Re: [FC3] Squirrel Mail / SELinux

• Previous message: Mark Bidewell: "Re: Kernel Compiling"
• In reply to: M.Lewis: "[FC3] Squirrel Mail / SELinux"
• Next in thread: M.Lewis: "Re: [FC3] Squirrel Mail / SELinux"
• Reply: M.Lewis: "Re: [FC3] Squirrel Mail / SELinux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 29 Jun 2005 17:44:57 -0500
To: For users of Fedora Core releases <fedora-list@redhat.com>

M.Lewis wrote:

> I'm having a problem logging into Squirrel Mail. I have the following
> in the log:
>
> Jun 29 14:40:40 cygnus kernel: audit(1120081240.918:0): avc: denied
> { connect } for pid=4379 exe=/usr/sbin/httpd
> scontext=user_u:system_r:httpd_ttcontext=user_u:system_r:httpd_t
> tclass=tcp_socket
>
> Earlier today, I did the procedure that's been described in the past
> week by Alexander I believe:
>
> su -
> rpm -ev selinux-policy-targeted selinux-policy-targeted-sources
> rm -fR /etc/selinux/targeted/
> rpm -ivh
> /var/cache/yum/updates-released/packages/selinux-policy-targeted-1.17.30-3.9.noarch.rpm
> /var/cache/yum/updates-released/packages/selinux-policy-targeted-sources-1.17.30-3.9.noarch.rpm
>
> touch /.autorelabel
>
> Still I'm having the error shown above. Suggestions?
>
> Thanks,
> Mike

I ended up doing this to get it to work:

setsebool -P httpd_can_network_connect=1
setsebool -P dovecot_disable_trans=1

Now that SELinux doesn't mess with Dovecot, and the http flag is
changed, Dovecot can connect to http. I also had to change some SELinux
settings before I could get to any files through SAMBA, and more to get
my WAN link to come up on boot. When SELinux prevented me from
getting/putting files to my home directory and ALSO prevented me from
cd'ing out of my home directory, I ended up disabling it completely.
Now eveything works. :-)

Use: setenforce 0 to temporarily disable SELinux to see if it fixes
things
that are broke. It'll re-enable the next time you reboot.

(apologies if this shows up on the list multiple times. I was having
mail trouble and it looked like nothing was getting through)

-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

• Previous message: Mark Bidewell: "Re: Kernel Compiling"
• In reply to: M.Lewis: "[FC3] Squirrel Mail / SELinux"
• Next in thread: M.Lewis: "Re: [FC3] Squirrel Mail / SELinux"
• Reply: M.Lewis: "Re: [FC3] Squirrel Mail / SELinux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: [FC3] Squirrel Mail / SELinux ... >> I'm having a problem logging into Squirrel Mail. ... I also had to change some SELinux ... setenforce 0 to temporarily disable SELinux to see if it fixes ... > (apologies if this shows up on the list multiple times. ... (Fedora) Re: cups-pdf && SELinux problem running ... allow cupsd_t var_spool_t:file {create getattr read setattr unlink write}; ... labeling problem. ... I need to allow cups to write into that directories or into a $HOME/cups-pdf-docs directory to disallow cups all control over $HOME directory. ... Enablilng SELinux as restrictive I can (is my laptop and I want to learn a more about SELinux and apps issues. ... (Fedora) Re: Procmail battles ... > way during logins and is emulated in procmail runs. ... This insight has led to the real culprit: selinux. ... a more stringent FC5 selinux setting is what is ailing me. ... is /save/home/$USER the home directory for $USER? ... (Fedora) Re: Procmail battles ... > way during logins and is emulated in procmail runs. ... This insight has led to the real culprit: selinux. ... a more stringent FC5 selinux setting is what is ailing me. ... is /save/home/$USER the home directory for $USER? ... (Fedora) Re: Procmail battles ... > way during logins and is emulated in procmail runs. ... This insight has led to the real culprit: selinux. ... a more stringent FC5 selinux setting is what is ailing me. ... is /save/home/$USER the home directory for $USER? ... (Fedora)