Re: [Dovecot] deliver triggering SELinux AVC denials

11 Jan 2008


      On Tue, 2008-01-01 at 21:36 -0600, greno@verizon.net wrote:
...
...
From: Timo Sirainen tss@iki.fi
Date: 2008/01/01 Tue PM 09:18:05 CST
To: Gerry Reno greno@verizon.net
Cc: dovecot@dovecot.org
Subject: Re: [Dovecot] deliver triggering SELinux AVC denials
...
Set dotlock_use_excl=yes to see what file it's really wanting to create.
Ok, did that.  And looking at all the alerts it appears to be any file that deliver is trying to write under /home/vmail.
..
but for some reason even though deliver is setup to run as vmail:vmail it is still having permission problems.
Well, Dovecot's default SELinux permissions often seem to disallow
writing under /home..