document postfix templates, remove postfix_public_domain_template()
This commit is contained in:
Chris PeBenito
parent
e58da022e9
commit
e8ffdfc78f
@ -11,12 +11,12 @@ attribute postfix_user_domains;
|
|||||||
# postfix user domains
|
# postfix user domains
|
||||||
attribute postfix_user_domtrans;
|
attribute postfix_user_domtrans;
|
||||||
|
|
||||||
postfix_public_domain_template(bounce)
|
postfix_server_domain_template(bounce)
|
||||||
|
|
||||||
type postfix_spool_bounce_t;
|
type postfix_spool_bounce_t;
|
||||||
files_type(postfix_spool_bounce_t)
|
files_type(postfix_spool_bounce_t)
|
||||||
|
|
||||||
postfix_public_domain_template(cleanup)
|
postfix_server_domain_template(cleanup)
|
||||||
|
|
||||||
type postfix_etc_t;
|
type postfix_etc_t;
|
||||||
files_type(postfix_etc_t)
|
files_type(postfix_etc_t)
|
||||||
@ -45,9 +45,9 @@ typealias postfix_master_t alias postfix_t;
|
|||||||
# generation macro work
|
# generation macro work
|
||||||
mta_mailserver(postfix_t,postfix_master_exec_t)
|
mta_mailserver(postfix_t,postfix_master_exec_t)
|
||||||
|
|
||||||
postfix_public_domain_template(pickup)
|
postfix_server_domain_template(pickup)
|
||||||
|
|
||||||
postfix_public_domain_template(pipe)
|
postfix_server_domain_template(pipe)
|
||||||
|
|
||||||
postfix_user_domain_template(postdrop)
|
postfix_user_domain_template(postdrop)
|
||||||
mta_mailserver_user_agent(postfix_postdrop_t)
|
mta_mailserver_user_agent(postfix_postdrop_t)
|
||||||
@ -60,7 +60,7 @@ files_type(postfix_private_t)
|
|||||||
type postfix_prng_t;
|
type postfix_prng_t;
|
||||||
files_type(postfix_prng_t)
|
files_type(postfix_prng_t)
|
||||||
|
|
||||||
postfix_public_domain_template(qmgr)
|
postfix_server_domain_template(qmgr)
|
||||||
|
|
||||||
postfix_user_domain_template(showq)
|
postfix_user_domain_template(showq)
|
||||||
|
|
||||||
@ -223,6 +223,7 @@ allow postfix_bounce_t self:capability dac_read_search;
|
|||||||
allow postfix_bounce_t self:tcp_socket create_socket_perms;
|
allow postfix_bounce_t self:tcp_socket create_socket_perms;
|
||||||
|
|
||||||
allow postfix_bounce_t postfix_public_t:sock_file write;
|
allow postfix_bounce_t postfix_public_t:sock_file write;
|
||||||
|
allow postfix_bounce_t postfix_public_t:dir search;
|
||||||
|
|
||||||
allow postfix_bounce_t postfix_spool_t:dir create_dir_perms;
|
allow postfix_bounce_t postfix_spool_t:dir create_dir_perms;
|
||||||
allow postfix_bounce_t postfix_spool_t:file create_file_perms;
|
allow postfix_bounce_t postfix_spool_t:file create_file_perms;
|
||||||
@ -246,6 +247,7 @@ allow postfix_cleanup_t postfix_private_t:sock_file rw_file_perms;
|
|||||||
|
|
||||||
allow postfix_cleanup_t postfix_public_t:fifo_file rw_file_perms;
|
allow postfix_cleanup_t postfix_public_t:fifo_file rw_file_perms;
|
||||||
allow postfix_cleanup_t postfix_public_t:sock_file { getattr write };
|
allow postfix_cleanup_t postfix_public_t:sock_file { getattr write };
|
||||||
|
allow postfix_cleanup_t postfix_public_t:dir search;
|
||||||
|
|
||||||
allow postfix_cleanup_t postfix_spool_t:dir create_dir_perms;
|
allow postfix_cleanup_t postfix_spool_t:dir create_dir_perms;
|
||||||
allow postfix_cleanup_t postfix_spool_t:file create_file_perms;
|
allow postfix_cleanup_t postfix_spool_t:file create_file_perms;
|
||||||
@ -393,6 +395,7 @@ allow postfix_pickup_t postfix_private_t:sock_file write;
|
|||||||
|
|
||||||
allow postfix_pickup_t postfix_public_t:fifo_file rw_file_perms;
|
allow postfix_pickup_t postfix_public_t:fifo_file rw_file_perms;
|
||||||
allow postfix_pickup_t postfix_public_t:sock_file rw_file_perms;
|
allow postfix_pickup_t postfix_public_t:sock_file rw_file_perms;
|
||||||
|
allow postfix_pickup_t postfix_public_t:dir search;
|
||||||
|
|
||||||
postfix_list_spool(postfix_pickup_t)
|
postfix_list_spool(postfix_pickup_t)
|
||||||
allow postfix_pickup_t postfix_spool_maildrop_t:dir rw_dir_perms;
|
allow postfix_pickup_t postfix_spool_maildrop_t:dir rw_dir_perms;
|
||||||
@ -410,6 +413,7 @@ allow postfix_pipe_t postfix_private_t:dir search;
|
|||||||
allow postfix_pipe_t postfix_private_t:sock_file write;
|
allow postfix_pipe_t postfix_private_t:sock_file write;
|
||||||
|
|
||||||
allow postfix_pipe_t postfix_public_t:fifo_file { getattr write };
|
allow postfix_pipe_t postfix_public_t:fifo_file { getattr write };
|
||||||
|
allow postfix_pipe_t postfix_public_t:dir search;
|
||||||
|
|
||||||
allow postfix_pipe_t postfix_spool_t:dir search;
|
allow postfix_pipe_t postfix_spool_t:dir search;
|
||||||
allow postfix_pipe_t postfix_spool_t:file rw_file_perms;
|
allow postfix_pipe_t postfix_spool_t:file rw_file_perms;
|
||||||
@ -515,6 +519,7 @@ allow postfix_qmgr_t postfix_private_t:sock_file rw_file_perms;
|
|||||||
|
|
||||||
allow postfix_qmgr_t postfix_public_t:fifo_file rw_file_perms;
|
allow postfix_qmgr_t postfix_public_t:fifo_file rw_file_perms;
|
||||||
allow postfix_qmgr_t postfix_public_t:sock_file write;
|
allow postfix_qmgr_t postfix_public_t:sock_file write;
|
||||||
|
allow postfix_qmgr_t postfix_public_t:dir search;
|
||||||
|
|
||||||
# for /var/spool/postfix/active
|
# for /var/spool/postfix/active
|
||||||
allow postfix_qmgr_t postfix_spool_t:dir create_dir_perms;
|
allow postfix_qmgr_t postfix_spool_t:dir create_dir_perms;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user