Displaying 4 results from an estimated 4 matches for "sysctl_kernel_t".
2008 Aug 26
3
Amavisd Howto
...ling list here:
http://lists.centos.org/pipermail/centos/2008-August/062296.html
Quoting from that post:
module local 1.0;
require {
type traceroute_port_t;
type amavis_t;
type postfix_spool_t;
type clamd_t;
type amavis_var_lib_t;
type sysctl_kernel_t;
type var_t;
type postfix_smtpd_t;
type initrc_t;
type proc_t;
class unix_stream_socket connectto;
class file { read getattr };
class sock_file write;
class lnk_file { read create unlink getattr };
class udp_s...
2015 Jan 19
2
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
I am seeing these in the log of one of our off-site NX hosts running
CentOS-6.6.
type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for
pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0
tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket
Was caused by:
Missing type enforcement (TE) allow rule.
You can use
2009 Oct 04
2
deliver stopped working
...ail_t;
type snmpd_t;
type tmp_t;
type dovecot_deliver_t;
type postfix_smtp_t;
type nfs_t;
type var_run_t;
type usr_t;
type httpd_t;
type audisp_t;
type postfix_cleanup_t;
type inetd_t;
type portmap_t;
type postfix_pickup_t;
type hald_t;
type getty_t;
type avahi_t;
type etc_t;
type sysctl_kernel_t;
type unconfined_t;
type init_t;
type auditd_t;
type lib_t;
type dovecot_auth_t;
type syslogd_t;
type hostname_exec_t;
type postfix_smtpd_t;
type var_spool_t;
type system_dbusd_t;
type mysqld_etc_t;
type initrc_t;
type proc_t;
type restorecond_t;
type etc_runtime_t;
type postfix_bou...
2015 Jan 19
0
CentOS-6.6 Fail2Ban and Postfix Selinux AVCs
...an_t ==============
allow fail2ban_t ldconfig_exec_t:file { read execute open getattr
execute_no_trans };
allow fail2ban_t insmod_exec_t:file { read execute open };
allow fail2ban_t self:capability { net_admin net_raw };
allow fail2ban_t self:rawip_socket { getopt create setopt };
allow fail2ban_t sysctl_kernel_t:dir search;
allow fail2ban_t sysctl_modprobe_t:file read;
allow system_mail_t inotifyfs_t:dir read;
I am not sure whether this issue is the result of something that we
have done or left undone. We have another host configured in much the
same fashion as this one and it does not display these er...