dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
With those additions, I've got dovecot 2.0 running in my simple PAM-based environment, leaving just the following AVC:
type=AVC msg=audit(1269955050.887:91063): avc: denied { write } for pid=15315 comm="dovecot" name="dovecot.conf" dev=dm-6 ino=11454 scontext=unconfined_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:dovecot_etc_t:s0 tclass=file type=SYSCALL msg=audit(1269955050.887:91063): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7fffa5620390 a2=6e a3=7fffa5620220 items=0 ppid=15314 pid=15315 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2219 comm="dovecot" exe="/usr/sbin/dovecot" subj=unconfined_u:system_r:dovecot_t:s0 key=(null)
I haven't figured out where that's coming from yet but it looks far too suspicious to allow, and doesn't seem to break anything when it's not allowed.
Paul.
On 03/30/2010 09:23 AM, Paul Howarth wrote:
dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
With those additions, I've got dovecot 2.0 running in my simple PAM-based environment, leaving just the following AVC:
type=AVC msg=audit(1269955050.887:91063): avc: denied { write } for pid=15315 comm="dovecot" name="dovecot.conf" dev=dm-6 ino=11454 scontext=unconfined_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:dovecot_etc_t:s0 tclass=file type=SYSCALL msg=audit(1269955050.887:91063): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7fffa5620390 a2=6e a3=7fffa5620220 items=0 ppid=15314 pid=15315 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2219 comm="dovecot" exe="/usr/sbin/dovecot" subj=unconfined_u:system_r:dovecot_t:s0 key=(null)
I haven't figured out where that's coming from yet but it looks far too suspicious to allow, and doesn't seem to break anything when it's not allowed.
Paul.
selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Thanks, see if dovecot_t is doing an access check on the file? We can probably dontaudit it.
On 03/30/2010 09:23 AM, Paul Howarth wrote:
dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
With those additions, I've got dovecot 2.0 running in my simple PAM-based environment, leaving just the following AVC:
type=AVC msg=audit(1269955050.887:91063): avc: denied { write } for pid=15315 comm="dovecot" name="dovecot.conf" dev=dm-6 ino=11454 scontext=unconfined_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:dovecot_etc_t:s0 tclass=file type=SYSCALL msg=audit(1269955050.887:91063): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7fffa5620390 a2=6e a3=7fffa5620220 items=0 ppid=15314 pid=15315 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2219 comm="dovecot" exe="/usr/sbin/dovecot" subj=unconfined_u:system_r:dovecot_t:s0 key=(null)
I haven't figured out where that's coming from yet but it looks far too suspicious to allow, and doesn't seem to break anything when it's not allowed.
Paul.
selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Also is this coming to F12 or just F13?
On 30/03/10 14:41, Daniel J Walsh wrote:
On 03/30/2010 09:23 AM, Paul Howarth wrote:
dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
With those additions, I've got dovecot 2.0 running in my simple PAM-based environment, leaving just the following AVC:
type=AVC msg=audit(1269955050.887:91063): avc: denied { write } for pid=15315 comm="dovecot" name="dovecot.conf" dev=dm-6 ino=11454 scontext=unconfined_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:dovecot_etc_t:s0 tclass=file type=SYSCALL msg=audit(1269955050.887:91063): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7fffa5620390 a2=6e a3=7fffa5620220 items=0 ppid=15314 pid=15315 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2219 comm="dovecot" exe="/usr/sbin/dovecot" subj=unconfined_u:system_r:dovecot_t:s0 key=(null)
I haven't figured out where that's coming from yet but it looks far too suspicious to allow, and doesn't seem to break anything when it's not allowed.
Paul.
Also is this coming to F12 or just F13?
Only Rawhide (F14) at the moment. I doubt that it will appear in F13 as it's not there yet (I'm not the maintainer btw) and the configuration has changed from /etc/dovecot.conf to /etc/dovecot/dovecot.conf + /etc/dovecot/conf.d/*.conf and some of the directives have changed too.
