[Dovecot] SELinux and "i_stream_read() failed: Permission denied"
Timo Sirainen
tss at iki.fi
Fri Apr 17 01:58:47 EEST 2009
On Wed, 2009-04-15 at 18:55 -0700, James Butler wrote:
> > On Wed, 2009-04-15 at 16:47 -0700, James Butler wrote:
> >> "i_stream_read() failed: Permission denied" is an error message
> >> generated
> >> when a large-ish file (>128kb in my case) is attached to a message that
> >> has been passed to Dovecot's deliver program when SELinux is being
> >> enforced.
> > ..
> >> The problem is that deliver is not running with the correct SELinux
> >> policy
> >> to be able to write to the global /tmp directory
> >
> > BTW. Dovecot v1.2+ no longer writes to /tmp directory. Writing to /tmp
> > was pretty evil.
>
> I hear ya. I'm running v.1.2.rc2 ... is there a newer version?
Are you sure the deliver is also from v1.2.rc2? You mentioned:
> deliver(user): unlink(/tmp/dovecot.deliver.. \
> 1239836047.9469.46242b1037005551) failed: Permission denied
But there's no dovecot.deliver anymore in v1.2:
~/cvs/dovecot-1.2/src/deliver% grep dovecot.deliver deliver
~/cvs/dovecot-1.2/src/deliver%
It is in v1.1 though.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090416/80447b59/attachment.bin
More information about the dovecot
mailing list