partial mailman merge

This commit is contained in:
Chris PeBenito 2005-10-07 19:35:36 +00:00
parent 99505c1c89
commit 9d3e339e82
2 changed files with 42 additions and 5 deletions

View File

@ -280,6 +280,22 @@ interface(`mta_send_mail',`
') ')
') ')
#######################################
## <summary>
## Connect to all mail servers over TCP.
## </summary>
## <param name="domain">
## Mail server domain.
## </param>
#
interface(`mta_tcp_connect_all_mailservers',`
gen_require(`
attribute mailserver_domain;
')
allow $1 mailserver_domain:tcp_socket { connectto recvfrom };
')
####################################### #######################################
# #
# mta_exec(domain) # mta_exec(domain)

View File

@ -2429,12 +2429,29 @@ interface(`files_search_locks',`
interface(`files_dontaudit_search_locks',` interface(`files_dontaudit_search_locks',`
gen_require(` gen_require(`
type var_lock_t; type var_lock_t;
class dir search;
') ')
dontaudit $1 var_lock_t:dir search; dontaudit $1 var_lock_t:dir search;
') ')
########################################
## <summary>
## Add and remove entries in the /var/lock
## directories.
## </summary>
## <param name="domain">
## Domain allowed access.
## </param>
#
interface(`files_rw_locks_dir',`
gen_require(`
type var_t, var_lock_t;
')
allow $1 var_t:dir search;
allow $1 var_lock_t:dir rw_dir_perms;
')
######################################## ########################################
# #
# files_getattr_generic_locks(domain) # files_getattr_generic_locks(domain)
@ -2535,16 +2552,20 @@ interface(`files_search_pids',`
') ')
######################################## ########################################
# ## <summary>
# files_dontaudit_search_pids(domain) ## Do not audit attempts to search
## the /var/run directory.
## </summary>
## <param name="domain">
## Domain to not audit.
## </param>
# #
interface(`files_dontaudit_search_pids',` interface(`files_dontaudit_search_pids',`
gen_require(` gen_require(`
type var_run_t; type var_run_t;
class dir search;
') ')
allow $1 var_run_t:dir search; dontaudit $1 var_run_t:dir search;
') ')
######################################## ########################################