SElinux concern

[Gordon Messmer]

Michael Klinosky wrote:
> From messages:
> Aug 18 04:17:15 d500 setroubleshoot:      SELinux is preventing access 
> to files with the default label, default_t.      For complete SELinux 
> messages. run sealert -l 9e597df3-e188-4d36-8739-dc030e5cfa0b
...
> Source Context                system_u:system_r:procmail_t
> Target Context                system_u:object_r:default_t
> Target Objects                root [ dir ]

It looks like when procmail is delivering the message to the root user, 
it tries to look up a .procmailrc file in /root.  Your /root directory 
has an odd SELinux context on it: "system_u:object_r:default_t".  You 
can confirm this with ls:

$ ls -ldZ /root
drwxr-x---  root root root:object_r:user_home_dir_t    /root/

The SELinux context above is, I believe, the correct one.  At least, 
it's the same on my F7 and CentOS 5 hosts.  You may have done something 
during your post-install configuration that changed the context of those 
directories.  You can fix the context with chcon:

# chcon root:object_r:user_home_dir_t /root

> Policy RPM                    selinux-policy-2.6.4-8.fc7

You should also apply updates.  A newer selinux-policy package is available.