Displaying 4 results from an estimated 4 matches for "logwatch_mail_t".
2014 Dec 05
2
Postfix avc (SELinux)
...xec_t:file execute;
> allow amavis_t sysfs_t:dir search;
>
> #============= clamscan_t ==============
> allow clamscan_t amavis_spool_t:dir read;
In the latest rhel6 policies amavas_t and clamscan_t have been merged
into antivirus_t? Is you selinux-policy up 2 date?
> #============= logwatch_mail_t ==============
> allow logwatch_mail_t usr_t:lnk_file read;
>
> #============= postfix_master_t ==============
> allow postfix_master_t tmp_t:dir read;
>
> #============= postfix_postdrop_t ==============
> allow postfix_postdrop_t tmp_t:dir read;
>
> #============= postf...
2014 Dec 04
3
Postfix avc (SELinux)
I am seeing these avc messages on a newly commissioned and up-to-date CentOs-6
virtual guest:
----
time->Thu Dec 4 12:14:58 2014
type=SYSCALL msg=audit(1417713298.610:60522): arch=c000003e syscall=2
success=no exit=-13 a0=7fd70e6de1e6 a1=0 a2=1b6 a3=0 items=0 ppid=2698
pid=4294 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=2784 comm="trivial-rewrite"
2014 Dec 04
0
Postfix avc (SELinux)
...icy consisting of the
following?
grep avc /var/log/audit/audit.log | audit2allow
#============= amavis_t ==============
allow amavis_t shell_exec_t:file execute;
allow amavis_t sysfs_t:dir search;
#============= clamscan_t ==============
allow clamscan_t amavis_spool_t:dir read;
#============= logwatch_mail_t ==============
allow logwatch_mail_t usr_t:lnk_file read;
#============= postfix_master_t ==============
allow postfix_master_t tmp_t:dir read;
#============= postfix_postdrop_t ==============
allow postfix_postdrop_t tmp_t:dir read;
#============= postfix_showq_t ==============
allow postfix_sh...
2014 Dec 05
0
Postfix avc (SELinux)
...eport and I have checked
again this morning. That system has no unapplied fixes for software provided
through the official CentOS-6 repositories. Does this change apply only to 7
or has it been backported? Both amavisd-new and clamav are provided via the
epel repository.
>> #============= logwatch_mail_t ==============
>> allow logwatch_mail_t usr_t:lnk_file read;
>>
>> #============= postfix_master_t ==============
>> allow postfix_master_t tmp_t:dir read;
>>
>> #============= postfix_postdrop_t ==============
>> allow postfix_postdrop_t tmp_t:dir read;
&g...