avc: denied { read } for pid=1311 comm="sendmail" path="/usr/share/GeoIP/GeoIP.dat" dev=dm-0 ino=663651 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=file

node=elijah.suretrak21.net type=SYSCALL msg=audit(1253643380.763:60806): arch=40000003 syscall=11 success=yes exit=0 a0=9ad05d0 a1=9acfd18 a2=9acfb08 a3=0 items=0 ppid=14784 pid=1311 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="sendmail" exe="/usr/sbin/sendmail.postfix" subj=system_u:system_r:system_mail_t:s0 key=(null)
Regards,
John Griffiths

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]