CentOS-6 Another Email Related AVC

Home » General » CentOS-6 Another Email Related AVC
General No Comments

CentOS-6.6
Postfix-2.11.1 (local)
ClamAV-0.98.5 (epel)
Amavisd-new-2.9.1 (epel)
opendkim-2.9.0 (CentOS)
pypolicyd-spf-1.3.1 (epel)

/var/log/maillog

Dec 11 16:52:09 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:52:10 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:52:10 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:52:10 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:52:11 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:53:28 inet18 setroubleshoot: SELinux is preventing /usr/bin/clamscan from write access on the directory tmp. For complete SELinux messages. run sealert -l 1f0d210d-b4e1-4635-8765-f7e913e2bf28
Dec 11 16:53:29 inet18 setroubleshoot: SELinux is preventing /usr/bin/clamscan from write access on the directory tmp. For complete SELinux messages. run sealert -l 1f0d210d-b4e1-4635-8765-f7e913e2bf28
Dec 11 16:53:29 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:58:36 inet18 setroubleshoot: SELinux is preventing /usr/bin/clamscan from write access on the directory tmp. For complete SELinux messages. run sealert -l 1f0d210d-b4e1-4635-8765-f7e913e2bf28
Dec 11 16:58:36 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a Dec 11 16:58:37 inet18 setroubleshoot: SELinux is preventing /usr/bin/perl from read access on the file online. For complete SELinux messages. run sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a

sealert -l 62006e35-dcc8-4a4f-8e10-9f34757f3a4a SELinux is preventing /usr/bin/perl from read access on the file online.

***** Plugin catchall (100. confidence) suggests ***************************

If you believe that perl should be allowed read access on the online file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing:
# grep amavisd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

[root@inet18 ~ (master #)]# grep amavisd /var/log/audit/audit.log | audit2allow

#============= amavis_t =============allow amavis_t shell_exec_t:file { read open };
allow amavis_t sysfs_t:file read;