Description of problem: SELinux prevents mailman to store massages to archive directories. The raw audit file says: type=AVC msg=audit(1224684021.817:220348): avc: denied { write } for pid=7365 comm="python" name="mokeke.mbox" dev=sda6 ino=3107532 scontext=unconfined_u:system_r:mailman_mail_t:s0 tcontext=unconfined_u:object_r:mailman_archive_t:s0 tclass=dir The default security policy allows mailman_cgi_t and mailman_queue_t to manage mailman_archive_t (/var/lib/mailman/archives/*), but mailman_mail_t is disallowed. It was reported on Japanese SELinux community at first. He got troubled on the latest RHEL5, and I reproduced same problem on Fedora rawhide. Could you add the following policies on the next updates? allow mailman_mail_t mailman_archive_t:dir manage_dir_perms; allow mailman_mail_t mailman_archive_t:file manage_file_perms; allow mailman_mail_t mailman_archive_t:lnk_file manage_lnk_file_perms; Version-Release number of selected component (if applicable): - selinux-policy-devel-2.4.6-137.1.el5_2 (Reporter's environment) - selinux-policy-3.5.7-1.fc10.noarch (My environment) How reproducible: Steps to Reproduce: 1. setup mailman 2. send a message to a list 3. confirm audit logs and an empty archive directory
Fixed in selinux-policy-2.4.6-172.el5 ( U3 policy currently available on http://people.redhat.com/dwalsh/SELinux/RHEL5) Fixed in selinux-policy-3.5.13-3.fc10