Package: selinux-policy-default Version: 2:2.20161023.1-9 Severity: important
Dear Maintainer, opendkim reads /usr/share/dns/root.key on startup. However, the default SELinux policy has no rule to allow this. I believe this breaks opendkim in enforcing mode. Upstream refpolicy module 'dkim' includes the following rule to address this: files_read_usr_files(dkim_milter_t) -- System Information: Debian Release: 9.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686)