On Sat, Dec 21, 2024 at 4:48 AM Peter via Postfix-users <postfix-users@postfix.org> wrote:
> This is not going to be considered a bug. The configuration shipped > with the postfix package from RHEL uses syslog to log to the maillog > file and it's expected that if you change that then you'll be Yes, I wholeheartedly agree. Even if I disagreed, it would not be one of the rare Postfix bugs. 8-) As I wrote in another post, I do think it might be helpful to mention the downside of not using the default of syslog as I did. > difficult to do, just run audit2why against your audit.log file with the > denials in it and it will tell you exactly what you need to do to allow One of the things that I discovered and learned is that you can have SELinux denying things and NOT get ANY logs whatsoever!!! The audit logs did call out this specific configuration with maillog but another issue I have does not generate ANYTHING. (I am still testing the recommendation and waiting to see if Red Hat agrees they should make an adjustment to an SELinux context.) I learned there are dontaudit rules that can suppress some messages so I needed to temporarily set those to off in order to get denial messages. The link below is for RHEL 7 as I could not find the appropriate link for RHEL 8 or 9. # semanage dontaudit off https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/sect-security-enhanced_linux-troubleshooting-fixing_problems#sect-Security-Enhanced_Linux-Fixing_Problems-Possible_Causes_of_Silent_Denials _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
