Please take our Survey
logo       
<prev   next>

Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...

Postfix email program: msg#00117

Subject: Postfix email program
We use the Postfix email system and not sendmail. When selinux is in permissive mode, postfix will start. When selinux is enforcing with selinux-policy-targeted-1.27.1-2.1, it does not start.
These are the entries to audit.log when trying to start postfix with selinux enforcing. 

type=AVC msg=audit(1127679357.877:29): avc:  denied  { search } for  pid=4929 
comm="postalias" name="audit" dev=dm-0 ino=1721482 
scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:auditd_log_t tclass=dir
type=SYSCALL msg=audit(1127679357.877:29): arch=40000003 syscall=195 success=no exit=-13 a0=9498cc0 
a1=bfbdd26c a2=496ff4 a3=64 items=1 pid=4929 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 
egid=0 sgid=0 fsgid=0 comm="postalias" exe="/usr/sbin/postalias"
type=CWD msg=audit(1127679357.877:29):  cwd="/var/log/audit"
type=PATH msg=audit(1127679357.877:29): item=0 name="DB_CONFIG" flags=1  
inode=1721482 dev=fd:00 mode=040750 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127679357.878:30): avc:  denied  { search } for  pid=4929 
comm="postalias" name="audit" dev=dm-0 ino=1721482 
scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:auditd_log_t tclass=dir
type=SYSCALL msg=audit(1127679357.878:30): arch=40000003 syscall=5 success=no exit=-13 a0=9498cc0 
a1=8000 a2=1b6 a3=9498ce8 items=1 pid=4929 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
sgid=0 fsgid=0 comm="postalias" exe="/usr/sbin/postalias"
type=CWD msg=audit(1127679357.878:30):  cwd="/var/log/audit"
type=PATH msg=audit(1127679357.878:30): item=0 name="DB_CONFIG" flags=101  
inode=1721482 dev=fd:00 mode=040750 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127679357.878:31): avc:  denied  { search } for  pid=4929 
comm="postalias" name="audit" dev=dm-0 ino=1721482 
scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:auditd_log_t tclass=dir
type=SYSCALL msg=audit(1127679357.878:31): arch=40000003 syscall=195 success=no exit=-13 a0=9498f08 
a1=bfbdd2fc a2=496ff4 a3=64 items=1 pid=4929 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 
egid=0 sgid=0 fsgid=0 comm="postalias" exe="/usr/sbin/postalias"
type=CWD msg=audit(1127679357.878:31):  cwd="/var/log/audit"
type=PATH msg=audit(1127679357.878:31): item=0 name="__db.002" flags=1  
inode=1721482 dev=fd:00 mode=040750 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1127679358.558:32): avc:  denied  { name_bind } for  pid=4975 
comm="master" src=10025 scontext=root:system_r:postfix_master_t 
tcontext=system_u:object_r:amavisd_send_port_t tclass=tcp_socket
type=SYSCALL msg=audit(1127679358.558:32): arch=40000003 syscall=102 success=no exit=-13 a0=2 
a1=bfe36550 a2=8065228 a3=bfe365c4 items=0 pid=4975 auid=4294967295 uid=0 gid=0 euid=0 suid=0 
fsuid=0 egid=0 sgid=0 fsgid=0 comm="master" exe="/usr/libexec/postfix/master"
type=SOCKADDR msg=audit(1127679358.558:32): 
saddr=020027297F0000010000000000000000
type=SOCKETCALL msg=audit(1127679358.558:32): nargs=3 a0=50 a1=923c3b8 a2=10
I still do not know enough about selinux to know if I can relabel something of if this needs a new policy. 

Thanks in advance for all help.

John
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Latest update has a few holes HEADS UP, Richard Irving
Next by Date:  Problems creating a user, Armando Aznar
Previous by Thread:  "avc denied" on mounted ISO image for HTTP install, Matt Arnilo S. Baluyos (Mailing Lists)
Next by Thread:  Problems creating a user, Armando Aznar
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
Recently Viewed:
qnx.openqnx.dev...    gcc.libstdc++.c...    solaris.opensol...    information-ret...    misc.misterhous...    web.catalyst.ge...    apache.webservi...    redhat.release....    hardware.lirc/2...    kernel.autofs/2...    technology.sust...    linux.vdr/2003-...    editors.lyx.gen...    org.user-groups...    netbsd.devel.pk...    xdg.devel/2004-...    version-control...    jakarta.slide.d...    debian.packages...    creativecommons...    ports.ppc.embed...    bug-tracking.bu...   
Home | blog view | USPTO Patent Archive | advertise | OSDir is an inevitable website. super tiny logo

Free Magazines

Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe