rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

courier patch from Dan Walsh

Browse Source
This commit is contained in:
Jeremy Solt 2010-08-30 10:45:10 -04:00 committed by Chris PeBenito
parent 67effb0450
commit 483be01302
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/services/courier.if
View File

@ -38,10 +38,12 @@ template(`courier_domain_template',`
read_files_pattern(courier_$1_t, courier_etc_t, courier_etc_t) read_files_pattern(courier_$1_t, courier_etc_t, courier_etc_t)
allow courier_$1_t courier_etc_t:dir list_dir_perms; allow courier_$1_t courier_etc_t:dir list_dir_perms;
manage_dirs_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
manage_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t) manage_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
manage_lnk_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t) manage_lnk_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
manage_sock_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t) manage_sock_files_pattern(courier_$1_t, courier_var_run_t, courier_var_run_t)
files_search_pids(courier_$1_t) files_search_pids(courier_$1_t)
files_pid_filetrans(courier_$1_t, courier_var_run_t, dir)
kernel_read_system_state(courier_$1_t) kernel_read_system_state(courier_$1_t)
kernel_read_kernel_sysctls(courier_$1_t) kernel_read_kernel_sysctls(courier_$1_t)

1
policy/modules/services/courier.te
View File

@ -48,6 +48,7 @@ allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_fifo_file_perms;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms; allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:unix_stream_socket rw_stream_socket_perms; allow courier_authdaemon_t courier_tcpd_t:unix_stream_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:process sigchld; allow courier_authdaemon_t courier_tcpd_t:process sigchld;
allow courier_authdaemon_t courier_tcpd_t:fd use;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms; allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms; allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;