[CentOS] selinux & httpd & portmap
Craig White
craigwhite at azapple.com
Mon Jul 28 15:53:43 UTC 2008
On Mon, 2008-07-28 at 09:24 -0400, Toby Bluhm wrote:
> >> SO - is it normal to have to update policies on basic services? Am I
> >> missing an rpm?
> > ----
> > those aren't basic services but are packages that are supplied by
>
> postfix is centos, the rest are from rpmforge
>
> > repositories other than CentOS/upstream and apparently don't have all of
> > their files/folder labeled properly.
> >
> > what do you get from command...
> >
> > sealert -a /var/log/dmesg
>
>
> zero alerts
>
>
> > or
> > sealert -a /var/log/audit/audit.log
> >
>
>
> lots of stuff from when it wasn't labeled right, so I stripped all
> audit.log entries before the last DAEMON_START to a file & ran sealert
> on it.
----
I just want to point out that the issue isn't with postfix but rather
amavisd and how/where amavisd connects/communicates with the various
parts and pieces.
I'm afraid that I can't be too much help here because I use MailScanner
and not amavisd but the SELinux mail list could help you work through
these things (I'm presuming that amavisd hasn't worked through all of
their contexts).
Craig
More information about the CentOS
mailing list