selinux error even though dis-abled

[baggs1981]

Please help I am very confused.. after switching to dovecot:

71 cd /usr/local/directadmin/customapache
72 ./build update
73 ./build update_dovecot
74 ./build dovecot
75 /sbin/service dovecot restart

(which I have other problems as well which I am posting seperately) I get an error as below in /var/log/messages:

Jun 30 14:07:18 localhost kernel: audit(1183208838.342:40): avc: denied { execmod } for pid=25253 comm="httpd" name="libphp4.so" dev=ida/c0d0p3 ino=2052083 scontext=user_u:system_r:unconfined_t:s0 tcontext=rootbject_r:lib_t:s0 tclass=file

googling this points to it being related to selinux but I definately have it disabled:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

Any ideas? I have been reading through various posts for hours and not really getting anywhere.

 

[smtalk]

Try:

setenforce 0

And reboot your system.

 

[baggs1981]

Ok, did that, now in maillog I have:

Jun 30 14:53:43 serv01 dovecot[1689]: auth(default): shadow([email protected],127.0.0.1): unknown user
Jun 30 14:53:43 serv01 dovecot[1689]: auth(default): passwd-file /etc/virtual/batteryserver.net/passwd: User test is missing userdb info
Jun 30 14:53:43 serv01 dovecot[1689]: auth(default): passwd([email protected],127.0.0.1): unknown user
Jun 30 14:53:43 serv01 dovecot[1689]: Logins with UID 0 not permitted (user [email protected])
Jun 30 14:53:43 serv01 dovecot[1689]: pop3-login: Internal login failure: user=<[email protected]>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Jun 30 14:54:01 serv01 vm-pop3d[2818]: Couldn't bind to socket: Address already in use
Jun 30 14:54:11 serv01 vm-pop3d[2893]: Couldn't bind to socket: Address already in use

any ideas please?

 

[smtalk]

Every login generates the error because there are 2 login checks. One for the system and one for virtual accounts. Always, 1 will fail until the 2nd authentication is tried.

You can edit /etc/dovecot.conf and set "auth_verbose" to "no". You should also remove vm-pop3d, if you have dovecot - it's not needed now Do:

rpm -e da_vm-pop3d