And I said that I don't know. Actually, the entire
/usr/lib/mailman
directory somehow got its contexts screwed up, and I ran restorecon.
Maybe it set that context on the postfix-to-mailman script,
I don't see that
script in the current mailman package.
on the
basis of the execute permission being set?
Contexts should be set in the following
way [ to the best of my
knowledge...could be wrong ]
==============================================
- if the creating program calls setfscreatecon() in libselinux, the next
created file has that type
- if a rule exists in policy which maps the pair (src_con, target_class)
-> target_con, then the object of type target_class created by a process
in src_con gets its context changed to target_con. This is an automatic
transition.
- otherwise, the context is set to match the context of the parent directory