Thanks - this is helpful but still not quite a fix. The suggested fixes seem general for the three issues of dovecot, nmbd, and spamc - but audit2allow does at least create them.
[dan@trailrunner ~]$ cat dovecotsocketselinux.te
module dovecotsocketselinux 1.0;
require { type dovecot_t; class socket create; }
#============= dovecot_t ============== allow dovecot_t self:socket create; [dan@trailrunner ~]$ [dan@trailrunner ~]$ [dan@trailrunner ~]$ cat nmbdselinux.te
module nmbdselinux 1.0;
require { type samba_share_t; type nmbd_t; class file { rename getattr unlink append }; class dir { search setattr }; }
#============= nmbd_t ============== allow nmbd_t samba_share_t:dir { search setattr }; allow nmbd_t samba_share_t:file { rename getattr unlink append }; [dan@trailrunner ~]$ [dan@trailrunner ~]$ [dan@trailrunner ~]$ cat spamcselinux.te
module spamcselinux 1.0;
require { type spamc_exec_t; type procmail_t; class file { read execute execute_no_trans }; }
#============= procmail_t ============== allow procmail_t spamc_exec_t:file { read execute execute_no_trans }; [dan@trailrunner ~]$
The problem is that when these are installed, dovecot fails - port 993 already in use.
So now what - again, default CentOS options and configuration for all three of these.
On Apr 30, 2009, at 1:38 PM, Ned Slider wrote:
Dan Roberts wrote:
Ok, but how?
http://wiki.centos.org/HowTos/SELinux
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos