2008年7月10日木曜日

SELinux is preventing amavisd (amavis_t)

/var/log/messagesを見たら、こんなSELinuxがらみのエラーメッセージがあった。

Jul 10 08:02:37 dkuro2 setroubleshoot:SELinux is preventing amavisd (amavis_t) "name_bind" to (netsupport_port_t).
For complete SELinux messages. run sealert -l ea9a4be1-4da8-4f22-af2f-398519e61570


で、sealertしてみると

sealert -l ea9a4be1-4da8-4f22-af2f-398519e61570
Summary
SELinux is preventing amavisd (amavis_t) "name_bind" to
(netsupport_port_t).

Detailed Description
SELinux denied access requested by amavisd. It is not expected that this
access is required by amavisd and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of
the application is causing it to require additional access.

Allowing Access
You can generate a local policy module to allow this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
SELinux protection altogether. Disabling SELinux protection is not
recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.

Additional Information

Source Context system_u:system_r:amavis_t
Target Context system_u:object_r:netsupport_port_t
Target Objects None [ udp_socket ]
Affected RPM Packages
Policy RPM selinux-policy-2.6.4-70.fc7
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall
Host Name dkuro2.dyndns.org
Platform Linux dkuro2.dyndns.org 2.6.23.17-88.fc7 #1 SMP
Thu May 15 00:35:10 EDT 2008 i686 i686
Alert Count 1
First Seen Thu Jul 10 08:02:26 2008
Last Seen Thu Jul 10 08:02:26 2008
Local ID ea9a4be1-4da8-4f22-af2f-398519e61570
Line Numbers

Raw Audit Messages

avc: denied { name_bind } for comm="amavisd" egid=496 euid=497
exe="/usr/bin/perl" exit=-13 fsgid=496 fsuid=497 gid=496 items=0 pid=2493
scontext=system_u:system_r:amavis_t:s0 sgid=496 src=5405
subj=system_u:system_r:amavis_t:s0 suid=497 tclass=udp_socket
tcontext=system_u:object_r:netsupport_port_t:s0 tty=(none) uid=497


後でゆっくり調べましょう。

0 件のコメント: