Changed postfix master.cf (noanaonymous to noanonymous) and the 'permit_mynetworks' in smtpd_client_restrictions as mentioned
Update with yum:
OK
Updated: 4:perl-macros-5.16.3-294.el7_6.x86_64
Updated: 4:perl-libs-5.16.3-294.el7_6.x86_64
Updated: 4:perl-5.16.3-294.el7_6.x86_64
Updated: perl-ExtUtils-Install-1.58-294.el7_6.noarch
Updated: 4:perl-devel-5.16.3-294.el7_6.x86_64
Updated: 1:perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.noarch
Updated: 1:perl-IO-Zlib-1.10-294.el7_6.noarch
Updated: 1:perl-Package-Constants-0.02-294.el7_6.noarch
Updated: 1:perl-Pod-Escapes-1.04-294.el7_6.noarch
Updated: perl-CPAN-1.9800-294.el7_6.noarch
Updated: 1:perl-Module-CoreList-2.76.02-294.el7_6.noarch
Updated: 1:perl-Locale-Maketext-Simple-0.21-294.el7_6.noarch
Updated: 1:clamav-unofficial-sigs-5.6.2-4.eFa.el7.x86_64
Updated: 1:MailWatch-1.2.12-6.eFa.el7.x86_64
Updated: 1:eFa-4.0.0-10.eFa.el7.x86_64
test Gui
Download geoip db via->tools->Update GeoIp database
Downloading file, please wait...
Unable to read or write to the /var/www/html/mailscanner/temp/ directory.
Code: Select all
ls -l /var/www/html/mailscanner/temp
total 3460
-rw-r--r--. 1 php-fpm php-fpm 3541688 Jan 24 16:52 GeoLite2-Country.mmdb
-rwxrwxr-x. 1 root apache 0 Dec 30 23:38 index.html
As the /var/www/html/mailscanner/temp group was
apache changed it to php-fpm
Code: Select all
chown root:php-fpm /var/www/html/mailscanner/temp/
Todo: ( meaning do not know how to solve it
)
Running Tools AND Links--> MailScanner Lint (Test)
sudo: php-fpm : TTY=unknown ; PWD=/var/www/html/mailscanner ; USER=root ; COMMAND=/usr/sbin/MailScanner --lint
sudo: pam_systemd(sudo:session):
Failed to connect to system bus: Permission denied
sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
sudo: pam_unix(sudo:session): session closed for user root
Audit.log
type=AVC msg=audit(1548693651.204:1670): avc:
denied { connectto } for pid=21264 comm="sudo" path="/run/dbus/system_bus_socket" scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tclass=unix_stream_socket permissive=0
Code: Select all
ll -Z /var/run/dbus/system_bus_socket
srw-rw-rw-. root root system_u:object_r:system_dbusd_var_run_t:s0 /var/run/dbus/system_bus_socket
boolean -D
login -D
interface -D
user -D
port -D
node -D
fcontext -D
module -D
boolean -m -1 antivirus_can_scan_system
boolean -m -1 antivirus_use_jit
boolean -m -1 daemons_enable_cluster_mode
boolean -m -1 httpd_can_network_connect
boolean -m -1 httpd_read_user_content
boolean -m -1 httpd_ssi_exec
boolean -m -1 httpd_unified
boolean -m -1 nis_enabled
boolean -m -1 rsync_full_access
fcontext -a -f a -t antivirus_log_t '/var/log/clamd.scan'
fcontext -a -f a -t net_conf_t '/etc/sysconfig/network-scripts.bak'
fcontext -a -f a -t antivirus_var_run_t '/var/run/clamd.socket'
Temp disable SELinux until knowing how to solve it
Result in Secure.log
sudo: php-fpm : TTY=unknown ; PWD=/var/www/html/mailscanner ; USER=root ; COMMAND=/usr/sbin/MailScanner --lint
sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
sudo: pam_unix(sudo:session): session closed for user root