Description of problem: type=AVC msg=audit(1138489264.563:641494): avc: denied { read write } for pid=31634 comm="procmail" name="[39494183]" dev=sockfs ino=39494183 scontext=root:system_r:procmail_t:s0-s0:c0.c255 tcontext=root:system_r: sendmail_t:s0-s0:c0.c255 tclass=unix_stream_socket type=SYSCALL msg=audit(1138489264.563:641494): arch=40000003 syscall=11 success=yes exit=0 a0=9abba60 a1=bfd702f8 a2=ff2ac0 a3=0 items=2 pid=31634 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="procmail" exe="/usr/bin/procmail" type=AVC_PATH msg=audit(1138489264.563:641494): path="socket:[39494183]" type=CWD msg=audit(1138489264.563:641494): cwd="/var/spool/mqueue" type=PATH msg=audit(1138489264.563:641494): item=0 name="/usr/bin/procmail" flags=101 inode=377315 dev=68:02 mode=0100755 ouid=0 ogid=12 rdev=00:00 type=PATH msg=audit(1138489264.563:641494): item=1 flags=101 inode=2965538 dev=68:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 Version-Release number of selected component (if applicable): selinux-policy-targeted-2.2.8-1 How reproducible: Sorry, I don't know exactly - but I guess with every incoming mail piped to procmail? At least this would make sense with the amount of repeatings of this message. Actual results: AVC denied. Expected results: No AVC denied ;-)
Fixed in selinux-policy-targeted-2.2.8-2
Yepp, it is. Thank you! :)