http://bugzilla.opensuse.org/show_bug.cgi?id=1166007
http://bugzilla.opensuse.org/show_bug.cgi?id=1166007#c4
--- Comment #4 from Michael Hirmke
So - if you have created separate profiles for /usr/lib/dovecot/script-login and your actual post-login script, I'd be interested to see them.
Hrmpf, too late 8-< For security reasons I decided to move my script to /home/vmail/bin. Owner/group for this directory are vmail.vmail, same for the script now. vmail is the user running the imap-postlogin service in my configuration. I then removed/resetted all the apparmor profiles, that have been newly created/altered after running aa-logprof. My intention was to let apparmor reread the audit.log after a while and recreate the profiles according to the new configuration. But no more errors occured after reloading apparmor profiles and restarting dovecot. So I don't have any new/altered profiles now - so sorry. One more question, though: I get an error message from the dovecot master process "master: Error: serivce(lmtp): kill(<pid>, SIGINT) failed: Operation not permitted" This happens, when the lmtp service should be killed after idle timeout. There seems to be no entry in the audit.log for this error. Isn't this an error caused by apparmor, then? TIA. Bye. Michael. -- You are receiving this mail because: You are on the CC list for the bug.