Dontaudit attempts by system_mail_t to use leaked fd or stream sockets
When fail2ban invokes sendmail to send out a mail event, denials such as the
following ones occur, but without any consequence on the functioning itself (the
mails are sent out correctly, no errors in logs):
type=AVC msg=audit(1352348532.580:1313): avc: denied { read write } for
pid=28042 comm="sendmail" path="socket:[1480]" dev="sockfs" ino=1480
scontext=system_u:system_r:system_mail_t tcontext=system_u:system_r:fail2ban_t
tclass=unix_stream_socket
type=AVC msg=audit(1352348532.590:1314): avc: denied { use } for pid=28047
comm="postdrop" path="/dev/null" dev="devtmpfs" ino=3075
scontext=system_u:system_r:postfix_postdrop_t
tcontext=system_u:system_r:fail2ban_t tclass=fd
It looks like these are due to leaked file descriptors.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>