Installed Packages
Name : postfix
Arch : x86_64
Epoch : 2
Version : 2.6.6
Release : 6.el6_5
Size : 9.7 M
Repo : installed
>From repo : updates
I am seeing several of these in our maillog file after a restart of the
Postfix service:
Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing
/usr/libexec/postfix/smtp from 'read, write' accesses on the file 546AA6099F.
For complete SELinux messages. run sealert -l
b95663bb-12ce-4f34-9537-dd88a41359e5
sealert -l b95663bb-12ce-4f34-9537-dd88a41359e5
SELinux is preventing /usr/libexec/postfix/smtp from 'read, write' accesses on
the file 546AA6099F.
***** Plugin catchall (100. confidence) suggests ***************************
If you believe that smtp should be allowed read write access on the 546AA6099F
file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep smtp /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
grep 546AA6099F /var/log/audit/audit.log | audit2why
type=AVC msg=audit(1398199187.646:29332): avc: denied { getattr } for
pid=23387 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398199187.646:29333): avc: denied { read write } for
pid=23387 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398199927.800:29411): avc: denied { getattr } for
pid=24131 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398199927.805:29412): avc: denied { read write } for
pid=24131 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398201500.778:29495): avc: denied { getattr } for
pid=25406 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398201500.779:29496): avc: denied { read write } for
pid=25406 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398204425.415:29681): avc: denied { getattr } for
pid=26964 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398204425.419:29682): avc: denied { read write } for
pid=26964 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398208625.418:29910): avc: denied { getattr } for
pid=29240 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398208625.419:29911): avc: denied { read write } for
pid=29240 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398212826.339:30139): avc: denied { getattr } for
pid=31325 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398212826.343:30140): avc: denied { read write } for
pid=31325 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398217026.114:30368): avc: denied { getattr } for
pid=855 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398217026.114:30369): avc: denied { read write } for
pid=855 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398221225.239:30628): avc: denied { getattr } for
pid=2652 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398221225.240:30629): avc: denied { read write } for
pid=2652 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398225425.850:30863): avc: denied { getattr } for
pid=4556 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398225425.851:30864): avc: denied { read write } for
pid=4556 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398229625.107:31116): avc: denied { getattr } for
pid=6545 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398229625.108:31117): avc: denied { read write } for
pid=6545 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398233825.788:31345): avc: denied { getattr } for
pid=8322 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398233825.789:31346): avc: denied { read write } for
pid=8322 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398238025.329:31580): avc: denied { getattr } for
pid=10706 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398238025.329:31581): avc: denied { read write } for
pid=10706 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398242226.269:31819): avc: denied { getattr } for
pid=12510 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398242226.272:31820): avc: denied { read write } for
pid=12510 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398246425.661:32081): avc: denied { getattr } for
pid=14363 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398246425.663:32082): avc: denied { read write } for
pid=14363 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398250626.380:32316): avc: denied { getattr } for
pid=16384 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398250626.381:32317): avc: denied { read write } for
pid=16384 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398254826.134:32581): avc: denied { getattr } for
pid=18686 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398254826.136:32582): avc: denied { read write } for
pid=18686 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398259025.251:32834): avc: denied { getattr } for
pid=20593 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398259025.252:32835): avc: denied { read write } for
pid=20593 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398263323.263:33063): avc: denied { getattr } for
pid=23647 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398263323.263:33064): avc: denied { read write } for
pid=23647 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398267592.473:33300): avc: denied { getattr } for
pid=27690 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398267592.474:33301): avc: denied { read write } for
pid=27690 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398271701.024:33555): avc: denied { getattr } for
pid=31449 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398271701.025:33556): avc: denied { read write } for
pid=31449 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398271701.025:33556): avc: denied { open } for
pid=31449 comm="smtp" name="546AA6099F" dev=dm-0 ino=395679
scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
type=AVC msg=audit(1398271701.025:33557): avc: denied { lock } for
pid=31449 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0
ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0
tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.
Is this the result of something I may have done like restarting postfix or is
this a real bug/error/defect/?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3