search for: spamd_t

On 09/09/2018 07:19 AM, Daniel Walsh wrote: > sesearch -A -s httpd_t -t system_conf_t -p read > > If you feel that these files should not be part of the base_ro_files > then we should open that for discussion. I think the question was how users would know that the policy allowed access, as he was printing rules affecting httpd_t's file read access, and looking for

...a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '7370616D64206368696C64' --raw | audit2allow -M my-7370616D64206368696C64 # semodule -i my-7370616D64206368696C64.pp Additional Information: Source Context system_u:system_r:spamd_t:s0 Target Context system_u:object_r:var_log_t:s0 Target Objects /var/log/spamassassin/.spamassassin/bayes_toks [ file ] Source 7370616D64206368696C64 Source Path /usr/bin/perl Port <Unk...

...e source type 'clamscan_t' can write to a 'dir' of the following types: # clamscan_tmp_t, clamd_var_lib_t, tmp_t, root_t allow clamscan_t amavis_spool_t:dir write; #============= postfix_smtp_t ============== allow postfix_smtp_t postfix_spool_maildrop_t:file open; #============= spamd_t ============== allow spamd_t etc_runtime_t:file append; Is there anything wrong with just creating a local policy module for these and loading it? -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited...

...on my main server running CentOS 7 > and Postfix. SELinux is activated (Enforcing). > ... > SELinux is preventing /usr/bin/perl from 'read, write' accesses on the > file /var/log/spamassassin/.spamassassin/bayes_toks. > ... > Source Context system_u:system_r:spamd_t:s0 > Target Context system_u:object_r:var_log_t:s0 You may have had a custom context set on /var/log/spamassassin or a sub-path in the past, overwritten by a recent update.? That's a normal occurrence if you set context using chcon rather than "semanage fcontext"...