emails, selinux and Fedora 17

Daniel J Walsh dwalsh at redhat.com
Mon Nov 5 13:32:04 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/05/2012 04:35 AM, lee wrote:
> Hi,
> 
> it seems that selinux gets in the way of my self-compiled emacs when gnus
> is trying to get mails from /var/spool/mail/lee.  Movemail isn't permitted
> to get the mail from there.  I have tried to adjust the file permissions on
> movemail, and it's like this now:
> 
> 
> -bash-4.2$ ls -laZ
> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail 
> -rwxr-xr-x. root root system_u:object_r:bin_t:s0
> /usr/local/libexec/emacs/24.2.50/x86_64-unknown-linux-gnu/movemail 
> -bash-4.2$ ls -laZ
> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail -rwxr-xr-x. root
> root system_u:object_r:bin_t:s0
> /usr/libexec/emacs/24.1/x86_64-redhat-linux-gnu/movemail
> 
> 
> The version of emacs that is in Fedora works, though I'd rather use my 
> self-compiled version because there have been bug fixes to gnus which might
> not be in emacs 24.1.
> 
> What am I missing?
> 
> 
> I'm used to have exim delivering mail into ~/Maildir in maildir format, and
> since that doesn't work with selinux anymore, I have adjusted my exim
> configuration to deliver to /var/spool/mail/<user> instead.  In the exim
> configuration section that specifies the routers, I had to set "group =
> mail" for those routers that end up making local deliveries to work around
> permission problems.  Is that the way it's supposed to be?
> 
> 
> So far, that works fine, and I'm not sure if I want to go back to 
> delivering into users home directories.  Now I'm wondering if all the 
> services are set up correctly since I'm also using clamd to scan for 
> viruses:
> 
> Will freshclam be run automatically, or do I need to set up a cron job for
> it?
> 
> 
> Is there some documentation about selinux in Fedora that would give me 
> better understanding?  I've switched from Debian to Fedora yesterday and 
> didn't use selinux with Debian.  Now with Fedora, selinux is somewhat 
> getting in the way, but I don't want to just turn it off.
> 

Please attach the AVC Messages.

ausearch -m avc -ts recent

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlCXv9QACgkQrlYvE4MpobOktwCdEG+9x6f/lEtl2armVbKb+BnQ
7ccAoKWRPaoxfR58YelMy8VV1yWktkDf
=LSAr
-----END PGP SIGNATURE-----

More information about the users mailing list