F19-mailserver & selinux complains
Adam Williamson
awilliam at redhat.com
Wed Jun 5 06:04:03 UTC 2013
On Wed, 2013-06-05 at 08:59 +0300, Cristian Sava wrote:
> > Why is courier storing pid files in /var/spool/authdaemon/pid?
> >
> > Current policy allows courier_authdaemon to create sock_files in this
> > directory but not regular files.
> >
> >
> That is beyond of me, but I think there may be a reason and I don't find
> complains for it on forums.
> I think that it just have to work, with and without selinux, it's the
> administrator's choice (without the need to compile modules and so on,
> only an option needed).
> Courier is too well known to be ignored and it is not something very
> special beast.
Sometimes the fix for an AVC is for the SELinux policy to be changed:
the AVC is essentially a 'false positive' and it makes sense for the
behaviour to be allowed. Sometimes the AVC is not a 'false positive',
but is indicating that an app is doing something it really shouldn't
need to do: in this case the best fix is not to change the policy, but
to fix the app. Dan asked the question because he needs to know the
answer to it in order to determine which case we're dealing with here.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the test
mailing list