upgraded from f24 to f25 and then postfix cannot access /dev/null anymore when setenforce = 1 [root@jack selinux]# systemctl start postfix.service Job for postfix.service failed because the control process exited with error code. [root@jack selinux]#journalctl -xe AVCs... janv. 10 20:14:19 jack postfix[11894]: /usr/libexec/postfix/postfix-script: line 122: /dev/null: Permission denied AVCs... janv. 10 20:14:20 jack systemd[1]: postfix.service: Control process exited, code=exited status=1 janv. 10 20:14:20 jack systemd[1]: Failed to start Postfix Mail Transport Agent. [root@jack selinux]# cat /etc/fedora-release Fedora release 25 (Twenty Five) [root@jack selinux]# uname -r 4.8.15-300.fc25.x86_64 [root@jack selinux]# rpm -qa |grep selinux-policy selinux-policy-devel-3.13.1-225.3.fc25.noarch selinux-policy-targeted-3.13.1-225.3.fc25.noarch selinux-policy-3.13.1-225.3.fc25.noarch [root@jack selinux]# ls -lZ /dev/null crw-rw-rw-. 1 root root system_u:object_r:null_device_t:s0 1, 3 8 janv. 22:14 /dev/null but postfix is convinced that /dev/null is unlabeled, and wants me to insert the following semodule To my understanding PrivateDevices=true directive in the /usr/lib/systemd/system/postfix.service is to be blamed. If set to false or commented postfix starts. see #1389863 and #1398007 for more context
same bug at #1412696
*** This bug has been marked as a duplicate of bug 1412696 ***