[CentOS] CentOS-6 Another email related AVC

Thu Dec 11 22:27:51 UTC 2014
James B. Byrne <byrnejb at harte-lyne.ca>

CentOS-6.6
Postfix-2.11.1 (local)
ClamAV-0.98.5 (epel)
Amavisd-new-2.9.1 (epel)
opendkim-2.9.0 (centos)
pypolicyd-spf-1.3.1 (epel)


/var/log/maillog

Dec 11 16:52:09 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:52:10 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:52:10 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:52:10 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:52:11 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:53:28 inet18 setroubleshoot: SELinux is preventing /usr/bin/clamscan
from write access on the directory tmp. For complete SELinux messages. run
sealert -l 1f0d210d-b4e1-4635-8765-f7e913e2bf28
Dec 11 16:53:29 inet18 setroubleshoot: SELinux is preventing /usr/bin/clamscan
from write access on the directory tmp. For complete SELinux messages. run
sealert -l 1f0d210d-b4e1-4635-8765-f7e913e2bf28
Dec 11 16:53:29 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:58:36 inet18 setroubleshoot: SELinux is preventing /usr/bin/clamscan
from write access on the directory tmp. For complete SELinux messages. run
sealert -l 1f0d210d-b4e1-4635-8765-f7e913e2bf28
Dec 11 16:58:36 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
Dec 11 16:58:37 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl
from read access on the file online. For complete SELinux messages. run
sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a


sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a
SELinux is preventing /usr/bin/perl from read access on the file online.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that perl should be allowed read access on the online file by
default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep amavisd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


[root at inet18 ~ (master #)]# grep amavisd /var/log/audit/audit.log | audit2allow


#============= amavis_t ==============
allow amavis_t shell_exec_t:file { read open };
allow amavis_t sysfs_t:file read;



-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3