[CentOS] SELInux conflict with Postfixadmin

Robert Moskowitz rgm at htt-consult.com
Tue Feb 21 16:52:40 UTC 2017



On 02/21/2017 11:46 AM, Zdenek Sedlak wrote:
> On 2017-02-21 17:30, Robert Moskowitz wrote:
>> postfixadmin setup.php is claiming:
>>
>> *Error: Smarty template compile directory templates_c is not writable.*
>> *Please make it writable.*
>> *If you are using SELinux or AppArmor, you might need to adjust their
>> setup to allow write access.*
>>
>>
>> This goes away with 'setenforce 0', so it is an SELinux issue.  I have
>> tried both:
>>
>> restorecon -Rv /usr/share/postfixadmin
>>
>> and
>>
>> chcon -R -t httpd_sys_content_t /usr/share/postfixadmin
>>
>> and they are not the problem.  Googling this message doe snot produce
>> any SELinux advice.
>>
>> Any ideas?
>>
>> thanks
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
> Hi,
>
> after 'setenforce 0' check the /var/log/audit/audit.log:
>
> # grep /var/log/audit/audit.log | audit2why

Don't I need a search string in that grep command?

> to see where  the problem could be.

Anyway the last three entries are:

type=AVC msg=audit(1487695678.704:128): avc:  denied  { write } for 
pid=2055 comm="httpd" name="templates_c" dev="sda3" ino=786958 
scontext=system_u:system_r:httpd_t:s0 
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir 
permissive=1

type=SYSCALL msg=audit(1487695678.704:128): arch=40000028 syscall=33 
per=800000 success=yes exit=0 a0=813c3ed0 a1=2 a2=0 a3=0 items=0 
ppid=2053 pid=2055 auid=4294967295 uid=48 gid=48 euid=48 suid=48 
fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="httpd" 
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)

type=PROCTITLE msg=audit(1487695678.704:128): 
proctitle=2F7573722F7362696E2F6874747064002D44464F524547524F554E44





More information about the CentOS mailing list