selinux-policy-targeted 1.25.4-10 and dovecot
Paul Howarth
paul at city-fan.org
Tue Aug 30 15:02:11 UTC 2005
I notice in the changelog that a recent change was:
* Wed Aug 17 2005 Dan Walsh <dwalsh at redhat.com> 1.25.4-4
- Add more access for amanda
- Allow dovecot to create files in mail_spool_t
Having installed the updated policy this morning, I found I had to add a
local rule:
allow dovecot_t mail_spool_t:file write;
This is needed to allow dovecot to delete mail from the mail spool file
(I use dovecot in pop3 mode). I'm surprised this wasn't the default - is
there a good reason why it isn't?
Cheers, Paul.
P.S. there is still a problem with pptp - in pppd.fc
# Fix pptp sockets
/var/run/pptp(/.*)? -- system_u:object_r:pptp_var_run_t
should read:
# Fix pptp sockets
/var/run/pptp(/.*)? system_u:object_r:pptp_var_run_t
because /var/run/pptp is a directory and the items in that directory
should be sockets, not regular files.
More information about the fedora-selinux-list
mailing list