Comment 4 for bug 978584

(In reply to comment #1)

> The "network inet stream" is already in the packaged profile - in other words:
> it doesn't count ;-)

Fair enough.

> The problem is caused by a change in the logging format. See the upstream
> bugreport https://bugs.launchpad.net/apparmor/+bug/800826
> (just tested - logprof works if you delete the "lport=143" part)

Ouch! That's over 9 months old already. Any chance of fixing this?

> Independent from that - are there other dovecot-related profiles that need an
> inet6 rule added? I'd guess usr.lib.dovecot.managesieve-login could need it -
> at least it already contains an inet rule.

I don't know, but I guess one would need this if using IPv6 to connect. Updates to sieve scripts on my system oddly enough will use 127.0.0.1, so these will be allowed by the existing rule. However, updating still fails:

Apr 5 23:08:34 mail dovecot: managesieve-login: Login: user=<arjen>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=9319, secured
Apr 5 23:08:34 mail dovecot: managesieve(arjen): Error: sieve-storage: open(/home/arjen/sieve/tmp/ingo-1333660114.M954214P9319.mail.sieve) failed: Permission denied
Apr 5 23:08:35 mail dovecot: managesieve(arjen): Connection closed bytes=7979/489

I can make this work again by running /usr/sbin/dovecot in complain mode, but strangely enough this doesn't log anything in /var/log/audit/audit.log. But this is probably unrelated and will be something in the profile for /usr/sbin/dovecot.