The last few days - I think there was a policy update to FC13 - I started
seeing
/etc/cron.daily/0logwatch:
Can't exec "sendmail": Permission denied at /usr/sbin/logwatch line
1032, <TESTFILE> line 2.
Can't execute sendmail -t: Permission denied
Mentioned this to my manager, and he didn't see anything in messages, but
saw this audit message:
type=SELINUX_ERR msg=audit(1281423963.394:71003):
security_compute_sid: invalid context
system_u:system_r:logwatch_mail_t:s0-s0:c0.c1023 for
scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023
tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=process
Why would a policy prevent logwatch from using sendmail to forward a log?
mark