Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: Adding two new booleans to httpd to tighten it's security.: msg#00068
|
Subject: |
Re: Adding two new booleans to httpd to tighten it's security. |
On Sat, 2005-12-10 at 20:08 +0100, Nicolas Mailhot wrote:
> How about having selinux play nice with spamassassin at last ?
>
> It's still not able to create resolver sockets
> "Error creating a DNS resolver socket"
This is fixed upstream.
> or writing in its own files
>
> cannot create tmp lockfile ~/.spamassassin/bayes.lock.xxx
> cannot write to ~/.spamassassin/user_pref
You didn't say what the denial was. I went looking, and only found this
on the mail list:
On Sun, 2005-11-20 at 08:52 -0700, W. Scott Wilburn wrote:
> Nov 20 04:05:44 scooby kernel: audit(1132484744.807:45387): avc: denied
> { search } for pid=25548 comm="spamd" name=".spamassassin" dev=md0
> ino=2197675 scontext=root:system_r:spamd_t
> tcontext=user_u:object_r:user_home_t tclass=dir
Is this the denial that corresponds to the messages you have above?
> Or else fix fstab-sync
>
> avc: denied { getattr } for pid=2572 comm="fstab-sync" name="/"
> dev=tmpfs ino=5287 scontext=system_u:system_r:updfstab_t:s0
> tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir
Fixed upstream.
> or gpm
>
> avc: denied { write } for pid=2420 comm="gpm" name="mice" dev=tmpfs
> ino=4118 scontext=system_u:system_r:gpm_t:s0
> tcontext=system_u:object_r:mouse_device_t:s0 tclass=chr_file
Fixed upstream.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
|
| |
