On Mon, December 8, 2014 20:01, Daniel J Walsh wrote: > > rpm -q selinux-policy > > selinux-policy-3.7.19-260.el6 is the current policy in development. >> Thank you. >>>> #============= postfix_showq_t ============== >>>> allow postfix_showq_t tmp_t:dir read; >>> Any reason postfix would be listing the contents of /tmp or /var/tmp? >>> Did you put some content into these directories that have something to >>> do with mail? >> That question I need put to the Postfix mailing list. I see nothing in the >> spec file that bears on the matter and the tarball was pulled from: >> >> ftp://ftp.porcupine.org/mirrors/postfix-release/official/ >> >>>> #============= postfix_smtp_t ============== >>>> allow postfix_smtp_t postfix_spool_maildrop_t:file { read write getattr }; >>>> >>>> I do not know why my build of Postfix is looking in /tmp. According to Wietse Venema the base Postfix tarball does not access /tmp at all. So it must be one of the patches, but I have not yet uncovered which one. In any case, this raises the question: Why would any program not have access to /tmp? Is not that what /tmp is for, a scratchpad for programs? -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3