clean up patch from Serge Fri, 10 Feb 2006 18:01:06 -0600

refpolicy/policy/modules/services/mta.if

@@ -224,6 +224,12 @@ template(`mta_per_userdomain_template',`
 	userdom_manage_user_home_subdir_pipes($1,mailserver_delivery)
 	userdom_manage_user_home_subdir_sockets($1,mailserver_delivery)
 	userdom_filetrans_user_home($1,mailserver_delivery,{ dir file lnk_file fifo_file sock_file })
+	# Read user temporary files.
+	userdom_read_user_tmp_files($1,$1_mail_t)
+	userdom_dontaudit_append_user_tmp_files($1,$1_mail_t)
+	# cjp: this should probably be read all user tmp
+	# files in an appropriate place for mta_user_agent
+	userdom_read_user_tmp_files($1,mta_user_agent)
 
 	tunable_policy(`use_samba_home_dirs',`
 		fs_manage_cifs_files($1_mail_t)
@@ -232,21 +238,17 @@ template(`mta_per_userdomain_template',`
 
 	optional_policy(`postfix',`
 		allow $1_mail_t self:capability dac_override;
+
+		# Read user temporary files.
+		# postfix seems to need write access if the file handle is opened read/write
+		userdom_rw_user_tmp_files($1,$1_mail_t)
+
 		postfix_read_config($1_mail_t)
 		postfix_list_spool($1_mail_t)
 	')
 
+
 	ifdef(`TODO',`
-	# Read user temporary files.
-	allow $1_mail_t $1_tmp_t:file r_file_perms;
-	dontaudit $1_mail_t $1_tmp_t:file append;
-	ifdef(`postfix.te',`
-		# postfix seems to need write access if the file handle is opened read/write
-		allow $1_mail_t $1_tmp_t:file write;
-	')
-
-	allow mta_user_agent $1_tmp_t:file r_file_perms;
-
 	# if you do not want to allow dead.letter then use the following instead
 	#allow $1_mail_t { $1_home_dir_t $1_home_t }:dir r_dir_perms;
 	#allow $1_mail_t $1_home_t:file r_file_perms;

refpolicy/policy/modules/services/postfix.if

@@ -157,11 +157,10 @@ template(`postfix_user_domain_template',`
 template(`postfix_per_userdomain_template',`
 	gen_require(`
 		attribute postfix_user_domains;
+		type postfix_postdrop_t;
 	')
 
-	# cjp: perhaps this should actually be $3
-	# instead of just sysadm_r?
-	#role sysadm_r types postfix_user_domains;
+	role $3 types postfix_postdrop_t;
 
 	allow postfix_user_domains $2:process sigchld;
 	allow postfix_user_domains $2:fifo_file { write getattr };

refpolicy/policy/modules/system/userdomain.if

@@ -1915,6 +1915,76 @@ template(`userdom_dontaudit_read_user_tmp_files',`
 	dontaudit $2 $1_tmp_t:file r_file_perms;
 ')
 
+########################################
+## <summary>
+##	Do not audit attempts to append users
+##	temporary files.
+## </summary>
+## <desc>
+##	<p>
+##	Do not audit attempts to append users
+##	temporary files.
+##	</p>
+##	<p>
+##	This is a templated interface, and should only
+##	be called from a per-userdomain template.
+##	</p>
+## </desc>
+## <param name="userdomain_prefix">
+##	<summary>
+##	The prefix of the user domain (e.g., user
+##	is the prefix for user_t).
+##	</summary>
+## </param>
+## <param name="domain">
+##	<summary>
+##	Domain to not audit.
+##	</summary>
+## </param>
+#
+template(`userdom_dontaudit_append_user_tmp_files',`
+	gen_require(`
+		type $1_tmp_t;
+	')
+
+	dontaudit $2 $1_tmp_t:file append;
+')
+
+########################################
+## <summary>
+##	Read and write user temporary files.
+## </summary>
+## <desc>
+##	<p>
+##	Read and write user temporary files.
+##	</p>
+##	<p>
+##	This is a templated interface, and should only
+##	be called from a per-userdomain template.
+##	</p>
+## </desc>
+## <param name="userdomain_prefix">
+##	<summary>
+##	The prefix of the user domain (e.g., user
+##	is the prefix for user_t).
+##	</summary>
+## </param>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+template(`userdom_rw_user_tmp_files',`
+	gen_require(`
+		type $1_tmp_t;
+	')
+
+	files_search_tmp($2)
+	allow $2 $1_tmp_t:dir r_dir_perms;
+	allow $2 $1_tmp_t:file rw_file_perms;
+')
+
 ########################################
 ## <summary>
 ##	Read user