avc: denied { read } for pid=10387 exe=/usr/bin/procmail
path=/var/spool/mqueue/dfi8OJTVmq010385 dev=dm-2 ino=452872
scontext=system_u:system_r:procmail_t
tcontext=system_u:object_r:mqueue_spool_t tclass=file
I have done a fairly default install of FC3T2 and upgraded it to the latest
rawhide and then installed the strict SE Linux policy. In terms of email
configuration it's all default.
I get the above AVC message when I run the command "ls | mail root", but the
result seems to be OK (mail is delivered in /var/spool/mail and has the
correct contents).
Now I would like advice from someone who knows Sendmail well, is giving
procmail an open file handle to a file under /var/spool/mqueue the right
thing to do? IE is this a bug in sendmail or is there some good reason for
allowing such access which only becomes apparent in usage scenarios different
to mine?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
