1 |
Hey, everyone =) |
2 |
|
3 |
First of all, I would like to say that I just installed SELinux /late/ last |
4 |
night, so I don't have that much of an understand about what exactly I need |
5 |
to do to fix my problems. |
6 |
|
7 |
The first, and most important, problem I am having occurs when I am in |
8 |
permissive mode. I have attached the relevant /var/log/kern.log segments and |
9 |
put them up on my website -- the URL is |
10 |
<http://tehunlose.com/tmp/sehelp.txt>. The reason why I say it is the most |
11 |
important is because, with the errors provided and while the amavisd.log says |
12 |
that everything is happening okay, I am not quite sure that amavisd is able |
13 |
to do what it *needs* to do (SpamAssassin filtering and clamav/clamd |
14 |
fitlering). |
15 |
|
16 |
The second problem I am having occurs when I enter enforcing mode. I have a |
17 |
proftpd daemon running. When I enter into enforcing mode, my users can no |
18 |
longer authenticate sucessfully, although they can telnet in. If/when they |
19 |
telnet in during enforce mode, their username is accepted but their correct |
20 |
password is rejected. The users are able to SSH in, though, so I am guessing |
21 |
it's a a problem with my policies. |
22 |
|
23 |
The third problem also occurs during enforce mode. When I try to send mail to |
24 |
myself through telnet (for debugging purposes, I'm not that oldschool ;)), |
25 |
everything *appears* to go through correctly. However, I never receive the |
26 |
mail. I notice no evidence of a problem in any of my log files. In fact, |
27 |
that brings me to my fourth problem. |
28 |
|
29 |
When I enter enforcing mode, all of my log files stop flowing -- all of them. |
30 |
kern.log, messages, etc., they all just... stop. I am guessing that the log |
31 |
files can not be written under my current policies, but that is just my |
32 |
haphazard guess. |
33 |
|
34 |
Also, in enforcing mode, I can no longer scp to or from my SELinux box. |
35 |
|
36 |
For my policy, I am currently using pebenito's base-policy for the June 26th, |
37 |
2003. |
38 |
|
39 |
Thank you :) |
40 |
-- |
41 |
Zack Gilburd |
42 |
http://tehunlose.com |
43 |
GnuPG Key ID: A79A45668240AB6C |