Hello,
With regard to procmail, i think your policy is missing a domain
transition to spamassassin.
A custom policy looking something like the following may or may not
fix that issue:
mkdir ~/myprocmail; cd ~/myprocmail;
echo "policy_module(myprocmail, 0.0.1)" > myprocmail.te;
echo "require { type procmail_t; }" >> myprocmail.te;
echo "optional_policy(`" >> myprocmail.te;
echo "spamassassin_domtrans_spamc(procmail_t)" >> myprocmail.te;
echo "')" >> myprocmail.te;
make -f /usr/share/selinux/devel/Makefile
/usr/sbin/semodule -i myprocmail.pp
With regard to webalizer it looks like webalizer is searching
something in a "bin" directory.
If you want you can allow this.
mkdir ~/mywebalizer; cd ~mywebalizer;
echo "policy_module(mywebalizer, 0.0.1)" > mywebalizer.te;
echo "require { type webalizer_t; }" >> mywebalizer.te;
echo "corecmd_search_bin(webalizer_t)" >> mywebalizer.te;
make -f /usr/share/selinux/devel/Makefile
/usr/sbin/semodule -i mywebalizer.pp
It may be that both procmail and webalizer domains need more access
after this, but you will notice that if this is the case.
P.s. You may or may not need to escape some of the characters in my example.
Hth,
Dominick
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
