I have a RH5.3 x86_64 server running sendmail, spamassasin and
spamass-milter with the following selinux settings:
sestatus -v
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 21
Policy from config file: targeted
Process contexts:
Current context:
root:system_r:unconfined_t:SystemLow-SystemHigh
Init context: system_u:system_r:init_t
/sbin/mingetty system_u:system_r:getty_t
/usr/sbin/sshd
root:system_r:unconfined_t:SystemLow-SystemHigh
File contexts:
Controlling term: root:object_r:devpts_t
/etc/passwd system_u:object_r:etc_t
/etc/shadow system_u:object_r:shadow_t
/bin/bash system_u:object_r:shell_exec_t
/bin/login system_u:object_r:login_exec_t
/bin/sh system_u:object_r:bin_t ->
system_u:object_r:shell_exec_t
/sbin/agetty system_u:object_r:getty_exec_t
/sbin/init system_u:object_r:init_exec_t
/sbin/mingetty system_u:object_r:getty_exec_t
/usr/sbin/sshd system_u:object_r:sshd_exec_t
/lib/libc.so.6 system_u:object_r:lib_t ->
system_u:object_r:lib_t
/lib/ld-linux.so.2 system_u:object_r:lib_t ->
system_u:object_r:ld_so_t
Now I've built what I think is a very similar system as a VMWare VM,
with sestatus like this:
sestatus -v
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 21
Policy from config file: targeted
Process contexts:
Current context:
root:system_r:unconfined_t:SystemLow-SystemHigh
Init context: system_u:system_r:init_t
/sbin/mingetty system_u:system_r:getty_t
/usr/sbin/sshd
system_u:system_r:unconfined_t:SystemLow-SystemHigh
File contexts:
Controlling term: root:object_r:devpts_t
/etc/passwd system_u:object_r:etc_t
/etc/shadow system_u:object_r:shadow_t
/bin/bash system_u:object_r:shell_exec_t
/bin/login system_u:object_r:login_exec_t
/bin/sh system_u:object_r:bin_t ->
system_u:object_r:shell_exec_t
/sbin/agetty system_u:object_r:getty_exec_t
/sbin/init system_u:object_r:init_exec_t
/sbin/mingetty system_u:object_r:getty_exec_t
/usr/sbin/sshd system_u:object_r:sshd_exec_t
/lib/libc.so.6 system_u:object_r:lib_t ->
system_u:object_r:lib_t
/lib/ld-linux.so.2 system_u:object_r:lib_t ->
system_u:object_r:ld_so_t
The phsyical machine is
2.6.18-53.1.14.el5 #1 SMP Tue Feb 19 07:18:46 EST 2008 x86_64 x86_64
x86_64 GNU/Linux
and the VM is
2.6.18-128.4.1.el5 #1 SMP Thu Jul 23 19:59:19 EDT 2009 x86_64 x86_64
x86_64 GNU/Linux
spamass-milter works fine on the physical machine, but when I try to
start it on the VM I get the following SELinux error:
setroubleshoot: SELinux is preventing spamass-milter (spamd_t) "create"
to spamass.sock (var_run_t). For complete SELinux messages. run sealert
-l 373765ec-9c0f-424f-ab43-97f9597adaae
Both systems have the save version of policy-targeted:
selinux-policy-targeted-2.4.6-203.el5
I'm pretty sure I didn't do anything special on the physical system to
get it to work, it just worked straight out of the box. I think.
The RPM for spamass-milter is from DG repository and it's the same
package installed on both systems.
What could be the difference?
Thanks!
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
