AVC denied for Spamassassin

[Volker Englisch]

on 11/9/2006 8:04 AM Daniel J Walsh said the following:
> Volker Englisch wrote:
>> I have a lot of avc messages in my log file indicating a problem with 
>> spamassassin/mqueue.
>> I am running FC6 with a standard installation and don't know why there 
>> is a problem with the directory /var/spool/mqueue.
>>    $ ls -Zd mqueue
>>    drwx------  root mail system_u:object_r:mqueue_spool_t mqueue/
>>
>> Do I need to change the context for this directory?
>>
>> Below are some of the messages from my log file:
>>
>> Nov  8 23:02:32 kepler kernel: audit(1163044952.697:127322): avc: 
>> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
>> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
>> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
>> Nov  8 23:02:33 kepler kernel: audit(1163044953.317:127323): avc: 
>> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
>> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
>> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
>> Nov  8 23:02:33 kepler kernel: audit(1163044953.317:127324): avc: 
>> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
>> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
>> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
>> Nov  8 23:02:33 kepler kernel: audit(1163044953.317:127325): avc: 
>> denied  { search } for  pid=14530 comm="spamassassin" name="mqueue" 
>> dev=sda8 ino=326413 scontext=user_u:system_r:procmail_t:s0 
>> tcontext=system_u:object_r:mqueue_spool_t:s0 tclass=dir
>>
> Does procmail need to read this directory?
> Does procmail need to be able to write this directory?
> 

I honestly don't know.  I haven't done any customization to procmail and 
until I saw these messages I wasn't even aware of the existence of the 
directory.
The directory itself is empty but procmail itself must be using the 
mqueue directory internally or there wouldn't be these messages.

Thanks

    Volker