Greetings;
I get home tonight with the spam going wild, so I restart spamassassin, and get another copy of this:
Summary:
SELinux is preventing spamd(/usr/bin/perl) (spamd_t) "kill" to <Unknown> (spamd_t).
Detailed Description:
SELinux denied access requested by spamd(/usr/bin/perl). It is not expected that this access is required by spamd(/usr/bin/perl) and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Additional Information:
Source Context system_u:system_r:spamd_t:s0 Target Context system_u:system_r:spamd_t:s0 Target Objects None [ capability ] Source spamd(/usr/bin/perl) Port <Unknown> Host coyote.coyote.den Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.0.8-84.fc8 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name coyote.coyote.den Platform Linux coyote.coyote.den 2.6.24 #1 SMP PREEMPT Sun Feb 10 20:51:31 EST 2008 i686 athlon Alert Count 10 First Seen Wed 20 Feb 2008 09:36:02 PM EST Last Seen Mon 25 Feb 2008 10:51:32 PM EST Local ID 6d119b1a-2693-43cf-b27b-f4c2d8339623 Line Numbers
Raw Audit Messages
host=coyote.coyote.den type=AVC msg=audit(1203997892.182:2127): avc: denied { kill } for pid=5699 comm="spamd" capability=5 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:system_r:spamd_t:s0 tclass=capability
host=coyote.coyote.den type=SYSCALL msg=audit(1203997892.182:2127): arch=40000003 syscall=37 success=no exit=-1 a0=3f42 a1=2 a2=4af5f5cc a3=80775a8 items=0 ppid=1 pid=5699 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="spamd" exe="/usr/bin/perl" subj=system_u:system_r:spamd_t:s0 key=(null) ===================== So there's the bug report. What can I do?