postfix and selinux [selinux updates broke postfix?]
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
grep postfix /var/log/audit.log | audit2allow -M mypostfix2
grep: /var/log/audit.log: No such file or directory
compilation failed:
mypostfix2.te:7:ERROR 'syntax error' at token '' on line 7:
/usr/bin/checkmodule: error(s) encountered while parsing configuration
/usr/bin/checkmodule: loading policy configuration from mypostfix2.te
Code:
semodule -i mypostfix2.pp
semodule: Could not read file 'mypostfix2.pp': No such file or directory
This creates a new policy file called mypostfix2 based on the audit errors in your log file (/var/log/audit.log). There should be two new files, one called mypostfix2.te and an automatically compiled policy file called mypostfix2.pp.
The audit2allow program uses the audit file to identify the errors you want to allow, creating a policy to allow them rather than reject them.
Then you can run the semodule -i command to implement this new policy:-
It is only accessible by the root user. Are you logged in as root? If you can't find it, try this command to locate the location of your SELinux log files:-
Code:
find / -name audit.log -print
or
locate audit.log
I don't have a FC9 machine, but I would have thought the file should be in the directory /var/log/audit.
Last edited by blacky_5251; 03-12-2010 at 12:48 AM.
I take it selinux is disabling access to;
postfix/cleanup[7581]: fatal: open lock file
pid/unix.cleanup: cannot open file: Permission denied
and thats why i get these errors after it;
Mar 12 06:03:53 HOSTNAME postfix/master[7523]: warning: process
/usr/libexec/postfix/cleanup pid 7581 exit status 1
Mar 12 06:03:53 HOSTNAME postfix/master[7523]: warning:
/usr/libexec/postfix/cleanup: bad command startup -- throttling
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.