SELinux is preventing postdrop (postfix_postdrop_t) "append" ... (usr_t)
Hi, all of a sudden I'm seeing my Postfix not running. Trying to start it up failed. When I looked into /var/log/messages I saw some issue with SELinux.
However, when executing sealert I'm unable to intrepret meaning of the output. Can someone please give some light on this? Code:
sealert -l 80211036-8d3d-4afc-8948-0667eb7130af |
Couple of comments.
Quote:
Quote:
Quote:
- The target context is usr_t which isn't common for anything that lives in /var. See 'semanage fcontext -l|grep 'spool/post';'. - What does maillog have to say? - Are there any (seemingly unrelated) messages in other logs between the time Postfix died and you tried to restart it? - Have you changed any Postfix configuration or anything else that could have affected Postfix? - What does 'getsebool -a|grep postfix' (or 'getsebool -a|grep post') return? - Just to make certain: what does 'rpm -Vv|grep -v '\.\{8\}';' return? |
Hi, thanks for the reply. Here are some of the information. Hope it helps to give a better picture.
Quote:
Code:
[root@www ~]# cd / Quote:
Code:
[root@www /]# semanage fcontext -l|grep 'spool/post' Quote:
Quote:
Code:
Jan 2 06:43:43 www setroubleshoot: SELinux is preventing postdrop (postfix_postdrop_t) "append" to 2F7573722F6C6F63616C2F617061636865322F6C6F67732F6572726F725F6C6F67202864656C6574656429 (usr_t). For complete SELinux messages. run sealert -l 80211036-8d3d-4afc-8948-0667eb7130af Quote:
Quote:
Code:
[root@www /]# getsebool -a|grep postfix Quote:
Code:
[root@www /]# rpm -Vv|grep -v '\.\{8\}' |
Quote:
*And BTW, RHEL 5 has been at U10 for some time now. Keeping up with updates is one of the sysadm best practices. Quote:
Asserting postdrop delivers to a location in /var (do confirm) what does 'find /var/ -context "*:user_t:*" -printf "%p %Z\n";' return? If nothing, though I'm kind of loathe to suggest it w/o further T/S, then you could try flipping the "allow_postfix_local_write_mail_spool" boolean and see if that works. |
Quote:
Quote:
Code:
[root@www ~]# rpm -V postfix-2.3.3-2.3.el5_6 Quote:
Code:
[root@www ~]# find /var/ -context "*:user_t:*" -printf "%p %Z\n" Quote:
|
Quote:
Quote:
Quote:
Quote:
SELinux adds a few related ones and suffixes them with "_selinux" like "postfix_postdrop_selinux". The boolean is described in "postfix_local_selinux". |
Quote:
Quote:
Quote:
Code:
Target Context root:object_r:usr_t Code:
find /var/ -context "*:*:user_t" -printf "%p %Z\n" Quote:
Quote:
|
Quote:
Quote:
Quote:
Quote:
Code:
find /var/ -context "*:usr_t:*" -printf "%p %Z\n" Quote:
Quote:
Code:
inotifywait -m -e create -e open -e access -e modify -e close_nowrite -e close_write -r /var |
Quote:
Quote:
Code:
find /var/ -context "*:user_t:*" -printf "%p %Z\n" Quote:
Quote:
|
Quote:
Quote:
Quote:
Quote:
Code:
locate capp lspp nispom Quote:
Quote:
Quote:
|
Sorry why isn't configuring from source the safest?
|
Basically you'll take responsibility for doing everything Red Hat already does for you: source taint checks, testing, quality assurance. Each and every time.
|
Quote:
The problem I have with *NIX is every package is installed at different location. If I want to have everything installed under the same directory, I can run configure with --prefix to install it at a specific directory. |
Quote:
Quote:
|
All times are GMT -5. The time now is 10:30 PM. |