Linux Mail Server Setup and Howto Guide

Hi All,

Installed clamav. Won't start:

# /sbin/service clamd start
Starting Clam AntiVirus Daemon: clamd: error while loading shared libraries: libpthread.so.0: cannot open shared object file: No such file or directory
                                                           [FAILED]

When I ask yum about libpthread, yum says it is installed:

yum provides libpthread.so.0

glibc-2.5-49.el5_5.7.i686 : The GNU libc libraries.
Repo        : installed
Matched from:
Other       : Provides-match: libpthread.so.0

Any ideas?

Thanks,

Ginger

If anyone wants to run SELinux, then you will need to be "Creating Custom SELinux Policy Modules with audit2allow"

Brief overview of steps:

1. Turn on SELinux (using system-config-securitylevel) and set it on 'Permissive'. 'Permissive' allows all prohibited actions to take place and logs them to /var/log/audit/audit.log
2. Setup your entire email server setup and get it working. This will add entries to the audit.log
3. Write your custom policies using grep and audit2allow to read audit.log 

You can find instructions on writing a SELinux policy here: http://wiki.centos.org/HowTos/SELinux

You might want to write different policies for postfixlocal, dovecotlocal, etc., or you might just want to write one policy for mailserverlocal

It is a relatively simple process to write a policy, once you realize that what you are doing is using audit2allow to read the audit.log and generate a policy.

My understanding of SELinux is that if you can get it working smoothly, it does make your system more secure. If you turn it off, it is less secure. Where is the official white paper from Red Hat that recommends turning off SELinux as an alternative that is just as secure as having it running? If it were just as secure to turn SELinux off, Red Hat would not bother to have it as part of their standard distribution…

Perhaps Consultant can write a tutorial that comes as a final step: "Creating Custom SELinux Policy Modules with audit2allow"

Ginger