Displaying 6 results from an estimated 6 matches for "dovecot_deliver_t".
2009 Jan 12
1
Deliver *sometimes* delivers via /tmp?
...the mail or something
and therefore copies it to /tmp.
Before I ask for selinux to allow this, I would like to know why? It
could also be an error, leading deliver into a seldom used piece of code?
I order to get the mail delivered I put selinux into permissive mode, using:
semanage permissive -a dovecot_deliver_t
And then the mail is delivered - below are excerpts from different logs
and I have *NOT* attached the message which could not get delivered - because of its size.
Regards,
Kim
Output from "dovecot -n":
# 1.1.7: /etc/dovecot.conf
# OS: Linux 2.6.27.9-73.fc9.i686 i686 Fedora release 9 (S...
2009 Apr 15
2
SELinux and "i_stream_read() failed: Permission denied"
...ror series received before the policies were finally
updated, and shows an error during deliver's attempt to "unlink()"
(remove) the temporary file. Previous errors occurred during attempts to
"stat()" and "creat()" (sic) the temporary files.
Basically, the "dovecot_deliver_t" context needs to be able to create,
read, write and remove files in the /tmp directory ("tmp_t" context).
Below, I am pasting my "local_postfix.te" SELinux policy file. It includes
instructions for using it, and for figuring out how to do other SELinux
policy adjustments...
2008 Jan 02
2
deliver triggering SELinux AVC denials
I setup postfix/dovecot on a new machine and now all works well with the
small exception of dovecot triggering selinux avc denials on some
temp... files here is a sample alert:
Summary
SELinux is preventing /usr/libexec/dovecot/deliver (dovecot_deliver_t)
"link" to temp.localhost.678.40caaf5592891c46 (user_home_dir_t).
Detailed Description
SELinux denied access requested by /usr/libexec/dovecot/deliver. It
is not
expected that this access is required by
/usr/libexec/dovecot/deliver and
this access may signal an intrusio...
2009 Oct 04
2
deliver stopped working
...e and switching it to disabled did no good. I created the following policy
to get rid of all of the errors in the audit log:
module local_postfix 1.0;
require {
type postfix_etc_t;
type home_root_t;
type apmd_t;
type setrans_t;
type port_t;
type etc_mail_t;
type snmpd_t;
type tmp_t;
type dovecot_deliver_t;
type postfix_smtp_t;
type nfs_t;
type var_run_t;
type usr_t;
type httpd_t;
type audisp_t;
type postfix_cleanup_t;
type inetd_t;
type portmap_t;
type postfix_pickup_t;
type hald_t;
type getty_t;
type avahi_t;
type etc_t;
type sysctl_kernel_t;
type unconfined_t;
type init_t;
type a...
2017 Apr 28
0
NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql
...ext=system_u:system_r:postfix_master_t:s0
tcontext=system_u:system_r:postfix_pipe_t:s0 tclass=process permissive=1
type=AVC msg=audit(1493361700.073:49211): avc: denied { rlimitinh }
for pid=3064 comm="deliver"
scontext=system_u:system_r:postfix_pipe_t:s0
tcontext=system_u:system_r:dovecot_deliver_t:s0 tclass=process permissive=1
type=AVC msg=audit(1493361700.073:49211): avc: denied { siginh } for
pid=3064 comm="deliver" scontext=system_u:system_r:postfix_pipe_t:s0
tcontext=system_u:system_r:dovecot_deliver_t:s0 tclass=process permissive=1
type=AVC msg=audit(1493361700.073:49211...
2017 Apr 26
3
NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql
On 04/26/2017 12:29 AM, Robert Moskowitz wrote:
> But the policy generates errors. I will have to submit a bug report,
> it seems
A bug report would probably be helpful.
I'm looking back at the message you wrote describing errors in
ld-2.17.so. I think what's happening is that the policy on your system
includes a silent rule that somehow breaks your system. You'll need