Dovecot profile update:
- allow /var/spool/mail, not only the /var/mail symlink
- allow @{HOME}/Mail/
- allow capability fsetid, read access to /etc/lsb-release and 
  SuSE-release and k for /var/{lib,run}/dovecot in usr.bin.dovecot

References:
- dovecot: Added support for /var/spool/mail (bnc#691072)
- Updated dovecot profile (bnc#681267).

Patch taken from openSUSE:11.4:Update:Test, file apparmor-profiles-dovecot
updated to match trunk by Christian Boltz <apparmor@cboltz.de>


=== modified file 'profiles/apparmor.d/usr.lib.dovecot.deliver'
--- profiles/apparmor.d/usr.lib.dovecot.deliver	2010-08-05 19:00:02 +0000
+++ profiles/apparmor.d/usr.lib.dovecot.deliver	2011-08-19 10:38:48 +0000
@@ -17,6 +17,7 @@
   @{HOME}/mail/.imap/** klrw,
   /usr/lib/dovecot/deliver mr,
   /var/mail/* klrw,
+  /var/spool/mail/* klrw,
 
   # Site-specific additions and overrides. See local/README for details.
   #include <local/usr.lib.dovecot.deliver>

=== modified file 'profiles/apparmor.d/usr.lib.dovecot.imap'
--- profiles/apparmor.d/usr.lib.dovecot.imap	2010-08-05 19:00:02 +0000
+++ profiles/apparmor.d/usr.lib.dovecot.imap	2011-08-19 10:39:44 +0000
@@ -11,11 +11,15 @@
   @{HOME} r,
   @{HOME}/Maildir/ rw,
   @{HOME}/Maildir/** klrw,
+  @{HOME}/Mail/ rw,
+  @{HOME}/Mail/* klrw,
+  @{HOME}/Mail/.imap/** klrw,
   @{HOME}/mail/ rw,
   @{HOME}/mail/* klrw,
   @{HOME}/mail/.imap/** klrw,
   /usr/lib/dovecot/imap mr,
   /var/mail/* klrw,
+  /var/spool/mail/* klrw,
 
   # Site-specific additions and overrides. See local/README for details.
   #include <local/usr.lib.dovecot.imap>

=== modified file 'profiles/apparmor.d/usr.lib.dovecot.pop3'
--- profiles/apparmor.d/usr.lib.dovecot.pop3	2010-08-05 19:00:02 +0000
+++ profiles/apparmor.d/usr.lib.dovecot.pop3	2011-08-19 10:37:59 +0000
@@ -9,6 +9,7 @@
   capability setuid,
 
   /var/mail/* klrw,
+  /var/spool/mail/* klrw,
   @{HOME} r,
   @{HOME}/mail/* klrw,
   @{HOME}/mail/.imap/** klrw,

=== modified file 'profiles/apparmor.d/usr.sbin.dovecot'
--- profiles/apparmor.d/usr.sbin.dovecot	2011-07-14 12:57:57 +0000
+++ profiles/apparmor.d/usr.sbin.dovecot	2011-08-19 10:44:14 +0000
@@ -13,9 +13,12 @@
   capability setgid,
   capability setuid,
   capability sys_chroot,
+  capability fsetid,
 
   /etc/dovecot/** r,
   /etc/mtab r,
+  /etc/lsb-release r,
+  /etc/SuSE-release r,
   /usr/lib/dovecot/dovecot-auth Pxmr,
   /usr/lib/dovecot/imap Pxmr,
   /usr/lib/dovecot/imap-login Pxmr,
@@ -26,10 +29,10 @@
   /usr/lib/dovecot/managesieve-login Pxmr,
   /usr/lib/dovecot/ssl-build-param ixr,
   /usr/sbin/dovecot mr,
-  /var/lib/dovecot/ w,
-  /var/lib/dovecot/* krw,
-  /{,var/}run/dovecot/ rw,
-  /{,var/}run/dovecot/** rw,
+  /var/lib/dovecot/ wl,
+  /var/lib/dovecot/* krwl,
+  /{,var/}run/dovecot/ rwl,
+  /{,var/}run/dovecot/** rwl,
 
   # Site-specific additions and overrides. See local/README for details.
   #include <local/usr.sbin.dovecot>