Package: selinux-policy-default Version: 2:0.0.20080702-6 Severity: important
Postfix doesn't work with SELinux in Enforce mode. It's impossible to send an email or check mailq : For mail command : srv2-reverse-pxy-c59p:~# echo "test" | mail -s "test" myem...@mydomain.fr send-mail: fatal: execvp /usr/sbin/postdrop: Permission denied send-mail: warning: command "/usr/sbin/postdrop -r" exited with status 1 send-mail: fatal: root(0): unable to execute /usr/sbin/postdrop -r: Success Can't send mail: sendmail process failed with error code 75 srv2-reverse-pxy-c59p:~# syslog : Oct 4 07:59:30 srv2-reverse-pxy-c59p send-mail[7745]: fatal: execvp /usr/sbin/postdrop: Permission denied Oct 4 07:59:30 srv2-reverse-pxy-c59p kernel: [518194.655281] type=1401 audit(1286171970.993:46): security_compute_sid: invalid context unconfined_u:unconfined_r:postfix_postdrop_t:s0 for scontext=unconfined_u:unconfined_r:unconfined_mail_t:s0 tcontext=system_u:object_r:postfix_postdrop_exec_t:s0 tclass=process Oct 4 07:59:31 srv2-reverse-pxy-c59p postfix/sendmail[7744]: warning: command "/usr/sbin/postdrop -r" exited with status 1 Oct 4 07:59:31 srv2-reverse-pxy-c59p postfix/sendmail[7744]: fatal: root(0): unable to execute /usr/sbin/postdrop -r: Success dmesg : [518194.655281] type=1401 audit(1286171970.993:46): security_compute_sid: invalid context unconfined_u:unconfined_r:postfix_postdrop_t:s0 for scontext=unconfined_u:unconfined_r:unconfined_mail_t:s0 tcontext=system_u:object_r:postfix_postdrop_exec_t:s0 tclass=process For mailq command : srv2-reverse-pxy-c59p:~# mailq mailq: fatal: execv /usr/sbin/postqueue: Permission denied srv2-reverse-pxy-c59p:~# syslog : Oct 4 08:11:26 srv2-reverse-pxy-c59p postfix/sendmail[7759]: fatal: execv /usr/sbin/postqueue: Permission denied Oct 4 08:11:26 srv2-reverse-pxy-c59p kernel: [518913.529188] type=1401 audit(1286172686.605:47): security_compute_sid: invalid context unconfined_u:unconfined_r:postfix_postqueue_t:s0 for scontext=unconfined_u:unconfined_r:unconfined_mail_t:s0 tcontext=system_u:object_r:postfix_postqueue_exec_t:s0 tclass=process dmesg : [518913.529188] type=1401 audit(1286172686.605:47): security_compute_sid: invalid context unconfined_u:unconfined_r:postfix_postqueue_t:s0 for scontext=unconfined_u:unconfined_r:unconfined_mail_t:s0 tcontext=system_u:object_r:postfix_postqueue_exec_t:s0 tclass=process Others informations : srv2-reverse-pxy-c59p:~# getenforce Enforcing srv2-reverse-pxy-c59p:~# id uid=0(root) gid=0(root) groupes=0(root),1(daemon),2(bin),3(sys),4(adm),6(disk) context=unconfined_u:unconfined_r:unconfined_t:s0 srv2-reverse-pxy-c59p:~# ls -Z /usr/sbin/postdrop system_u:object_r:postfix_postdrop_exec_t:s0 /usr/sbin/postdrop srv2-reverse-pxy-c59p:~# ls -Z /usr/sbin/sendmail system_u:object_r:sendmail_exec_t:s0 /usr/sbin/sendmail srv2-reverse-pxy-c59p:~# ls -Z /usr/bin/mail system_u:object_r:bin_t:s0 /usr/bin/mail srv2-reverse-pxy-c59p:~# ls -Z /usr/sbin/postqueue system_u:object_r:postfix_postqueue_exec_t:s0 /usr/sbin/postqueue srv2-reverse-pxy-c59p:~# srv2-reverse-pxy-c59p:~# dpkg -l | grep selinux ii libselinux1 2.0.65-5 SELinux shared libraries ii python-selinux 2.0.65-5 Python bindings to SELinux shared libraries ii selinux-basics 0.3.5 SELinux basic support ii selinux-policy-default 2:0.0.20080702-6 Strict and Targeted variants of the SELinux ii selinux-utils 2.0.65-5 SELinux utility programs Thanks, AUrelien PROVIN -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
