rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Procmail patch from Dan Walsh.

Browse Source
This commit is contained in:
Chris PeBenito 2010-05-20 08:17:06 -04:00
parent e19b8d1c2e
commit b276e36914
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
policy/modules/services/procmail.te
View File

@ -1,5 +1,5 @@
policy_module(procmail, 1.11.0)
policy_module(procmail, 1.11.1)
########################################
#
@ -22,7 +22,7 @@ files_tmp_file(procmail_tmp_t)
# Local policy
#
allow procmail_t self:capability { sys_nice chown setuid setgid dac_override };
allow procmail_t self:capability { sys_nice chown fsetid setuid setgid dac_override };
allow procmail_t self:process { setsched signal signull };
allow procmail_t self:fifo_file rw_fifo_file_perms;
allow procmail_t self:unix_stream_socket create_socket_perms;
@ -92,6 +92,7 @@ userdom_user_home_dir_filetrans_user_home_content(procmail_t, { dir file lnk_fil
userdom_dontaudit_search_user_home_dirs(procmail_t)
mta_manage_spool(procmail_t)
mta_read_queue(procmail_t)
ifdef(`hide_broken_symptoms',`
mta_dontaudit_rw_queue(procmail_t)
@ -136,8 +137,8 @@ optional_policy(`
mta_read_config(procmail_t)
sendmail_domtrans(procmail_t)
sendmail_signal(procmail_t)
sendmail_rw_tcp_sockets(procmail_t)
sendmail_rw_unix_stream_sockets(procmail_t)
sendmail_dontaudit_rw_tcp_sockets(procmail_t)
sendmail_dontaudit_rw_unix_stream_sockets(procmail_t)
')
optional_policy(`