12:17.30 | *** join/#fredlug bit4man (n=plarsen@c-67-166-188-224.hsd1.va.comcast.net) |
13:17.55 | *** join/#fredlug bit4man (n=plarsen@c-67-166-188-224.hsd1.va.comcast.net) |
14:56.54 | *** join/#fredlug plarsen (n=plarsen@c-67-166-188-224.hsd1.va.comcast.net) |
15:53.00 | *** join/#fredlug marwalk (n=marwalk@c-71-62-200-120.hsd1.va.comcast.net) |
15:57.28 | *** join/#fredlug marwalk (n=marwalk@c-71-62-200-120.hsd1.va.comcast.net) |
15:59.49 | *** part/#fredlug marwalk (n=marwalk@c-71-62-200-120.hsd1.va.comcast.net) |
15:59.58 | *** join/#fredlug marwalk (n=marwalk@c-71-62-200-120.hsd1.va.comcast.net) |
16:01.15 | *** join/#fredlug marwalk (n=marwalk@c-71-62-200-120.hsd1.va.comcast.net) |
17:25.53 | *** join/#fredlug marwalk (n=marwalk@65.202.254.3) |
17:34.09 | *** join/#fredlug marwalk (n=marwalk@65.202.254.3) |
20:08.46 | plarsen | anyone here know how to pipe stdin from a string in perl to exec ?? |
20:13.42 | stickster | Not I, sorry |
20:13.45 | stickster | http://bit.ly/M4xkV <-- trolls at work |
21:52.45 | plarsen | stickster: Guess what I'm having a heck of a time with again??? selinux :( |
21:52.59 | plarsen | Got any ideas how to permit postfix to execute custom scripts?? |
21:56.40 | stickster | plarsen: Did you try 'grep postfix /etc/selinux/targeted/contexts/files/* ? |
22:23.56 | plarsen | actually no - it showed me what context to use for master_exec - and that did it. |
22:24.10 | plarsen | I tried to change to postfix_pipe_t but I kept getting permission denied |
22:27.54 | plarsen | stickster: well, that didn't help :( |
22:28.03 | plarsen | It didn't show me the audit error the first time around |
22:34.51 | stickster | sees /etc/selinux/targeted/contexts/files/file_contexts:/etc/postfix/postfix-script.* |
22:34.51 | stickster | --system_u:object_r:postfix_exec_t:s0 |
23:08.25 | plarsen | no good. Still fails |
23:08.32 | plarsen | type=AVC msg=audit(1252710485.213:116532): avc: denied { execute_no_trans } for pid=20699 comm="pipe" path="/usr/local/bin/fork.pl" dev=dm-0 ino=9671699 scontext=user_u:system_r:postfix_pipe_t:s0 tcontext=user_u:object_r:postfix_exec_t:s0 tclass=file |
23:08.33 | plarsen | type=SYSCALL msg=audit(1252710485.213:116532): arch=40000003 syscall=11 success=no exit=-13 a0=8d964f8 a1=8d95ec8 a2=8d965c0 a3=258 items=0 ppid=20698 pid=20699 auid=1001 uid=600 gid=600 euid=600 suid=600 fsuid=600 egid=600 sgid=600 fsgid=600 tty=(none) ses=18366 comm="pipe" exe="/usr/libexec/postfix/pipe" subj=user_u:system_r:postfix_pipe_t:s0 key=(null) |
23:10.32 | plarsen | I've done audit2allow so many times now - every time I fix one thing, another "issue" is called. |