[CentOS] Defaults of CentOS Install not working with SELinux
Dan Roberts
dan at jlazyh.com
Thu Apr 30 23:38:15 UTC 2009
Thanks - this is helpful but still not quite a fix. The suggested
fixes seem general for the three issues of dovecot, nmbd, and spamc -
but audit2allow does at least create them.
[dan at trailrunner ~]$ cat dovecotsocketselinux.te
module dovecotsocketselinux 1.0;
require {
type dovecot_t;
class socket create;
}
#============= dovecot_t ==============
allow dovecot_t self:socket create;
[dan at trailrunner ~]$
[dan at trailrunner ~]$
[dan at trailrunner ~]$ cat nmbdselinux.te
module nmbdselinux 1.0;
require {
type samba_share_t;
type nmbd_t;
class file { rename getattr unlink append };
class dir { search setattr };
}
#============= nmbd_t ==============
allow nmbd_t samba_share_t:dir { search setattr };
allow nmbd_t samba_share_t:file { rename getattr unlink append };
[dan at trailrunner ~]$
[dan at trailrunner ~]$
[dan at trailrunner ~]$ cat spamcselinux.te
module spamcselinux 1.0;
require {
type spamc_exec_t;
type procmail_t;
class file { read execute execute_no_trans };
}
#============= procmail_t ==============
allow procmail_t spamc_exec_t:file { read execute execute_no_trans };
[dan at trailrunner ~]$
The problem is that when these are installed, dovecot fails - port 993
already in use.
So now what - again, default CentOS options and configuration for all
three of these.
On Apr 30, 2009, at 1:38 PM, Ned Slider wrote:
> Dan Roberts wrote:
>> Ok, but how?
>>
>
> http://wiki.centos.org/HowTos/SELinux
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list