mail2mphani |
08-19-2009 02:52 AM |
sendmail selinux error
hi i configured sendmail with squirrelmail in RHEL5.3
it is working fine. i can send the mail and receive the mail .
but when i try to send the mail a selinux error is coming[but mail is sending successfully ]. i don't under stand this message.
Quote:
Summary:
SELinux is preventing sendmail (system_mail_t) "read" to eventpoll (httpd_t).
Detailed Description:
SELinux denied access requested by sendmail. It is not expected that this access
is required by sendmail and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for eventpoll,
restorecon -v 'eventpoll'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinu...fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context system_u:system_r:system_mail_t
Target Context system_u:system_r:httpd_t
Target Objects eventpoll [ file ]
Source sendmail
Source Path /usr/sbin/sendmail.sendmail
Port <Unknown>
Host mail.example.com
Source RPM Packages sendmail-8.13.8-2.el5
Target RPM Packages
Policy RPM selinux-policy-2.4.6-203.el5
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall_file
Host Name mail.example.com
Platform Linux mail.example.com 2.6.18-128.el5 #1 SMP Wed
Dec 17 11:42:39 EST 2008 i686 i686
Alert Count 1
First Seen Wed 19 Aug 2009 06:30:39 PM IST
Last Seen Wed 19 Aug 2009 06:30:39 PM IST
Local ID ca349210-0a7a-4ff3-8fc6-39ba268c6ac8
Line Numbers
Raw Audit Messages
host=mail.example.com type=AVC msg=audit(1250686839.94:107): avc: denied { read } for pid=4249 comm="sendmail" path="eventpoll:[7625]" dev=eventpollfs ino=7625 scontext=system_u:system_r:system_mail_t:s0 tcontext=system_u:system_r:httpd_t:s0 tclass=file
host=mail.example.com type=SYSCALL msg=audit(1250686839.94:107): arch=40000003 syscall=11 success=yes exit=0 a0=87abd90 a1=87ac120 a2=87abea0 a3=40 items=0 ppid=2295 pid=4249 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=51 sgid=51 fsgid=51 tty=(none) ses=4294967295 comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:system_mail_t:s0 key=(null)
|
|