More Avc’s Wrt To Email
CentOS-6.6
Postfix-2.11.1 (local)
ClamAV-0.98.5 (epel)
Amavisd-new-2.9.1 (epel)
opendkim-2.9.0 (CentOS)
pypolicyd-spf-1.3.1 (epel)
Is there something going on in selinuxland with respect to clamav, amavisd-new and postfix? Since the most recent update of clamav I seem to be detecting more avc’s. It may be that it is because I am looking for them more frequently but it seems to me that something has happened external to my control.
The most recent things I see are these:
audit2allow -l -a
#============= amavis_t =============allow amavis_t sysfs_t:dir read;
allow amavis_t sysfs_t:file open;
#============= clamscan_t =============#!!!! The source type ‘clamscan_t’ can write to a ‘dir’ of the following types:
# clamscan_tmp_t, clamd_var_lib_t, tmp_t, root_t
allow clamscan_t amavis_spool_t:dir write;
#============= postfix_smtp_t =============allow postfix_smtp_t postfix_spool_maildrop_t:file open;
#============= spamd_t =============allow spamd_t etc_runtime_t:file append;
Is there anything wrong with just creating a local policy module for these and loading it?
Recent Comments