On Wed, 2006-08-16 at 21:38 -0700, Charles A. Crayne wrote:
With a fully updated FC5 targeted policy, in permissive mode, while
sorting
incoming mail, procmail invokes spamassassin, which wants read and getattr
permission for file /etc/shadow. I used audit2allow to create an allow
rule for these cases, but the resulting local.pp module will not load,
because it triggers an assert rule.
What is the recommended resolution to this issue?
Odds are good that it doesn't truly need those permissions, so use a
dontaudit rule instead of an allow rule, and see if it works then in
enforcing mode. The dontaudit rule will just suppress the audit message
without allowing it to happen.
--
Stephen Smalley
National Security Agency