On Mon, 6 Oct 2008, Andrew Daviel wrote:
SELinux is preventing dmail (procmail_t) "getattr" to / (nfs_t).
SELinux denied access requested by dmail. It is not expected that this access
is required by dmail and this access may signal an intrusion attempt.
I think that the issue was indeed related to my mounting my old Reiserfs
home disk. I copied the contents to a new ext3 partition, then did
"touch /.autorelabel; reboot", and the flood of error messages has slowed
to a trickle. (I was also missing entries in local-host-names, which
probably accounted for a lot of daemon/postmaster mail rattling around).
I still don't 100% understand the above error
message, though, or the exact implications of having dmail deliver to a folder
that is on a non-selinux-enabled partition or device.
I think it is just the "getattr" that fails, not the disk write, so that
the mail is still delivered. Maybe it's related to file locking.
--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
Network Security Manager
_______________________________________________
Imap-uw mailing list
[email protected]
http://mailman2.u.washington.edu/mailman/listinfo/imap-uw
