On Mon, 2005-09-19 at 15:22 -0500, Hongwei Li wrote:
Hello,
I have a FC4 system, kernel: 2.6.12-1.1447_FC4, selinux targeted, enforced, installed: selinux-policy-targeted-1.25.4-10.1, selinux-policy-targeted-sources-1.25.4-10.1 squirrelmail-1.4.4-2
If I setenforce 0, then users can log in squirrelmail and read/send emails w/o problems. If I setenforce 1, then users cannot login sm. The error message is:
Error connecting to IMAP server: localhost. 13 : Permission denied
However, the system log does not show error message about it. So, if I run the selinux command, I got:
# audit2allow -l -i /var/log/messages -o /etc/selinux/targeted/src/policy/domains/program/apache.te
In FC4 the audit messages are in /var/log/audit/audit.log, not /var/log/messages.
It would be wise to understand what exactly SELinux is preventing rather than blindly appending rules to allow whatever it's trying to do though.
Paul.