partial mailman merge
This commit is contained in:
parent
99505c1c89
commit
9d3e339e82
@ -280,6 +280,22 @@ interface(`mta_send_mail',`
|
||||
')
|
||||
')
|
||||
|
||||
#######################################
|
||||
## <summary>
|
||||
## Connect to all mail servers over TCP.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## Mail server domain.
|
||||
## </param>
|
||||
#
|
||||
interface(`mta_tcp_connect_all_mailservers',`
|
||||
gen_require(`
|
||||
attribute mailserver_domain;
|
||||
')
|
||||
|
||||
allow $1 mailserver_domain:tcp_socket { connectto recvfrom };
|
||||
')
|
||||
|
||||
#######################################
|
||||
#
|
||||
# mta_exec(domain)
|
||||
|
@ -2429,12 +2429,29 @@ interface(`files_search_locks',`
|
||||
interface(`files_dontaudit_search_locks',`
|
||||
gen_require(`
|
||||
type var_lock_t;
|
||||
class dir search;
|
||||
')
|
||||
|
||||
dontaudit $1 var_lock_t:dir search;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Add and remove entries in the /var/lock
|
||||
## directories.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## Domain allowed access.
|
||||
## </param>
|
||||
#
|
||||
interface(`files_rw_locks_dir',`
|
||||
gen_require(`
|
||||
type var_t, var_lock_t;
|
||||
')
|
||||
|
||||
allow $1 var_t:dir search;
|
||||
allow $1 var_lock_t:dir rw_dir_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
#
|
||||
# files_getattr_generic_locks(domain)
|
||||
@ -2535,16 +2552,20 @@ interface(`files_search_pids',`
|
||||
')
|
||||
|
||||
########################################
|
||||
#
|
||||
# files_dontaudit_search_pids(domain)
|
||||
## <summary>
|
||||
## Do not audit attempts to search
|
||||
## the /var/run directory.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## Domain to not audit.
|
||||
## </param>
|
||||
#
|
||||
interface(`files_dontaudit_search_pids',`
|
||||
gen_require(`
|
||||
type var_run_t;
|
||||
class dir search;
|
||||
')
|
||||
|
||||
allow $1 var_run_t:dir search;
|
||||
dontaudit $1 var_run_t:dir search;
|
||||
')
|
||||
|
||||
########################################
|
||||
|
Loading…
Reference in New Issue
Block a user