My apologies if this is the wrong list and there is a rhel/centos specific selinux list...
Trying to run postfix-2.2.3 on centos5. I'm using LDAP for maps and authentication.
Everytime I run postqueue -p (to show the mail queue) the command times out.
The following messages are logged in /var/log/maillog: Sep 25 14:50:03 mail1 postfix/showq[9842]: nss_ldap: failed to bind to LDAP serv er ldap://localhost/: Can't contact LDAP server Sep 25 14:50:03 mail1 postfix/showq[9842]: nss_ldap: failed to bind to LDAP serv er ldap://localhost/: Can't contact LDAP server Sep 25 14:50:03 mail1 postfix/showq[9842]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)... Sep 25 14:50:07 mail1 postfix/showq[9842]: nss_ldap: failed to bind to LDAP serv er ldap://localhost/: Can't contact LDAP server
The following AVCs show up in /var/log/audit/audit.log:
type=AVC msg=audit(1190746203.204:2162): avc: denied { create } for pid=9842 comm="showq" scontext=root:system_r:postfix_showq_t:s0 tcontext=root:system_r:po stfix_showq_t:s0 tclass=netlink_route_socket type=SYSCALL msg=audit(1190746203.204:2162): arch=40000003 syscall=102 success=n o exit=-13 a0=1 a1=bfb679e4 a2=484ff4 a3=bfb67c61 items=0 ppid=9835 pid=9842 aui d=0 uid=0 gid=89 euid=0 suid=0 fsuid=0 egid=89 sgid=89 fsgid=89 tty=(none) comm= "showq" exe="/usr/libexec/postfix/showq" subj=root:system_r:postfix_showq_t:s0 k ey=(null) type=AVC msg=audit(1190746203.204:2163): avc: denied { name_connect } for pid =9842 comm="showq" dest=389 scontext=root:system_r:postfix_showq_t:s0 tcontext=s ystem_u:object_r:ldap_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1190746203.204:2163): arch=40000003 syscall=102 success=n o exit=-13 a0=3 a1=bfb67b10 a2=1251b18 a3=973d6a0 items=0 ppid=9835 pid=9842 aui d=0 uid=0 gid=89 euid=0 suid=0 fsuid=0 egid=89 sgid=89 fsgid=89 tty=(none) comm= "showq" exe="/usr/libexec/postfix/showq" subj=root:system_r:postfix_showq_t:s0 k ey=(null) type=AVC msg=audit(1190746203.204:2164): avc: denied { create } for pid=9842 comm="showq" scontext=root:system_r:postfix_showq_t:s0 tcontext=root:system_r:po stfix_showq_t:s0 tclass=netlink_route_socket type=SYSCALL msg=audit(1190746203.204:2164): arch=40000003 syscall=102 success=n o exit=-13 a0=1 a1=bfb679e4 a2=484ff4 a3=bfb67c61 items=0 ppid=9835 pid=9842 aui d=0 uid=0 gid=89 euid=0 suid=0 fsuid=0 egid=89 sgid=89 fsgid=89 tty=(none) comm= "showq" exe="/usr/libexec/postfix/showq" subj=root:system_r:postfix_showq_t:s0 k ey=(null) type=AVC msg=audit(1190746203.204:2165): avc: denied { name_connect } for pid =9842 comm="showq" dest=389 scontext=root:system_r:postfix_showq_t:s0 tcontext=s ystem_u:object_r:ldap_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1190746203.204:2165): arch=40000003 syscall=102 success=n o exit=-13 a0=3 a1=bfb67b10 a2=1251b18 a3=9755b90 items=0 ppid=9835 pid=9842 aui d=0 uid=0 gid=89 euid=0 suid=0 fsuid=0 egid=89 sgid=89 fsgid=89 tty=(none) comm= "showq" exe="/usr/libexec/postfix/showq" subj=root:system_r:postfix_showq_t:s0 k ey=(null) type=AVC msg=audit(1190746207.205:2166): avc: denied { create } for pid=9842 comm="showq" scontext=root:system_r:postfix_showq_t:s0 tcontext=root:system_r:po stfix_showq_t:s0 tclass=netlink_route_socket type=SYSCALL msg=audit(1190746207.205:2166): arch=40000003 syscall=102 success=n o exit=-13 a0=1 a1=bfb679e4 a2=484ff4 a3=bfb67c61 items=0 ppid=9835 pid=9842 aui d=0 uid=0 gid=89 euid=0 suid=0 fsuid=0 egid=89 sgid=89 fsgid=89 tty=(none) comm= "showq" exe="/usr/libexec/postfix/showq" subj=root:system_r:postfix_showq_t:s0 k ey=(null) type=AVC msg=audit(1190746207.205:2167): avc: denied { name_connect } for pid =9842 comm="showq" dest=389 scontext=root:system_r:postfix_showq_t:s0 tcontext=s ystem_u:object_r:ldap_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1190746207.205:2167): arch=40000003 syscall=102 success=n o exit=-13 a0=3 a1=bfb67b10 a2=1251b18 a3=973d660 items=0 ppid=9835 pid=9842 aui d=0 uid=0 gid=89 euid=0 suid=0 fsuid=0 egid=89 sgid=89 fsgid=89 tty=(none) comm= "showq" exe="/usr/libexec/postfix/showq" subj=root:system_r:postfix_showq_t:s0 k ey=(null)