Paul.
On 03/30/2010 10:06 AM, Paul Howarth wrote:
On 30/03/10 14:41, Daniel J Walsh wrote:
On 03/30/2010 09:23 AM, Paul Howarth wrote:
dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
With those additions, I've got dovecot 2.0 running in my simple PAM-based environment, leaving just the following AVC:
type=AVC msg=audit(1269955050.887:91063): avc: denied { write } for pid=15315 comm="dovecot" name="dovecot.conf" dev=dm-6 ino=11454 scontext=unconfined_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:dovecot_etc_t:s0 tclass=file type=SYSCALL msg=audit(1269955050.887:91063): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7fffa5620390 a2=6e a3=7fffa5620220 items=0 ppid=15314 pid=15315 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2219 comm="dovecot" exe="/usr/sbin/dovecot" subj=unconfined_u:system_r:dovecot_t:s0 key=(null)
I haven't figured out where that's coming from yet but it looks far too suspicious to allow, and doesn't seem to break anything when it's not allowed.
Paul.
Also is this coming to F12 or just F13?
Only Rawhide (F14) at the moment. I doubt that it will appear in F13 as it's not there yet (I'm not the maintainer btw) and the configuration has changed from /etc/dovecot.conf to /etc/dovecot/dovecot.conf + /etc/dovecot/conf.d/*.conf and some of the directives have changed too.
Paul.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Ok thanks for the heads up. I will put the changes into F13 policy.
On 03/30/2010 10:06 AM, Paul Howarth wrote:
On 30/03/10 14:41, Daniel J Walsh wrote:
On 03/30/2010 09:23 AM, Paul Howarth wrote:
dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
With those additions, I've got dovecot 2.0 running in my simple PAM-based environment, leaving just the following AVC:
type=AVC msg=audit(1269955050.887:91063): avc: denied { write } for pid=15315 comm="dovecot" name="dovecot.conf" dev=dm-6 ino=11454 scontext=unconfined_u:system_r:dovecot_t:s0 tcontext=system_u:object_r:dovecot_etc_t:s0 tclass=file type=SYSCALL msg=audit(1269955050.887:91063): arch=c000003e syscall=42 success=no exit=-13 a0=4 a1=7fffa5620390 a2=6e a3=7fffa5620220 items=0 ppid=15314 pid=15315 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=2219 comm="dovecot" exe="/usr/sbin/dovecot" subj=unconfined_u:system_r:dovecot_t:s0 key=(null)
I haven't figured out where that's coming from yet but it looks far too suspicious to allow, and doesn't seem to break anything when it's not allowed.
Paul.
Also is this coming to F12 or just F13?
Only Rawhide (F14) at the moment. I doubt that it will appear in F13 as it's not there yet (I'm not the maintainer btw) and the configuration has changed from /etc/dovecot.conf to /etc/dovecot/dovecot.conf + /etc/dovecot/conf.d/*.conf and some of the directives have changed too.
Paul.
THis might be a resend, since thunderbird crashed. But thanks for the heads-up. Added to F13 policy.
On Tue, 30 Mar 2010 14:23:19 +0100 Paul Howarth paul@city-fan.org wrote:
dovecot 2.0 renames some files from 1.x and needs some additional policy:
File contexts:
/etc/dovecot(/.*)? gen_context(system_u:object_r:dovecot_etc_t,s0)
/usr/libexec/dovecot/auth -- gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
/usr/libexec/dovecot/dovecot-lda -- gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
Rules:
type dovecot_tmp_t; files_tmp_file(dovecot_tmp_t) manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t) files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir }) allow dovecot_t self:capability kill; allow dovecot_t dovecot_auth_t:process signal;
Another rule needed when it regenerates SSL DH parameters:
allow dovecot_t self:process setsched;
Paul.
selinux@lists.fedoraproject.org