[DSE-Dev] Bug#900186: selinux-policy-default: opendkim can not access /usr/share/dns/root.key
Sebastian Hamann
debian-bugs at ares-macrotechnology.com
Sun May 27 11:05:46 BST 2018
Package: selinux-policy-default
Version: 2:2.20161023.1-9
Severity: important
Dear Maintainer,
opendkim reads /usr/share/dns/root.key on startup.
However, the default SELinux policy has no rule to allow this.
I believe this breaks opendkim in enforcing mode.
Upstream refpolicy module 'dkim' includes the following rule to address this:
files_read_usr_files(dkim_milter_t)
-- System Information:
Debian Release: 9.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)
More information about the SELinux-devel
mailing list