Description of problem: SELinux is preventing rm from 'unlink' accesses on the file .deliver_lock. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that rm should be allowed unlink access on the .deliver_lock file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'rm' --raw | audit2allow -M my-rm # semodule -X 300 -i my-rm.pp Additional Information: Source Context system_u:system_r:fsdaemon_t:s0 Target Context system_u:object_r:mail_home_rw_t:s0 Target Objects .deliver_lock [ file ] Source rm Source Path rm Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-283.34.fc27.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 4.16.11-200.fc27.x86_64 #1 SMP Tue May 22 18:36:25 UTC 2018 x86_64 x86_64 Alert Count 12 First Seen 2018-05-28 07:40:27 AST Last Seen 2018-05-29 07:24:30 AST Local ID 77e2bc2c-2926-4240-99ee-6f83bdb46eb5 Raw Audit Messages type=AVC msg=audit(1527593070.118:243): avc: denied { unlink } for pid=5393 comm="dotlockfile" name=".deliver_lock" dev="sda2" ino=1703959 scontext=system_u:system_r:fsdaemon_t:s0 tcontext=system_u:object_r:mail_home_rw_t:s0 tclass=file permissive=1 Hash: rm,fsdaemon_t,mail_home_rw_t,file,unlink Version-Release number of selected component: selinux-policy-3.13.1-283.34.fc27.noarch Additional info: component: selinux-policy reporter: libreport-2.9.3 hashmarkername: setroubleshoot kernel: 4.16.11-200.fc27.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1582701 ***