Hello,
I have a FC4 system, kernel: 2.6.12-1.1447_FC4, selinux targeted, enforced, installed: selinux-policy-targeted-1.25.4-10.1, selinux-policy-targeted-sources-1.25.4-10.1 squirrelmail-1.4.4-2
If I setenforce 0, then users can log in squirrelmail and read/send emails w/o problems. If I setenforce 1, then users cannot login sm. The error message is:
Error connecting to IMAP server: localhost. 13 : Permission denied
However, the system log does not show error message about it. So, if I run the selinux command, I got:
# audit2allow -l -i /var/log/messages -o /etc/selinux/targeted/src/policy/domains/program/apache.te
# make load make: Nothing to be done for `load'.
BTW, users can still run pine to read/send emails. I tried to set squirrelmail's server setting using sendmail or smtp, but no help.
Can somebody tell how to solve the problem?
Thanks!
Hongwei Li
On Mon, 2005-09-19 at 15:22 -0500, Hongwei Li wrote:
Hello,
I have a FC4 system, kernel: 2.6.12-1.1447_FC4, selinux targeted, enforced, installed: selinux-policy-targeted-1.25.4-10.1, selinux-policy-targeted-sources-1.25.4-10.1 squirrelmail-1.4.4-2
If I setenforce 0, then users can log in squirrelmail and read/send emails w/o problems. If I setenforce 1, then users cannot login sm. The error message is:
Error connecting to IMAP server: localhost. 13 : Permission denied
However, the system log does not show error message about it. So, if I run the selinux command, I got:
# audit2allow -l -i /var/log/messages -o /etc/selinux/targeted/src/policy/domains/program/apache.te
In FC4 the audit messages are in /var/log/audit/audit.log, not /var/log/messages.
It would be wise to understand what exactly SELinux is preventing rather than blindly appending rules to allow whatever it's trying to do though.
Paul.
Hello,
I have a FC4 system, kernel: 2.6.12-1.1447_FC4, selinux targeted, enforced, installed: selinux-policy-targeted-1.25.4-10.1, selinux-policy-targeted-sources-1.25.4-10.1 squirrelmail-1.4.4-2
If I setenforce 0, then users can log in squirrelmail and read/send emails w/o problems. If I setenforce 1, then users cannot login sm. The error message is:
Error connecting to IMAP server: localhost. 13 : Permission denied
However, the system log does not show error message about it. So, if I run the selinux command, I got:
# audit2allow -l -i /var/log/messages -o /etc/selinux/targeted/src/policy/domains/program/apache.te
The problem has been fixed by working with audit.log instead of message log. Post it here in case other people have similar problem.
Hongwei
selinux@lists.fedoraproject.org
-
Hongwei Li -
Paul Howarth