Re: dovecot issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Yes if all content under /var/spool/indexes is owned by dovecot, you
should change the label to dovecot_spool_t.

# semanage fcontext -a -t dovecot_spool_t '/var/spool/indexes(/.*)?'
# restorecon -R -v /var/spool/indexes

On 04/22/2014 01:44 PM, m.roth@xxxxxxxxx wrote:
> CentOS 6.5, selinux-policy-targeted 3.7.19-231.
>
> We have many years of /var/spool/indexes/<user>/... They're currently all
> dovecot_t. grep imap /var/log/audit/audit.log | audit2allow tells me "The
> source type 'dovecot_t' can write to a 'dir' of the following types: #
> dovecot_tmp_t, user_home_t, dovecot_spool_t, mail_home_rw_t,
> dovecot_var_log_t, dovecot_var_run_t, mail_spool_t, cluster_conf_t, nfs_t
>
> So, is this trying to tell me that I need to relabel *everything* down
> there as something else - dovecot_spool_t, or what?
>
>        mark
>
>
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux