View Issue Details

IDProjectCategoryView StatusLast Update
0015940CentOS-7selinux-policypublic2019-03-20 22:35
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015940: SELinux is preventing /usr/sbin/sendmail.postfix from 'read' accesses on the archivo /etc/postfix/
DescriptionDescription of problem:
SELinux is preventing /usr/sbin/sendmail.postfix from 'read' accesses on the archivo /etc/postfix/

***** Plugin httpd_can_sendmail (91.4 confidence) suggests ****************

Si quiere permitir que httpd envíe correos
Then debe configurar a SELinux para permitir esto.
setsebool -P httpd_can_sendmail=1

***** Plugin catchall (9.59 confidence) suggests **************************

Si cree que de manera predeterminada se debería permitir a sendmail.postfix el acceso read sobre file.
Then debería reportar esto como un error.
Puede generar un módulo de política local para permitir este acceso.
permita el acceso temporalmente ejecutando:
# ausearch -c 'sendmail' --raw | audit2allow -M mi-sendmail
# semodule -i mi-sendmail.pp

Additional Information:
Source Context system_u:system_r:httpd_t:s0
Target Context system_u:object_r:postfix_etc_t:s0
Target Objects /etc/postfix/ [ file ]
Source sendmail
Source Path /usr/sbin/sendmail.postfix
Port <Unknown>
Host (removed)
Source RPM Packages postfix-2.10.1-7.el7.x86_64
Target RPM Packages postfix-2.10.1-7.el7.x86_64
Policy RPM selinux-policy-3.13.1-229.el7_6.9.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.5.1.el7.x86_64 #1 SMP
                              Fri Feb 1 14:54:57 UTC 2019 x86_64 x86_64
Alert Count 1
First Seen 2019-03-19 16:52:56 CST
Last Seen 2019-03-19 16:52:56 CST
Local ID 4a23aae8-9f61-461d-b2ec-b02a519fcbaf

Raw Audit Messages
type=AVC msg=audit(1553035976.136:2730): avc: denied { read } for pid=12718 comm="sendmail" name="" dev="dm-0" ino=68566750 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:postfix_etc_t:s0 tclass=file permissive=0

type=SYSCALL msg=audit(1553035976.136:2730): arch=x86_64 syscall=open success=no exit=EACCES a0=555d3efbfc60 a1=0 a2=0 a3=3 items=0 ppid=5420 pid=12718 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm=sendmail exe=/usr/sbin/sendmail.postfix subj=system_u:system_r:httpd_t:s0 key=(null)

Hash: sendmail,httpd_t,postfix_etc_t,file,read

Version-Release number of selected component:
Additional Informationreporter: libreport-
hashmarkername: setroubleshoot
kernel: 3.10.0-957.10.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-03-20 22:35 IxChel New Issue