Allow dovecot-deliver to create tmp files
Allow tor to send signals to itself
This commit is contained in:
parent
d7de04f8d4
commit
3a3212619a
@ -26,6 +26,9 @@ domain_type(dovecot_deliver_t)
|
||||
domain_entry_file(dovecot_deliver_t, dovecot_deliver_exec_t)
|
||||
role system_r types dovecot_deliver_t;
|
||||
|
||||
type dovecot_deliver_tmp_t;
|
||||
files_tmp_file(dovecot_deliver_tmp_t)
|
||||
|
||||
type dovecot_etc_t;
|
||||
files_config_file(dovecot_etc_t)
|
||||
|
||||
@ -268,6 +271,10 @@ allow dovecot_deliver_t dovecot_cert_t:dir search_dir_perms;
|
||||
|
||||
append_files_pattern(dovecot_deliver_t, dovecot_var_log_t, dovecot_var_log_t)
|
||||
|
||||
manage_dirs_pattern(dovecot_deliver_t, dovecot_deliver_tmp_t, dovecot_deliver_tmp_t)
|
||||
manage_files_pattern(dovecot_deliver_t, dovecot_deliver_tmp_t, dovecot_deliver_tmp_t)
|
||||
files_tmp_filetrans(dovecot_deliver_t, dovecot_deliver_tmp_t, { file dir })
|
||||
|
||||
can_exec(dovecot_deliver_t, dovecot_deliver_exec_t)
|
||||
|
||||
kernel_read_all_sysctls(dovecot_deliver_t)
|
||||
|
@ -42,6 +42,8 @@ files_pid_file(tor_var_run_t)
|
||||
#
|
||||
|
||||
allow tor_t self:capability { setgid setuid sys_tty_config };
|
||||
allow tor_t self:process signal;
|
||||
|
||||
allow tor_t self:fifo_file rw_fifo_file_perms;
|
||||
allow tor_t self:unix_stream_socket create_stream_socket_perms;
|
||||
allow tor_t self:netlink_route_socket r_netlink_socket_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user