Bug 1568510
Summary: | SELinux is preventing dovecot from using the dac_override capability | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Juan Orti <jorti> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 28 | CC: | dwalsh, emelenas, lvrabec, mads, mgrepl, plautrba, pmoore |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-05-03 18:09:44 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Juan Orti
2018-04-17 16:18:37 UTC
Same here, on a system just upgraded to Fedora 28 from F27 with no issues previously. Dovecot would refuse to startup, complaining about existing sockets in /var/run/dovecot. Those sockets are owned by dovecot or root and are in group root or dovenull. Sockets in /var/run/dovecot/login are owned by root or dovenull and are in group root. In addition, I have drwxr-xr-x. 5 root dovecot 780 May 3 08:01 /var/run/dovecot I guess some of the permissions/ownership are not correct, but I need dovecot, so I did # ausearch -c 'dovecot' --raw | audit2allow -M my-dovecot # semodule -X 300 -i my-dovecot.pp to bring dovecot back to life. A better solution is appreciated. For me, after upgrading to f28 and purging /var/run/dovecot and restorecon, it works. But I still get the SE warning reported here. *** This bug has been marked as a duplicate of bug 1560704 *** |