I don't know why this was working *before* I rebooted, but with dontaudit off I get: type=AVC msg=audit(04/02/2013 09:12:59.101:5501) : avc: denied { write } for pid=5254 comm=touch name=error dev="vda2" ino=4321 scontext=system_u:system_r:initrc_t :s0 tcontext=system_u:object_r:mailman_log_t:s0 tclass=file which is from: ExecStartPre=/bin/touch /var/log/mailman/error in /etc/systemd/system/multi-user.target.wants/mailman.service and shows up in messages like so: Apr 2 09:12:59 stodi touch[5254]: /bin/touch: cannot touch `/var/log/mailman/error': Permission denied Apr 2 09:12:59 stodi systemd[1]: mailman.service: control process exited, code=exited status=1 Apr 2 09:12:59 stodi systemd[1]: Unit mailman.service entered failed state.
(If you got a weird email: had to double submit, sorry about that, correct info above)
Forgot to mention: this is on a server with unconfined off (as is always the case with my bugs :). This bit straight from audit2allow fixed it: policy_module(mymailmanbugs,1.0.0) require { type initrc_t; } #============= initrc_t ============== mailman_manage_log(initrc_t) -Robin
what does # ps -eZ |grep initrc
*** This bug has been marked as a duplicate of bug 947520 ***