i installed dovecot and sendmail

those are working properly
i installed squirreal mail and try to sent the the mail to the other user a selinux error is comming.


The selinux error is attached to this Thread.
any one give the solution to this

Attached Images

Screenshot.png (97.6 KB, 5 views)

You'll need to use the 'chcon' to change the context of the eventpoll file (can't see the location). 'man chcon' to see the usage.

I can't tell what context to make eventpoll so you might want to check /var/log/messages for the same sealert - it will list a command line you can run to display the console version of the error you attached so we can see all the information in the error. it will be something like 'sealert .....'

How did you come to that conclusion?

Sendmail wants to read a file in the httpd_t context. If it's not a file containing privileged information then reading in this context seems OK. By comparision anything unprivileged wanting to read say /etc/shadow, or anything wanting execstack, execmem or execheap rights is NOT OK (http://people.redhat.com/drepper/selinux-mem.html for the exec.* stuff). First thing to do is check for available booleans that might help. Try 'getsebool -a | egrep -ie "(http|mail|squir)" '. If there's none, build a local policy file: 'echo "avc: denied { read } for comm="sendmail" dev=eventpollfs egid=51 euid=48 exe="/usr/sbin/sendmail.sendmail" exit=0 fsgid=51 fsuid=48 gid=48 items=0 path="eventpoll:[7045]" pid=2674 scontext=system_u:system_r:system_mail_t:s0 sgid=51 subj=system_u:system_r:system_mail_t:s0 suid=48 tclass=file tcontext=system_u:system_r:httpd_t:s0 tty=(none) uid=48"|audit2allow -M squirreleventpollfs && semodule -i squirreleventpollfs.pp'. This should add a rule "allow system_mail_t httpd_t:file read;".


Next time cut out the crossposting and be polite. Saying "please" doesn't hurt and a question ends in a question mark.