search for: sbin_t

...ot;1FntLB-0007aJ-6i-D" scontext=r oot:system_r:httpd_sys_script_t tcontext=system_u:object_r:var_spool_t tclass=dir Maybe there should be a context change to some mta specific context diuring the execution of /usr/sbin/sendmail. ls -Z /usr/zbin -rwsr-xr-x root root system_u:object_r:sbin_t /usr/sbin/exim lrwxrwxrwx root root root:object_r:sbin_t /usr/sbin/sendmail -> /etc/alternatives/mta lrwxrwxrwx root root system_u:object_r:sbin_t /usr/sbin/sendmail.exim -> exim Maybe exim shuld be sendmail_exec_t ? I can't experiment now. Will try setting it...

...agios.pp # semodule -i nagios.pp libsepol.print_missing_requirements: nagios's global requirements were not met: type/attribute nagios_t libsemanage.semanage_link_sandbox: Link packages failed semodule: Failed! # cat nagios.te module nagios 1.0; require { type nagios_t; type sbin_t; type ping_t; type initrc_var_run_t; type var_t; type httpd_nagios_script_t; class dir { read write search add_name remove_name }; class fifo_file { write getattr read create }; class file { rename setattr read create write getattr unlink }; }...

...ss dir { add_name getattr read remove_name search write }; class file { create execute execute_no_trans getattr lock read rename unlink write }; class filesystem getattr; class lnk_file read; type amavis_t; type fs_t; type mqueue_spool_t; type sbin_t; type sendmail_exec_t; type var_lib_t; role system_r; }; allow amavis_t fs_t:filesystem getattr; allow amavis_t mqueue_spool_t:dir { add_name getattr read remove_name search write }; allow amavis_t mqueue_spool_t:file { create getattr lock read rename unlink write }; allow...