similar to: Postfix avc (SELinux)

On Fri, December 5, 2014 04:53, Daniel J Walsh wrote: > > On 12/04/2014 03:22 PM, James B. Byrne wrote: >> On Thu, December 4, 2014 12:29, James B. Byrne wrote: >>> Re: SELinux. Do I just build a local policy or is there some boolean >>> setting >>> needed to handle this? I could not find one if there is but. . . >>> >> Anyone see any problem

On 12/04/2014 03:22 PM, James B. Byrne wrote: > On Thu, December 4, 2014 12:29, James B. Byrne wrote: >> Re: SELinux. Do I just build a local policy or is there some boolean setting >> needed to handle this? I could not find one if there is but. . . >> > Anyone see any problem with generating a custom policy consisting of the > following? > > grep avc

On Thu, December 4, 2014 12:29, James B. Byrne wrote: > > Re: SELinux. Do I just build a local policy or is there some boolean setting > needed to handle this? I could not find one if there is but. . . > Anyone see any problem with generating a custom policy consisting of the following? grep avc /var/log/audit/audit.log | audit2allow #============= amavis_t ============== allow

I am seeing these avc messages on a newly commissioned and up-to-date CentOs-6 virtual guest: ---- time->Thu Dec 4 12:14:58 2014 type=SYSCALL msg=audit(1417713298.610:60522): arch=c000003e syscall=2 success=no exit=-13 a0=7fd70e6de1e6 a1=0 a2=1b6 a3=0 items=0 ppid=2698 pid=4294 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2784 comm="trivial-rewrite"

Installed Packages Name : postfix Arch : x86_64 Epoch : 2 Version : 2.6.6 Release : 6.el6_5 Size : 9.7 M Repo : installed >From repo : updates I am seeing several of these in our maillog file after a restart of the Postfix service: Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing /usr/libexec/postfix/smtp from 'read, write'

CentOS-6.6 Postfix-2.11.1 (local) ClamAV-0.98.5 (epel) Amavisd-new-2.9.1 (epel) opendkim-2.9.0 (centos) pypolicyd-spf-1.3.1 (epel) Is there something going on in selinuxland with respect to clamav, amavisd-new and postfix? Since the most recent update of clamav I seem to be detecting more avc's. It may be that it is because I am looking for them more frequently but it seems to me that

There's a big thread about filesystems on postfix-users@postfix.org Could you shed some light on that issue? ----- Forwarded message from Wietse Venema <wietse@porcupine.org> ----- From: wietse@porcupine.org (Wietse Venema) Date: Sun, 3 Feb 2002 07:53:26 -0500 (EST) To: Lawrence Greenfield <leg+@andrew.cmu.edu> Cc: Wietse Venema <wietse@porcupine.org>,

> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > > > Hello and good evening. > > Sorry for responding so late, it is midsummer and i spend as much > time as possible on the outside (bicycle, mostly). (Just one more > day, then 10 degrees colder!!) > > I Cc: Wietse Venema, because i quote a message of him. > (this is "set

Hello and good evening. Sorry for responding so late, it is midsummer and i spend as much time as possible on the outside (bicycle, mostly). (Just one more day, then 10 degrees colder!!) I Cc: Wietse Venema, because i quote a message of him. (this is "set quote-add-cc" here.) Aki Tuomi wrote in <84881193.5398.1597934431687 at appsuite-dev-gw2.open-xchange.com>: The dovecot

In response to my request for postfix to support dovecot auth arguments I got the forwarded reply. If someone gets around to this before me I won't be offended. ------------ Story is I deployed a webmail with certificate based authentication that substitutes a global master password (http://wiki.dovecot.org/Authentication/MasterUsers) when the certificate matches. The webmail accesses

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

postfix-users seems to be a subscription only list. I'd recommend incorporating TDMA <http://tdma.sf.net/> to allow for easy discussion by outsiders Andrew Morton (of ext3 fame) had sent this message to postfix-users list I am forwarding so that Wietse can hopefully provide the definitive answer to the question Andrew Morton/Stephen Tweedie seek ----- Forwarded message from Andrew

This was just posted on the Postfix list. Centos 7 ships with: postfix-2.10.1-6.el7 Has this cert advisory been applied to the Centos build of Postfix? thank you -------- Forwarded Message -------- Subject: Obsolete NSA exploit for Postfix 2.0 - 2.2 Date: Sun, 9 Apr 2017 16:18:06 -0400 (EDT) From: Wietse Venema <wietse at porcupine.org> To: Postfix users <postfix-users at

> On 21/08/2020 17:56 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > > > Aki Tuomi wrote in > <1907575568.4364.1597984769802 at appsuite-dev-gw1.open-xchange.com>: > |> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > ... > |> Wietse Venema wrote in > |> <4BXSTk189nzJrP3 at spike.porcupine.org>: >

A little over a week ago I posted asking about setting up a linux box between an existing router and a switch in order to provide firewall service to a subnet of machines. I was curious what experience others had with this type of setup in terms of machines, configurations, and the appropriateness of using linux in this manner. There were basically three issues discussed in replies: hardware

Hi, I guess this is a bit OT but perhaps someone has encountered this issue before. On a CentOS 6.3 x86_64 box I have installed postfix and dspam from EPEL. Dspam is configured to listen on port 10026. After having configured dspam and postfix I start dspam and then postfix and I see the following AVC message in audit.log: type=AVC msg=audit(1350920492.936:400): avc: denied { name_bind }

Aki Tuomi wrote in <1907575568.4364.1597984769802 at appsuite-dev-gw1.open-xchange.com>: |> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: ... |> Wietse Venema wrote in |> <4BXSTk189nzJrP3 at spike.porcupine.org>: |> ... |>|Steffen Nurpmeso: |> ... |>|> until SASL says it is done?!. How could EXTERNAL ever work

Hi, I'm running dovecot (1.1.7) deliver and sieve (1.1.5) on a Fedora 9 platform, using selinux targetet mode. Most of the mail deliveries goes well, but once deliver tried to copy the mail to the /tmp directory, which it seems it not allowed by selinux. I guess that deliver wants to sanitize the mail or something and therefore copies it to /tmp. Before I ask for selinux to allow this, I

Trying to restart postfix installed from yum. Restart fails, I get: type=AVC msg=audit(1430429813.721:12167): avc: denied { unlink } for pid=31624 comm="master" name="defer" dev="dm-0" ino=981632 scontext=system_u:system_r:postfix_master_t:s0 tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 tclass=sock_file I guess it needs to remove the

Hi, well, swift response! Qualcomm has a patched qpopper (2.5) Greetings, Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> ---------- Forwarded message ---------- Date: Mon, 29 Jun 1998 21:43:18 -0700 From: Praveen Yaramada <pyaramad@QUALCOMM.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Patched Qpopper2.5 release Notification. Hello Folks, As you are already aware that qpopper