[DSE-Dev] Bug#716753: avc: denied { setsched } for comm="ssl-params" scontext=system_u:system_r:dovecot_t:s0 tcontext=system_u:system_r:dovecot_t:s0

[Leos Bitto]

Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: important

Dear Maintainer,

ausearch -m avc shows this to me:

type=SYSCALL msg=audit(1373352584.491:4): arch=40000003 syscall=97 success=no exit=-13 a0=0 a1=0 a2=f a3=b9505998 items=0 ppid=2979 pid=3002 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ssl-params" exe="/usr/lib/dovecot/ssl-params" subj=system_u:system_r:dovecot_t:s0 key=(null)
type=AVC msg=audit(1373352584.491:4): avc:  denied  { setsched } for  pid=3002 comm="ssl-params" scontext=system_u:system_r:dovecot_t:s0 tcontext=system_u:system_r:dovecot_t:s0 tclass=process

audit2allow suggests this:

require {
        type dovecot_t;
        class process setsched;
}

#============= dovecot_t ==============
allow dovecot_t self:process setsched;

Could you please consider including this into the next version of the SELinux module dovecot (currently I have version 1.13.0)?

-- System Information:
Debian Release: 7.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages selinux-policy-default depends on:
ii  libpam-modules   1.1.3-7.1
ii  libselinux1      2.1.9-5
ii  libsepol1        2.1.4-3
ii  policycoreutils  2.1.10-9
ii  python           2.7.3-4

Versions of packages selinux-policy-default recommends:
ii  checkpolicy  2.1.8-2
pn  setools      <none>

Versions of packages selinux-policy-default suggests:
pn  logcheck        <none>
pn  syslog-summary  <none>

-- Configuration Files:
/etc/selinux/default/modules/active/file_contexts.local [Errno 13] Permission denied: u'/etc/selinux/default/modules/active/file_contexts.local'

-- no debconf information