On Wed, Mar 05, 2008 at 10:47:15AM -0500, Stephen Smalley wrote:
Hi Stephen,
>
> As a mater of interest, I have a procmail recipe which writes a copy of every
> mail I receive to a backup area on my /dev/sda8 partition, mounted as
> /mnt/backup/ by fstab. (It is an ext3 partition).
>
> I have tried doing:
> "restorecon -v -R /mnt/backup"
> and even:
> "fixfiles relabel"
>
> on this partition, but I gather this will not work. I think that I must
> somehow define a policy for this (and probably other) partition(s), but I am
> unclear as to how to go about this.
You might try something like this, assuming that you only store mail
files under /mnt/backup and only procmail requires access:
semanage fcontext -a -t mail_spool_t "/mnt/backup(/.*)?"
restorecon -v -R /mnt/backup
Thanks! This is really helpful.
If you need other things to be able to access it, then we'll have
to
know more to decide how to label it, or you could possibly move it to a
subdir of /mnt/backup like /mnt/backup/spool that can be devoted to
procmail's use.
Well, before I try the above commands...
Generally it is only procmail that needs access, however, I have this file
"rotated" by logrotate (run as root) on a monthly basis. It is rotated with
the "date" extension and that file is archived by a cron job (root) to DVD.
Oh, and I have a daily backup routine that uses "tar" run from a cron job that
also includes this directory...
Will those things invalidate your suggested solution?
Thanks again for you help so far. Much Appreciated...
Mark