[CentOS] Broken Selinux Postfix Policy?
E.B.
emailbuilder88 at yahoo.comSun Apr 26 04:22:05 UTC 2015
- Previous message: [CentOS] Login screen under 7.1
- Next message: [CentOS] Broken Selinux Postfix Policy?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Trying to restart postfix installed from yum. Restart fails, I get:
type=AVC msg=audit(1430429813.721:12167): avc: denied { unlink } for
pid=31624 comm="master" name="defer" dev="dm-0" ino=981632
scontext=system_u:system_r:postfix_master_t:s0
tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 tclass=sock_file
I guess it needs to remove the /var/spool/postfix/defer socket file.
audit2allow says this will fix it:
allow postfix_master_t postfix_spool_maildrop_t:sock_file unlink;
But how do I add this permission to the existing Postfix Selinux policy???
Why was it missing???
By the way, I also had AVCs when I tried to add another instance of
Postfix smtpd on local port 20025. Very frustrating there is no docs
how to add a rule for this common change. I don't know if I did the
right thing:
semanage port -a -t smtp_port_t -p tcp 20025
Is this the right way? Why isn't this documented somewhere?
- Previous message: [CentOS] Login screen under 7.1
- Next message: [CentOS] Broken Selinux Postfix Policy?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list