search for: amavis_t

...ule - amavis.te looks like: module amavis 1.0; require { class dir { add_name getattr read remove_name search write }; class file { create execute execute_no_trans getattr lock read rename unlink write }; class filesystem getattr; class lnk_file read; type amavis_t; type fs_t; type mqueue_spool_t; type sbin_t; type sendmail_exec_t; type var_lib_t; role system_r; }; allow amavis_t fs_t:filesystem getattr; allow amavis_t mqueue_spool_t:dir { add_name getattr read remove_name search write }; allow amavis_t mqueue_...

...or is there some boolean setting >> needed to handle this? I could not find one if there is but. . . >> > Anyone see any problem with generating a custom policy consisting of the > following? > > grep avc /var/log/audit/audit.log | audit2allow > > > #============= amavis_t ============== > allow amavis_t shell_exec_t:file execute; > allow amavis_t sysfs_t:dir search; > > #============= clamscan_t ============== > allow clamscan_t amavis_spool_t:dir read; In the latest rhel6 policies amavas_t and clamscan_t have been merged into antivirus_t? Is you sel...

...wiki.centos.org/HowTos/SELinux Also, SELinux with respect to the amavisd guide was recently discussed on the mailing list here: http://lists.centos.org/pipermail/centos/2008-August/062296.html Quoting from that post: module local 1.0; require { type traceroute_port_t; type amavis_t; type postfix_spool_t; type clamd_t; type amavis_var_lib_t; type sysctl_kernel_t; type var_t; type postfix_smtpd_t; type initrc_t; type proc_t; class unix_stream_socket connectto; class file { read g...

I am seeing these avc messages on a newly commissioned and up-to-date CentOs-6 virtual guest: ---- time->Thu Dec 4 12:14:58 2014 type=SYSCALL msg=audit(1417713298.610:60522): arch=c000003e syscall=2 success=no exit=-13 a0=7fd70e6de1e6 a1=0 a2=1b6 a3=0 items=0 ppid=2698 pid=4294 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2784 comm="trivial-rewrite"

...SELinux. Do I just build a local policy or is there some boolean setting > needed to handle this? I could not find one if there is but. . . > Anyone see any problem with generating a custom policy consisting of the following? grep avc /var/log/audit/audit.log | audit2allow #============= amavis_t ============== allow amavis_t shell_exec_t:file execute; allow amavis_t sysfs_t:dir search; #============= clamscan_t ============== allow clamscan_t amavis_spool_t:dir read; #============= logwatch_mail_t ============== allow logwatch_mail_t usr_t:lnk_file read; #============= postfix_master_t...

...t;>> needed to handle this? I could not find one if there is but. . . >>> >> Anyone see any problem with generating a custom policy consisting of the >> following? >> >> grep avc /var/log/audit/audit.log | audit2allow >> >> >> #============= amavis_t ============== >> allow amavis_t shell_exec_t:file execute; >> allow amavis_t sysfs_t:dir search; >> >> #============= clamscan_t ============== >> allow clamscan_t amavis_spool_t:dir read; > In the latest rhel6 policies amavas_t and clamscan_t have been merged >...

...ix? Since the most recent update of clamav I seem to be detecting more avc's. It may be that it is because I am looking for them more frequently but it seems to me that something has happened external to my control. The most recent things I see are these: audit2allow -l -a #============= amavis_t ============== allow amavis_t sysfs_t:dir read; allow amavis_t sysfs_t:file open; #============= clamscan_t ============== #!!!! The source type 'clamscan_t' can write to a 'dir' of the following types: # clamscan_tmp_t, clamd_var_lib_t, tmp_t, root_t allow clamscan_t amavis_spool...

...a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep amavisd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp [root at inet18 ~ (master #)]# grep amavisd /var/log/audit/audit.log | audit2allow #============= amavis_t ============== allow amavis_t shell_exec_t:file { read open }; allow amavis_t sysfs_t:file read; -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive...

...along with providing a backup for our Mailman mailing lists. It also has a slave named service. while tracking down a separate problem I discovered these avc anomalies and ran audit2allow to see what was required to eliminate them. All the software is either from CentOS or EPEL. #============= amavis_t ============== allow amavis_t sysfs_t:dir open; #============= clamd_t ============== allow clamd_t sysctl_vm_t:dir search; #============= mailman_mail_t ============== #!!!! The source type 'mailman_mail_t' can write to a 'dir' of the following types: # mailman_log_t, mailman_dat...