fedora-selinux August 2010 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: Re: A sendmail problem

Re: A sendmail problem

From: mark <m.roth_at_nospam>
Date: Tue Aug 10 2010 - 22:48:09 GMT
To: selinux@lists.fedoraproject.org

Paul Howarth wrote:
> On 10/08/10 14:38, m.roth@5-cent.us wrote:
>> The last few days - I think there was a policy update to FC13 - I started
>> seeing
>> /etc/cron.daily/0logwatch:
>>> Can't exec "sendmail": Permission denied at /usr/sbin/logwatch line
>>> 1032,<TESTFILE> line 2.
>>> Can't execute sendmail -t: Permission denied
>> Mentioned this to my manager, and he didn't see anything in messages, but
>> saw this audit message:
>>
>> type=SELINUX_ERR msg=audit(1281423963.394:71003):
>> security_compute_sid: invalid context
>> system_u:system_r:logwatch_mail_t:s0-s0:c0.c1023 for
>> scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=process
>>
>> Why would a policy prevent logwatch from using sendmail to forward a log?
>
> https://bugzilla.redhat.com/show_bug.cgi?id=617790

Thanks. It was my manager's system that was griping, and he's installed the
test update, and we'll see in the morning.

        mark

-- "Corrupt the language and society will follow." - George Orwell. -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux