Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: selinux denials of spamd reading files in /var/lib/spamassassin/
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187974
------- Additional Comments From paul@city-fan.org 2006-07-14 13:31 EST ------- (In reply to comment #9)
(In reply to comment #6)
I don't like system space being able to write to users home directories. System Space is where the bad guys live. Userspace is where the good stuff is.
As far as /var/lib: Is this something the fedora package changes or is this something new? Does spamd need to read files in /var/lib? Does it need to write them there?
I use spamassassin with virtual users; in /etc/sysconfig/spamassassin I have: SPAMDOPTIONS="-d -c -m5 -x --virtual-config-dir=/home/spamassassin/%u -H"
I would very much like to have the user preferences/bayes files somewhere is "system space" (/home/spamassassin isn't a real user home directory but has file contexts as if it was). However, I couldn't figure out a suitable location to put these files. I tried making a directory /var/spool/spamsassassin at first but SELinux was much less happy there than where I have it now. So where *should* I have this data to keep it in system space?
I note that the spamassassin policy now has spamd_spool_t for /var/spool/spamassassin(/.*)?
Is the intended use of this for virtual users as I described above?