diff --git a/policy/modules/services/spamassassin.te b/policy/modules/services/spamassassin.te index bafef770..f4738d36 100644 --- a/policy/modules/services/spamassassin.te +++ b/policy/modules/services/spamassassin.te @@ -84,7 +84,6 @@ ubac_constrained(spamc_tmp_t) type spamd_t; type spamd_exec_t; init_daemon_domain(spamd_t, spamd_exec_t) -can_exec(spamd_t, spamd_exec_t) type spamd_compiled_t; files_type(spamd_compiled_t) @@ -410,6 +409,8 @@ manage_files_pattern(spamd_t, spamd_var_run_t, spamd_var_run_t) manage_sock_files_pattern(spamd_t, spamd_var_run_t, spamd_var_run_t) files_pid_filetrans(spamd_t, spamd_var_run_t, { file dir }) +can_exec(spamd_t, spamd_exec_t) + kernel_read_all_sysctls(spamd_t) kernel_read_system_state(spamd_t)