selinux-policy-targeted 1.25.4-10 and dovecot
Paul Howarth
paul at city-fan.org
Thu Sep 8 14:57:28 UTC 2005
Paul Howarth wrote:
> I notice in the changelog that a recent change was:
>
> * Wed Aug 17 2005 Dan Walsh <dwalsh at redhat.com> 1.25.4-4
> - Add more access for amanda
> - Allow dovecot to create files in mail_spool_t
>
> Having installed the updated policy this morning, I found I had to add a
> local rule:
>
> allow dovecot_t mail_spool_t:file write;
>
> This is needed to allow dovecot to delete mail from the mail spool file
> (I use dovecot in pop3 mode). I'm surprised this wasn't the default - is
> there a good reason why it isn't?
>
> Cheers, Paul.
>
> P.S. there is still a problem with pptp - in pppd.fc
>
> # Fix pptp sockets
> /var/run/pptp(/.*)? -- system_u:object_r:pptp_var_run_t
>
> should read:
>
> # Fix pptp sockets
> /var/run/pptp(/.*)? system_u:object_r:pptp_var_run_t
>
> because /var/run/pptp is a directory and the items in that directory
> should be sockets, not regular files.
I guess I should bugzilla these...
One bug, or two?
Paul.
More information about the fedora-selinux-list
mailing list