postfix問題??
[i=s] 本帖最後由 qwertyu654 於 2009-9-6 14:47 編輯 [/i]小弟使用的是centos 5.3
在架設postfix是成功的郵件也都可以順利的收發
我的問題是在於
小弟因為想要測試別名轉換的功能所以在設定擋下加入了
virtual_alias_maps = hash:/etc/postfix/virtual
之後打指令
postmap /etc/postfix/virtual
卻出現了selinux 阻擋的畫面
[list]
Summary
SELinux is preventing postmap (postfix_map_t) "search" to ./root (user_home_dir_t).
Detailed Description
SELinux denied access requested by postmap. It is not expected that this access is required by postmap and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access
Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./root, restorecon -v './root' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package.
Additional Information
Source Context: root:system_r:postfix_map_t:s0-s0:c0.c1023Target Context: root:object_r:user_home_dir_t:s0Target Objects: ./root [ dir ]Source: postmapSource Path: /usr/sbin/postmapPort: <Unknown>Host: localhost.localdomainSource RPM Packages: postfix-2.3.3-2.1.el5_2Target RPM Packages: filesystem-2.4.0-2Policy RPM: selinux-policy-2.4.6-170.el5Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: catchall_fileHost Name: localhost.localdomainPlatform: Linux localhost.localdomain 2.6.18-120.el5 #1 SMP Fri Oct 17 18:00:36 EDT 2008 i686 i686Alert Count: 18First Seen: Thu 13 Aug 2009 09:52:22 PM CSTLast Seen: Sat 15 Aug 2009 09:47:46 AM CSTLocal ID: 7c841894-c5e2-4bdf-95a4-0f3247c9e180Line Numbers: Raw Audit Messages :host=localhost.localdomain type=AVC msg=audit(1250300866.701:55): avc: denied { search } for pid=3830 comm="postmap" name="root" dev=hdd1 ino=1635201 scontext=root:system_r:postfix_map_t:s0-s0:c0.c1023 tcontext=root:object_r:user_home_dir_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1250300866.701:55): arch=40000003 syscall=195 success=no exit=-13 a0=9a1c3f8 a1=bfee1dac a2=9b2ff4 a3=64 items=0 ppid=3644 pid=3830 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="postmap" exe="/usr/sbin/postmap" subj=root:system_r:postfix_map_t:s0-s0:c0.c1023 key=(null)
[/list]
小弟想請問各位再不關閉selinux的情況下該如何解決呢?
:emo_033:
[url=http://s1.imgs.ck101.com/img.php?id=105180][img]http://s1.imgs.ck101.com/t/20090906/14aa35abfbe524.png[/img][/url] check the module used by postfix, set allow via selinux [quote]check the module used by postfix, set allow via selinux
[size=2][color=#999999]kingeight 發表於 2009-8-22 01:22[/color] [url=http://ck101.com/redirect.php?goto=findpost&pid=71343774&ptid=1504917][img]http://ck101.com/images/common/back.gif[/img][/url][/size][/quote]
我已經把所有的selinux會阻擋postfix的功能全部不允許阻擋可是還是出現一樣的問題?不曉得該如何解決?? Allowing Access
Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./root, restorecon -v './root' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package.
HOW ABOUT THIS SECTION.....
頁:
[1]