On Wed, 2013-06-05 at 09:18 +0300, Cristian Sava wrote: > On Tue, 2013-06-04 at 08:08 -0700, Adam Williamson wrote: > > On Tue, 2013-06-04 at 12:06 +0300, Cristian Sava wrote: > > > I am trying to activate selinux for my mailserver. > > > It is F19 postfix_courier_amavisd-new_clamav_squirrelmail install in a > > > virtual environment. All needed is stock or was packaged on F19 > > > (rpmbuild -ta ... / rpmbuild -ba ...) and all is working fine (selinux > > > disabled). No tar.gz directly installed. > > > I am trying to fix things one by one. Any advice is welcome. When > > > receiving a message selinux complain (permissive): > > > > > > SELinux is preventing /usr/sbin/courierlogger from getattr access on the > > > file /var/spool/authdaemon/pid. > > > > > > ***** Plugin catchall (100. confidence) suggests > > > *************************** > > > > > > If you believe that courierlogger should be allowed getattr access on > > > the pid file by default. > > > Then you should report this as a bug. > > > > If I were you, I'd do that. > > > > Well no, that's a lie. If I were you I'd stop using Courier and start > > using Dovecot, because it's better. From what I've seen, most people who > > run IMAP servers made that switch already, which may explain why Courier > > has apparently grown an SELinux issue you'd think would have been fixed > > already. > I will consider your suggestion but this may take time and testing. It > is not for today or tomorrow and not all the people will agree with us. > Courier is a robust and well working piece in a mail server so it's a > much simpler solution to disable or even uninstall selinux (why don't we > have an install time option do it). > I like very much selinux (when there is a simple way to configure it) > but I will not abandon courier just for that and many will agree with > me. Sure, I didn't mean it that way, I just meant that it's probably worth looking at other servers in general. I used Courier for years but switched away a couple of years back; dovecot does quite a lot of things better. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
