Bug 758529

Summary: SELinux is preventing /usr/bin/procmail from 'getattr' accesses on the file /var/spool/mail/michael.
Product: [Fedora] Fedora Reporter: Micheal <gao.jia>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: amit.shah, dominick.grift, dwalsh, dwmw2, jpazdziora, karlcz, lonicerae, mgrepl, mxbraun666
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:595ae0962db8d21967d8081fba039a1ac14211c55e7ca1281c6d005bdb6d3301
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-13 08:54:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: description none

Description Micheal 2011-11-30 00:38:53 UTC 
libreport version: 2.0.7
executable:     /usr/bin/python
hashmarkername: setroubleshoot
kernel:         3.1.2-1.fc16.x86_64
reason:         SELinux is preventing /usr/bin/procmail from 'getattr' accesses on the file /var/spool/mail/michael.
time:           2011年11月30日 星期三 08时29分29秒

description:    Binary file, 2718 bytes
Comment 1 Micheal 2011-11-30 00:38:56 UTC 
Created attachment 538330 [details]
File: description
Comment 2 Miroslav Grepl 2011-11-30 11:32:13 UTC 
What does

# find /var/spool/mail -context "*:*:quota_db_t:s0"


You will need to run 

# restorecon -R -v /var/spool/mail/michael

which will this issue.

I am trying to find a way how this got this mislabeling.
Comment 3 Need Real Name 2011-12-16 02:02:50 UTC 
I think I saw the same thing with procmail not being able to deliver mail, and the context of quota_db_t set on most (but not all) user spool files in /var/spool/mail/

On this system, mail is being delivered via procmail from fetchmail, local users running the old mailx command, and sendmail invoked over ssh.

The procmail recipes include calls to spamc and formail as well as duplicating mail to another local user account before delivering to the normal spool file.

I have another Fedora 16 system with very similar fetchmail and procmail setup, and it has not yet seen such a problem with the spool file contexts.
Comment 4 Miroslav Grepl 2011-12-20 14:33:05 UTC 
*** Bug 769320 has been marked as a duplicate of this bug. ***
Comment 5 Jan Pazdziora 2012-03-13 08:34:00 UTC 
This looks like dupe of bug 785759.
Comment 6 Miroslav Grepl 2012-03-13 08:54:28 UTC 
Yes.

*** This bug has been marked as a duplicate of bug 785759 ***