trunk: 2 patches from dan.

This commit is contained in:
Chris PeBenito 2008-12-04 15:01:12 +00:00
parent f657cb14e5
commit 9ff89c44e7
6 changed files with 44 additions and 4 deletions

View File

@ -750,6 +750,25 @@ interface(`mta_search_queue',`
allow $1 mqueue_spool_t:dir search_dir_perms;
')
#######################################
## <summary>
## Read the mail queue.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mta_read_queue',`
gen_require(`
type mqueue_spool_t;
')
read_files_pattern($1, mqueue_spool_t, mqueue_spool_t)
files_search_spool($1)
')
#######################################
## <summary>
## Do not audit attempts to read and

View File

@ -1,5 +1,5 @@
policy_module(mta, 2.0.1)
policy_module(mta, 2.0.2)
########################################
#

View File

@ -463,6 +463,25 @@ interface(`postfix_read_spool_files',`
read_files_pattern($1, postfix_spool_t, postfix_spool_t)
')
########################################
## <summary>
## Create, read, write, and delete postfix mail spool files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`postfix_manage_spool_files',`
gen_require(`
type postfix_spool_t;
')
files_search_spool($1)
manage_files_pattern($1, postfix_spool_t, postfix_spool_t)
')
########################################
## <summary>
## Execute postfix user mail programs

View File

@ -1,5 +1,5 @@
policy_module(postfix, 1.9.2)
policy_module(postfix, 1.9.3)
########################################
#

View File

@ -1,5 +1,5 @@
policy_module(postgrey, 1.5.2)
policy_module(postgrey, 1.5.3)
########################################
#
@ -95,6 +95,7 @@ optional_policy(`
optional_policy(`
postfix_read_config(postgrey_t)
postfix_manage_spool_files(postgrey_t)
')
optional_policy(`

View File

@ -1,5 +1,5 @@
policy_module(uucp, 1.8.0)
policy_module(uucp, 1.8.1)
########################################
#
@ -121,6 +121,7 @@ miscfiles_read_localization(uux_t)
optional_policy(`
mta_send_mail(uux_t)
mta_read_queue(uux_t)
')
optional_policy(`