I have installed mailman and every time that a message should go to the list archives, selinux blocks it. mailman-2.1.9-10.fc9.i386 selinux-policy-targeted-3.3.1-84.fc9.noarch I get this alarm in setroubleshoot every time a mila should go to archives SELinux is preventing python (mailman_mail_t) "search" to ./archives (mailman_archive_t). I have run restorecon in /var/spool/mailman/archives but nothing changes Audit messages: host=myhost type=AVC msg=audit(1221120072.447:132182): avc: denied { search } for pid=5761 comm="python" name="archives" dev=dm-0 ino=386754 scontext=unconfined_u:system_r:mailman_mail_t:s0 tcontext=system_u:object_r:mailman_archive_t:s0 tclass=dir host=myhost type=SYSCALL msg=audit(1221120072.447:132182): arch=40000003 syscall=10 success=no exit=-13 a0=9a844b0 a1=0 a2=2124574 a3=97661b8 items=0 ppid=5755 pid=5761 auid=603 uid=41 gid=41 euid=41 suid=41 fsuid=41 egid=41 sgid=41 fsgid=41 tty=(none) ses=6553 comm="python" exe="/usr/bin/python" subj=unconfined_u:system_r:mailman_mail_t:s0 key=(null)
Created attachment 316420 [details] Local policy the following local policy allows me to have working mailman archives
Could you attach the avc's used to generate this policy.
Created attachment 316541 [details] Audit log This file doesn't include avc to create the rules related with type mailman_queue_t; The rule is needed by the mailman cron and I can't get it at the moment
Created attachment 316557 [details] Denials related with mailman and crontab
Fixed in selinux-policy-3.5.8-6.fc10.noarch
Can this be backported to fedora 9?