Summary: | sec-policy/apparmor-profiles incompatible with dovecot service, upstream fix available | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Mark <mark.morschhaeuser> |
Component: | Current packages | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | UNCONFIRMED --- | ||
Severity: | major | CC: | hardened |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Mark
2023-12-19 00:32:51 UTC
ah, and while at it, we should add the following, otherwise dovecot cannot access maildirs properly: --- a/apparmor.d/local/usr.lib.dovecot.auth +++ b/apparmor.d/local/usr.lib.dovecot.auth @@ -1 +1,3 @@ # Site-specific additions and overrides for 'usr.lib.dovecot.auth' +/run/faillock/ rw, +/run/faillock/* rw, diff --git a/apparmor.d/local/usr.lib.dovecot.imap b/apparmor.d/local/usr.lib.dovecot.imap index 24ca5e9..edb24ea 100644 --- a/apparmor.d/local/usr.lib.dovecot.imap +++ b/apparmor.d/local/usr.lib.dovecot.imap @@ -1 +1,4 @@ # Site-specific additions and overrides for 'usr.lib.dovecot.imap' + +/home/*/.maildir/ rw, +/home/*/.maildir/** rwlk, |