Description of problem: type=AVC msg=audit(1177844482.191:174250): avc: denied { read } for pid=2485 comm="spamassassin" name="3.002000" dev=cciss/c0d0p2 ino=213219 scontext=user_u:system_r:procmail_t:s0 tcontext=user_u:object_r:spamd_var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1177844482.191:174250): arch=40000003 syscall=5 success=yes exit=3 a0=9fbb928 a1=18800 a2=3 a3=9f07488 items=0 ppid=2484 pid=2485 auid=500 uid=500 gid=100 euid=500 suid=500 fsuid=500 egid=100 sgid=100 fsgid=100 tty=(none) comm="spamassassin" exe="/usr/bin/perl" subj=user_u:system_r:procmail_t:s0 key=(null) Version-Release number of selected component (if applicable): selinux-policy-2.6.1-1 selinux-policy-targeted-2.6.1-1 Actual results: AVC denied when accessing /var/lib/spamassassin (by procmail?) Expected results: No AVC denied message.
Oh and SpamAssassin must be allowed to access this directory; any updates by sa-update will be put into there.
Fixed in selinux-policy-targeted-2.6.3-1
NO! This bug is not fixed in selinux-policy-targeted-2.6.4-8: type=AVC msg=audit(1180124312.557:188618): avc: denied { read } for pid=18541 comm="spamassassin" name="3.002000" dev=cciss/c0d0p2 ino=21321 9 scontext=user_u:system_r:procmail_t:s0 tcontext=user_u:object_r:spamd_var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1180124312.557:188618): arch=40000003 syscall=5 success=yes exit=3 a0=a28f9c8 a1=18800 a2=3 a3=a1db540 items=0 ppid=1854 0 pid=18541 auid=500 uid=506 gid=501 euid=506 suid=506 fsuid=506 egid=501 sgid=501 fsgid=501 tty=(none) comm="spamassassin" exe="/usr/bin/perl" subj=user_u:system_r:procmail_t:s0 key=(null)
Fix will be in 2.6.4-10
DANIEL! This bug is also NOT fixed in selinux-policy-targeted-2.6.5-2: Raw Audit Messages avc: denied { read } for comm="spamassassin" dev=cciss/c0d0p2 egid=100 euid=500 exe="/usr/bin/perl" exit=3 fsgid=100 fsuid=500 gid=100 items=0 name="3.002000" pid=20326 scontext=system_u:system_r:procmail_t:s0 sgid=100 subj=system_u:system_r:procmail_t:s0 suid=500 tclass=dir tcontext=user_u:object_r:spamd_var_lib_t:s0 tty=(none) uid=500
Fix will be selinux-policy-3.0.0 It is in fc7.
Should be fixed in the current release