I've turned some items of selinux off, but tail -f /var/log/messages
Jan 14 16:49:52 tool1 setroubleshoot: SELinux is preventing the
http daemon from connecting to network port 465 For complete SELinux
messages. run sealert -l bda8c8ff-e093-412c-915c-b7631113ee2d
Jan 15 15:56:13 tool1 kernel: hda: irq timeout: status=0xd0 { Busy }
Jan 15 15:56:13 tool1 kernel: ide: failed opcode was: unknown
Jan 15 15:56:13 tool1 kernel: hda: ATAPI reset complete
Jan 15 19:05:45 tool1 kernel: hda: irq timeout: status=0xd0 { Busy }
Jan 15 19:05:45 tool1 kernel: ide: failed opcode was: unknown
Jan 15 19:05:45 tool1 kernel: hda: ATAPI reset complete
Jan 16 16:15:39 tool1 setroubleshoot: SELinux is preventing the
http daemon from connecting to network port 25 For complete SELinux
messages. run sealert -l bda8c8ff-e093-412c-915c-b7631113ee2d
then I run
[r...@tool1 bsun]# sealert -l bda8c8ff-e093-412c-915c-b7631113ee2d
Summary
SELinux is preventing the http daemon from connecting to network
port 25
Detailed Description
SELinux has denied the http daemon from connecting to 25. An http
script is
trying to do a network connect to a remote port. If you did not
setup httpd
to network connections, this could signal a intrusion attempt.
Allowing Access
If you want httpd to connect to network ports you need to turn on
the
httpd_can_network_network_connect boolean: "setsebool -P
httpd_can_network_connect=1"
The following command will allow this access:
setsebool -P httpd_can_network_connect=1
Additional Information
Source Context user_u:system_r:httpd_t
Target Context system_u:object_r:smtp_port_t
Target Objects None [ tcp_socket ]
Affected RPM Packages httpd-2.2.3-6.el5 [application]
Policy RPM selinux-policy-2.4.6-30.el5
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name plugins.httpd_can_network_connect
Host Name tool1.g-fox.cn
Platform Linux tool1.g-fox.cn 2.6.18-8.el5 #1 SMP
Fri Jan
26 14:15:21 EST 2007 i686 i686
Alert Count 34
Line Numbers
Raw Audit Messages
avc: denied { name_connect } for comm="httpd" dest=25 egid=48 euid=48
exe="/usr/sbin/httpd" exit=-111 fsgid=48 fsuid=48 gid=48 items=0
pid=9746
scontext=user_u:system_r:httpd_t:s0 sgid=48
subj=user_u:system_r:httpd_t:s0
suid=48 tclass=tcp_socket tcontext=system_u:object_r:smtp_port_t:s0
tty=(none)
uid=48
SHALL I TOTALLY TURN SELINUX OFF?
On Jan 16, 4:34 pm, Peter Körner <[email protected]> wrote:
> Are ou using SELinux? This could prevent applications from connecting via
> network and such things.
>
> Take a look at your /var/log/messages if you see something like
> ...kernel: audit(1232092552.772:4071): avc: denied...
>
> Peter
>
> -----Ursprüngliche Nachricht-----
> Von: [email protected] [mailto:[email protected]] Im
> Auftrag von Bin
> Gesendet: Freitag, 16. Januar 2009 09:19
> An: Trac Users
> Betreff: [Trac] Re: How can I set the Trac to send email from localhost
>
> Now I set smtp_enabled = true, then get the following error:
>
> 2009-01-16 16:16:43,967 Trac[web_ui] ERROR: Failure sending notification on
> change to ticket #4: (111, 'Connection refused') Traceback (most recent call
> last):
> File "/usr/lib/python2.4/site-packages/trac/ticket/web_ui.py", line 563, in
> _do_save
> tn.notify(ticket, newticket=False, modtime=now)
> File "/usr/lib/python2.4/site-packages/trac/ticket/notification.py",
> line 129, in notify
> NotifyEmail.notify(self, ticket.id, subject)
> File "/usr/lib/python2.4/site-packages/trac/notification.py", line 216, in
> notify
> Notify.notify(self, resid)
> File "/usr/lib/python2.4/site-packages/trac/notification.py", line 114, in
> notify
> self.begin_send()
> File "/usr/lib/python2.4/site-packages/trac/notification.py", line 278, in
> begin_send
> self.server = smtplib.SMTP(self.smtp_server, self.smtp_port)
> File "/usr/lib/python2.4/smtplib.py", line 244, in __init__
> (code, msg) = self.connect(host, port)
> File "/usr/lib/python2.4/smtplib.py", line 306, in connect
> raise socket.error, msg
> error: (111, 'Connection refused')
>
> error: (111, 'Connection refused'), anyone know this error?
>
> On Jan 16, 10:51 am, Bin <[email protected]> wrote:
>
> > I can send email from this box using "mail" command from the command
> > line,and the outgoing name will be r...@domainname, but not from Trac.
>
> > I am using RHEL 5, some other information needed?
>
> > On Jan 15, 5:08 pm, Emmanuel Blot <[email protected]> wrote:
>
> > > > But it doesn't work, and no error log of trac.
>
> > > > Any one can help with this?
>
> > > Do you have a SMTP server up and running on localhost?
> > > Are you able to post a message with the "mail" command to the same
> > > address?
> > > Please also describe your environment: OS, ...
>
> > > Cheers,
> > > Manu
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---
