search for: postfix_showq_t

...ail_t ============== > allow logwatch_mail_t usr_t:lnk_file read; > > #============= postfix_master_t ============== > allow postfix_master_t tmp_t:dir read; > > #============= postfix_postdrop_t ============== > allow postfix_postdrop_t tmp_t:dir read; > > #============= postfix_showq_t ============== > allow postfix_showq_t tmp_t:dir read; Any reason postfix would be listing the contents of /tmp or /var/tmp? Did you put some content into these directories that have something to do with mail? > #============= postfix_smtp_t ============== > allow postfix_smtp_t postfix_s...

I am seeing these avc messages on a newly commissioned and up-to-date CentOs-6 virtual guest: ---- time->Thu Dec 4 12:14:58 2014 type=SYSCALL msg=audit(1417713298.610:60522): arch=c000003e syscall=2 success=no exit=-13 a0=7fd70e6de1e6 a1=0 a2=1b6 a3=0 items=0 ppid=2698 pid=4294 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2784 comm="trivial-rewrite"

...ool_t:dir read; #============= logwatch_mail_t ============== allow logwatch_mail_t usr_t:lnk_file read; #============= postfix_master_t ============== allow postfix_master_t tmp_t:dir read; #============= postfix_postdrop_t ============== allow postfix_postdrop_t tmp_t:dir read; #============= postfix_showq_t ============== allow postfix_showq_t tmp_t:dir read; #============= postfix_smtp_t ============== allow postfix_smtp_t postfix_spool_maildrop_t:file { read write getattr }; -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca...

...logwatch_mail_t usr_t:lnk_file read; >> >> #============= postfix_master_t ============== >> allow postfix_master_t tmp_t:dir read; >> >> #============= postfix_postdrop_t ============== >> allow postfix_postdrop_t tmp_t:dir read; >> >> #============= postfix_showq_t ============== >> allow postfix_showq_t tmp_t:dir read; > Any reason postfix would be listing the contents of /tmp or /var/tmp? > Did you put some content into these directories that have something to > do with mail? That question I need put to the Postfix mailing list. I see nothi...

On Mon, December 8, 2014 20:01, Daniel J Walsh wrote: > > rpm -q selinux-policy > > selinux-policy-3.7.19-260.el6 is the current policy in development. >> Thank you. >>>> #============= postfix_showq_t ============== >>>> allow postfix_showq_t tmp_t:dir read; >>> Any reason postfix would be listing the contents of /tmp or /var/tmp? >>> Did you put some content into these directories that have something to >>> do with mail? >> That question I need put t...