Re: AVC denied for Spamassassin

[Paul Howarth <paul city-fan org>]

On Thu, 2006-11-09 at 01:03 -0500, Volker Englisch wrote:
> I have a lot of avc messages in my log file indicating a problem with 
> spamassassin/mqueue.
> I am running FC6 with a standard installation and don't know why there 
> is a problem with the directory /var/spool/mqueue.
>     $ ls -Zd mqueue
>     drwx------  root mail system_u:object_r:mqueue_spool_t mqueue/
> 
> Do I need to change the context for this directory?
> 
> Below are some of the messages from my log file:
> 
> Nov  8 23:02:32 kepler kernel: audit(1163044952.697:127322): avc: 
> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
> Nov  8 23:02:33 kepler kernel: audit(1163044953.317:127323): avc: 
> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
> Nov  8 23:02:33 kepler kernel: audit(1163044953.317:127324): avc: 
> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
> Nov  8 23:02:33 kepler kernel: audit(1163044953.317:127325): avc: 
> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir

Are you running /usr/bin/spamassassin from procmail?

Things may improve from both an SELinux and performance perspective if
you use /usr/bin/spamc instead.

Paul.