trunk: Patch to handle postfix data_directory from Vaclav Ovsik.
This commit is contained in:
parent
7f4005e348
commit
8c6292b7a4
@ -1,3 +1,4 @@
|
|||||||
|
- Patch to handle postfix data_directory from Vaclav Ovsik.
|
||||||
- SE-Postgresql policy from KaiGai Kohei.
|
- SE-Postgresql policy from KaiGai Kohei.
|
||||||
- Patch for X.org dbus support from Martin Orr.
|
- Patch for X.org dbus support from Martin Orr.
|
||||||
- Patch for labeled networking controls in 2.6.25 from Paul Moore.
|
- Patch for labeled networking controls in 2.6.25 from Paul Moore.
|
||||||
|
@ -43,6 +43,9 @@ ifdef(`distro_redhat', `
|
|||||||
/usr/sbin/postmap -- gen_context(system_u:object_r:postfix_map_exec_t,s0)
|
/usr/sbin/postmap -- gen_context(system_u:object_r:postfix_map_exec_t,s0)
|
||||||
/usr/sbin/postqueue -- gen_context(system_u:object_r:postfix_postqueue_exec_t,s0)
|
/usr/sbin/postqueue -- gen_context(system_u:object_r:postfix_postqueue_exec_t,s0)
|
||||||
/usr/sbin/postsuper -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
/usr/sbin/postsuper -- gen_context(system_u:object_r:postfix_master_exec_t,s0)
|
||||||
|
|
||||||
|
/var/lib/postfix(/.*)? gen_context(system_u:object_r:postfix_data_t,s0)
|
||||||
|
|
||||||
/var/spool/postfix(/.*)? gen_context(system_u:object_r:postfix_spool_t,s0)
|
/var/spool/postfix(/.*)? gen_context(system_u:object_r:postfix_spool_t,s0)
|
||||||
/var/spool/postfix/maildrop(/.*)? gen_context(system_u:object_r:postfix_spool_maildrop_t,s0)
|
/var/spool/postfix/maildrop(/.*)? gen_context(system_u:object_r:postfix_spool_maildrop_t,s0)
|
||||||
/var/spool/postfix/pid/.* gen_context(system_u:object_r:postfix_var_run_t,s0)
|
/var/spool/postfix/pid/.* gen_context(system_u:object_r:postfix_var_run_t,s0)
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
|
||||||
policy_module(postfix,1.8.0)
|
policy_module(postfix, 1.8.1)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
#
|
#
|
||||||
@ -83,6 +83,10 @@ files_type(postfix_public_t)
|
|||||||
type postfix_var_run_t;
|
type postfix_var_run_t;
|
||||||
files_pid_file(postfix_var_run_t)
|
files_pid_file(postfix_var_run_t)
|
||||||
|
|
||||||
|
# the data_directory config parameter
|
||||||
|
type postfix_data_t;
|
||||||
|
files_type(postfix_data_t)
|
||||||
|
|
||||||
postfix_server_domain_template(virtual)
|
postfix_server_domain_template(virtual)
|
||||||
mta_mailserver_delivery(postfix_virtual_t)
|
mta_mailserver_delivery(postfix_virtual_t)
|
||||||
|
|
||||||
@ -104,6 +108,9 @@ allow postfix_master_t postfix_etc_t:file rw_file_perms;
|
|||||||
|
|
||||||
can_exec(postfix_master_t,postfix_exec_t)
|
can_exec(postfix_master_t,postfix_exec_t)
|
||||||
|
|
||||||
|
allow postfix_master_t postfix_data_t:dir manage_dir_perms;
|
||||||
|
allow postfix_master_t postfix_data_t:file manage_file_perms;
|
||||||
|
|
||||||
allow postfix_master_t postfix_map_exec_t:file { mmap_file_perms ioctl lock };
|
allow postfix_master_t postfix_map_exec_t:file { mmap_file_perms ioctl lock };
|
||||||
|
|
||||||
allow postfix_master_t postfix_postdrop_exec_t:file getattr;
|
allow postfix_master_t postfix_postdrop_exec_t:file getattr;
|
||||||
|
Loading…
Reference in New Issue
Block a user