Description of problem: Maybe this just some misconfiguration on my side, but when I try to send email to root (e.g. logwatch does so), I'm getting AVC. I'm using postfix. #============= postfix_local_t ============== allow postfix_local_t mail_spool_t:file write; Version-Release number of selected component (if applicable): selinux-policy-targeted-3.0.8-28.fc8 postfix-2.4.5-2.fc8 How reproducible: always Steps to Reproduce: 1. mail root Actual results: AVC - see attachment Expected results: No AVC # ls -Z /var/spool/mail/ ... -rw------- root root system_u:object_r:mail_spool_t:s0 root ---------- root mail system_u:object_r:mail_spool_t:s0 root.lock ...
Created attachment 233641 [details] sealert report
sealert should have told you to turn on the allow_postfix_local_write_mail_spool boolean. I will add an sealert plugin. setsebool -P allow_postfix_local_write_mail_spool 1 Will fix your problem.
Could you please attach your /var/log/audit/audit.log?
Created attachment 234101 [details] audit.log as requested
So, I think setsebool -P allow_postfix_local_write_mail_spool 1 should be default for postfix, right? Thank you. PS. I'm using setroubleshoot-1.10.7-1.fc8
I will change to default to true.