Re: [FC3] Squirrel Mail / SELinux

From: M.Lewis (_fedoralist__at_cajuninc.com)
Date: 06/30/05

Next message: Globe Trotter: "strange issues w/ HP LaserJet 5M on FC4"

Previous message: Andy Schlei: "Re: Can't find existing Fedora on FC3>FC4 upgrade"
In reply to: Randy: "Re: [FC3] Squirrel Mail / SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 29 Jun 2005 18:16:49 -0500
To: For users of Fedora Core releases <fedora-list@redhat.com>

Randy wrote:
> M.Lewis wrote:
>
>> I'm having a problem logging into Squirrel Mail. I have the following
>> in the log:
>>
>> Jun 29 14:40:40 cygnus kernel: audit(1120081240.918:0): avc: denied
>> { connect } for pid=4379 exe=/usr/sbin/httpd
>> scontext=user_u:system_r:httpd_ttcontext=user_u:system_r:httpd_t
>> tclass=tcp_socket
>>
>> Earlier today, I did the procedure that's been described in the past
>> week by Alexander I believe:
>>
>> su -
>> rpm -ev selinux-policy-targeted selinux-policy-targeted-sources
>> rm -fR /etc/selinux/targeted/
>> rpm -ivh
>> /var/cache/yum/updates-released/packages/selinux-policy-targeted-1.17.30-3.9.noarch.rpm
>> /var/cache/yum/updates-released/packages/selinux-policy-targeted-sources-1.17.30-3.9.noarch.rpm
>>
>> touch /.autorelabel
>>
>> Still I'm having the error shown above. Suggestions?
>>
>> Thanks,
>> Mike
>
>
> I ended up doing this to get it to work:
>
> setsebool -P httpd_can_network_connect=1
> setsebool -P dovecot_disable_trans=1
>
> Now that SELinux doesn't mess with Dovecot, and the http flag is
> changed, Dovecot can connect to http. I also had to change some SELinux
> settings before I could get to any files through SAMBA, and more to get
> my WAN link to come up on boot. When SELinux prevented me from
> getting/putting files to my home directory and ALSO prevented me from
> cd'ing out of my home directory, I ended up disabling it completely.
> Now eveything works. :-)
>
> Use: setenforce 0 to temporarily disable SELinux to see if it fixes
> things
> that are broke. It'll re-enable the next time you reboot.
>
>
> (apologies if this shows up on the list multiple times. I was having
> mail trouble and it looked like nothing was getting through)
>

I applied the two updated files that Dan posted:
- selinux-policy-targeted-1.17.30-3.16.noarch.rpm
- selinux-policy-targeted-sources-1.17.30-3.16.noarch.rpm

I still get the same results as before.

-- 
  I haven't lost my mind; it's backed up on tape somewhere.
   18:15:01 up  5:46,  5 users,  load average: 0.00, 0.03, 0.08
  Linux Registered User #241685  http://counter.li.org
-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

Next message: Globe Trotter: "strange issues w/ HP LaserJet 5M on FC4"

Previous message: Andy Schlei: "Re: Can't find existing Fedora on FC3>FC4 upgrade"
In reply to: Randy: "Re: [FC3] Squirrel Mail / SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]