Greetings,

I'm running procmail and spamassassin on a fully patched FC4 box.

I have the following procmail related entries in audit.log:

type=AVC msg=audit(1129564863.023:3868): avc: denied { search } for pid=5450 comm="procmail" name="tmp" dev=dm-0 ino=262145 scontext=root:system_r:postfix_local_t tcontext=system_u:object_r:tmp_t tclass=dir type=SYSCALL msg=audit(1129564863.023:3868): arch=40000003 syscall=196 success=no exit=-2 a0=93f8eb0 a1=bfc64dac a2=8b7ff4 a3=93f8ec1 items=1 pid=5450 auid=4294967295 uid=500 gid=501 euid=500 suid=500 fsuid=500 egid=501 sgid=501 fsgid=501 comm="procmail" exe="/usr/bin/procmail" type=CWD msg=audit(1129564863.023:3868): cwd="/home/jam" type=PATH msg=audit(1129564863.023:3868): item=0 name="/tmp/_KVB +8q8UDB.eros.zoidtechnolo" flags=310 type=AVC msg=audit(1129564863.023:3869): avc: denied { write } for pid=5450 comm="procmail" name="tmp" dev=dm-0 ino=262145 scontext=root:system_r:postfix_local_t tcontext=system_u:object_r:tmp_t tclass=dir type=AVC msg=audit(1129564863.023:3869): avc: denied { add_name } for pid=5450 comm="procmail" name="_KVB+8q8UDB.eros.zoidtechnolo" scontext=root:system_r:postfix_local_t tcontext=system_u:object_r:tmp_t tclass=dir type=SYSCALL msg=audit(1129564863.023:3869): arch=40000003 syscall=5 success=yes exit=5 a0=93f8eb0 a1=80c1 a2=124 a3=80c1 items=1 pid=5450 auid=4294967295 uid=500 gid=501 euid=500 suid=500 fsuid=500 egid=501 sgid=501 fsgid=501 comm="procmail" exe="/usr/bin/procmail"

Regards, J