SElinux - su: pam_unix(su:session)


Im getting these logs in /var/log/secure

Sep 27 06:30:02 ns1 su: pam_unix(su:session): session opened for user postgres by (uid=0)

I guess these could be solved if I enable SElinux, but during the installation I disable SElinux,

Its posible to activate SELinux on a virtualmin installation?




Those messages aren't related to SElinux .. instead, they happen when Virtualmin runs some commands as the "postgres" Unix user.

You can enable SElinux with Virtualmin if you like - as far as I know, everything will still work.

But I was disable PostGre, and its not only for postgre user.

Oct 1 12:05:08 ns1 sshd[17447]: pam_unix(sshd:session): session opened for user root by (uid=0) Oct 1 17:05:21 ns1 proftpd: pam_unix(proftpd:session): session closed for user xiangs

and I have more lines for the same log, do you have any idea where is the security fail?

Check at Webmin -> Others -> System and Server Status if there is a monitor setup for PostgreSQL, and if so delete it.

Joe's picture
Submitted by Joe on Fri, 10/02/2009 - 02:20 Pro Licensee

There are a few issues with procmail when SELinux is enabled when using the targeted policy on CentOS 5. The more strict policy introduces a number of issues. I've been meaning to experiment a bit more with that, now that the tools and default policies have gotten reasonably sane.