[Dovecot] deliver triggering SELinux AVC denials
Timo Sirainen
tss at iki.fi
Fri Jan 11 06:55:14 EET 2008
On Tue, 2008-01-01 at 21:36 -0600, greno at verizon.net wrote:
> >From: Timo Sirainen <tss at iki.fi>
> >Date: 2008/01/01 Tue PM 09:18:05 CST
> >To: Gerry Reno <greno at verizon.net>
> >Cc: dovecot at dovecot.org
> >Subject: Re: [Dovecot] deliver triggering SELinux AVC denials
> ...
> >Set dotlock_use_excl=yes to see what file it's really wanting to create.
>
> Ok, did that. And looking at all the alerts it appears to be any file that deliver is trying to write under /home/vmail.
..
> but for some reason even though deliver is setup to run as vmail:vmail it is still having permission problems.
Well, Dovecot's default SELinux permissions often seem to disallow
writing under /home..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080111/22e31a42/attachment.bin
More information about the dovecot
mailing list