View Issue Details

IDProjectCategoryView StatusLast Update
0018450CentOS-7selinux-policypublic2022-05-12 05:44
Reporterraavan666 Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionunable to reproduce 
OS Version7 
Summary0018450: SELinux is preventing /usr/libexec/postfix/proxymap from 'read' accesses on the directory /etc/my.cnf.d.
DescriptionDescription of problem:
When i was trying to run the cwp panel this problem happen which block postfix to run
SELinux is preventing /usr/libexec/postfix/proxymap from 'read' accesses on the directory /etc/my.cnf.d.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that proxymap should be allowed read access on the my.cnf.d directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'proxymap' --raw | audit2allow -M my-proxymap
# semodule -i my-proxymap.pp

Additional Information:
Source Context system_u:system_r:postfix_master_t:s0
Target Context system_u:object_r:mysqld_etc_t:s0
Target Objects /etc/my.cnf.d [ dir ]
Source proxymap
Source Path /usr/libexec/postfix/proxymap
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages MariaDB-client-10.2.43-1.el7.centos.x86_64
                              MariaDB-server-10.2.43-1.el7.centos.x86_64
Policy RPM selinux-policy-3.13.1-268.el7_9.2.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name (removed)
Platform Linux (removed) 3.10.0-1160.62.1.el7.x86_64 #1 SMP
                              Tue Apr 5 16:57:59 UTC 2022 x86_64 x86_64
Alert Count 4
First Seen 2022-05-11 18:04:45 IST
Last Seen 2022-05-12 10:35:02 IST
Local ID 288e6ce8-7f75-476d-a421-0db4bd4f3e7c

Raw Audit Messages
type=AVC msg=audit(1652331902.162:2254): avc: denied { read } for pid=8727 comm="proxymap" name="my.cnf.d" dev="dm-0" ino=34436557 scontext=system_u:system_r:postfix_master_t:s0 tcontext=system_u:object_r:mysqld_etc_t:s0 tclass=dir permissive=1


Hash: proxymap,postfix_master_t,mysqld_etc_t,dir,read

Version-Release number of selected component:
selinux-policy-3.13.1-268.el7_9.2.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-1160.62.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hasha7251983b373976a627b79161c9891b84af07edae9a748c7a9092bbb0802fe78
URL

Activities

ManuelWolfshant

ManuelWolfshant

2022-05-12 05:44

manager   ~0038923

Unfortunately cwp is a product which - despite its name - has absolutely no relationship with the CentOS Project and we cannot ensure any sort of support for it.
If relabeling the filesystem does not solve your problem ( touch /.autorelabel && reboot ), please seek support in the support avenues of cwp.

Issue History

Date Modified Username Field Change
2022-05-12 05:38 raavan666 New Issue
2022-05-12 05:44 ManuelWolfshant Status new => closed
2022-05-12 05:44 ManuelWolfshant Resolution open => unable to reproduce
2022-05-12 05:44 ManuelWolfshant Note Added: 0038923