On Sun, 2004-11-21 at 15:07, Nathan Fiedler wrote: [ SELinux permission problem snipped for brevity ]
FC3 installs with the SELinux "targeted" policy enabled by default. The targeted policy is a restricted security policy that "targets" only the most vulnerable system services rather than the entire system. Anytime you see messages in your system log (/var/log/messages) with "'avc: denied" it means the security policy has prohibited access and has logged a warning. SELinux has much to offer in terms of enhanced security in the day and age of rampant attacks by malicious intruders however one of the downsides of SELinux is authoring a security policy that both prevents invalid access but does not interfer with valid operation of the system is challenging. This is one reason the current security policy is "targeted", it applies only to system services that make active use of network connections. Mailman was added to the list of of system services under the protection of the SELinux targeted policy in FC3. Just prior to the freeze on FC3 we discovered a bug in the security policy during our testing that prohibited access to archives, if my memory serves me correctly it affected only private archives, this would appear to be what you hit. The security policy was fixed. However you may not have the latest security policy. I suggest you bring your system up to date with RPM packages, in particular you will want to be sure you're running the latest selinix-policy-targeted rpm. You also have the option to disable SELinux using the system-config-security-level applet. It is my belief that the GOLD master release of FC3 had the version of the selinux targeted policy which fixed the access to private archives, so it might be that you installed prior to the GOLD release, but I will verify this so no else gets tripped up by this. -- John Dennis <[EMAIL PROTECTED]> ------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
