Le jeudi 08 août 2013 à 18:11 +0200, Mika Pflüger a écrit :
> Hi,
>
> as mentioned in the wiki, the debian default configuration of postfix
> (chrooted) is not supported by selinux policy. Please use the script
> postfix-nochroot to unchroot your configuration.
Hi,
Well, besides the patch I sent, the only missing part in selinux policy
is something to fix this :
type=AVC msg=audit(1375791086.840:4461): avc: denied { sys_chroot }
for pid=23706 comm="pickup" capability=18
scontext=system_u:system_r:postfix_pickup_t:s0
tcontext=system_u:system_r:postfix_pickup_t:s0 tclass=capability
So i think integrating my patch would help to work toward a fix. There
is no reason to apply this only on redhat based distribution, so the
patch seems harmless to enable in unstable.
--
Michael Scherer
_______________________________________________
SELinux-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
