Hi,
I just installed SpamAssassin on two servers running CentOS 7 and Postfix. One is my sandbox server for experimenting, the other one is the server that hosts my company's web site, blog, mail, etc.
So far, SpamAssassin seems to work as expected. I sent a test mail, which was duly flagges as [SPAM], and I already see the odd incoming spam message correctly flagged as [SPAM].
For testing purposes, I switched SELinux to permissive mode (usually I activate SELinux for everything).
It looks like it's causing a bit of a problem here.
# sealert -a /var/log/audit/audit.log
And here's what I get.
--8<------------------------------------------------------ SELinux is preventing /usr/bin/perl from create access on the directory .spamassassin.
***** Plugin catchall (100. confidence) suggests *********
If you believe that perl should be allowed create access on the .spamassassin directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c '7370616D64206368696C64' --raw | audit2allow -M my-7370616D64206368696C64 # semodule -i my-7370616D64206368696C64.pp ... --8<------------------------------------------------------
Usually sealert's suggestions are to the point and work perfectly. Except in this case it doesn't. Here's what I get:
# ausearch -c '7370616D64206368696C64' --raw | audit2allow -M my-7370616D64206368696C64 Nothing to do
Any suggestions?
Cheers from the sunny South of France,
Niki Kovacs
Le 06/10/2017 à 08:50, Nicolas Kovacs a écrit :
Usually sealert's suggestions are to the point and work perfectly. Except in this case it doesn't. Here's what I get:
# ausearch -c '7370616D64206368696C64' --raw | audit2allow -M my-7370616D64206368696C64 Nothing to do
Any suggestions?
I'll answer that myself, since I just found the culprit.
# setsebool -P spamd_enable_home_dirs 1
Boolean did the trick. Looks like this is not in setroubleshoot's database.
Cheers,
Niki