we've seen SELinux reports from our users that dovecot tried to use something
that needs CAP_NET_ADMIN capability. Before enabling it, we would like to know
where it originated from. I've checked the sources, but was not able to find
anything that would require this capability. Do you know for what it is used?
Is this something that changed recently? Anyway, no idea. Do they have any more
details, like is it even the dovecot master process that causes it? Or does it
say which syscall fails?
Thanks for the answer. We've looked into this a little bit more and
found out that this message is caused by what happens in kernel (and
network configuration). It is not caused by what dovecot does.
Cheers,
Michal
