[CentOS] New selinux-policy breaks logwatch emails?

James Rankin rankin.james at gmail.com
Fri Jan 8 13:28:44 UTC 2010


Hello,
After a yum update last night, I had a CenOS 5.4 i386 system pull in the
following selinux updates:
Jan 07 21:39:14 Updated: selinux-policy-2.4.6-255.el5_4.3.noarch
Jan 07 21:39:31 Updated:
selinux-policy-targeted-2.4.6-255.el5_4.3.noarch

This machine has SELinux set to Enforcing.

This morning, I see I got the following email from Cron:
/etc/cron.daily/0logwatch:

sendmail: warning: premature end-of-input on /usr/sbin/postdrop -r while
reading input attribute name
sendmail: fatal: root(0): unable to execute /usr/sbin/postdrop -r:
Success


Frankly, this error message means little to mean... in the course of
troubleshooting, I tried this:
# setenforce Permissive
# /etc/cron.daily/0logwatch

And it worked! The logwatch email sends without error. If I turn SELinux
back to Enforcing, then the email error is consistently repeated. 

What confuses me is that, when SElinux enforcing causes this error to
occur, no SELinux or AVC messages appear in /var/log/messages
or /vaar/log/secure or /var/log/audit/audit.log.

Has anyone else seen this? Any suggestions would be appreciated.
Thanks!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.centos.org/pipermail/centos/attachments/20100108/aa4ecd12/attachment.html 


More information about the CentOS mailing list