## <summary>Pyzor is a distributed, collaborative spam detection and filtering network.</summary> ######################################## ## <summary> ## Execute pyzor with a domain transition. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`pyzor_domtrans',` gen_require(` type pyzor_exec_t, pyzor_t; ') files_search_usr($1) corecmd_search_bin($1) domain_auto_trans($1,pyzor_exec_t,pyzor_t) allow $1 pyzor_t:fd use; allow pyzor_t $1:fd use; allow pyzor_t $1:fifo_file rw_file_perms; allow pyzor_t $1:process sigchld; ') ######################################## ## <summary> ## Execute pyzor in the caller domain. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`pyzor_exec',` gen_require(` type pyzor_exec_t; ') files_search_usr($1) corecmd_search_bin($1) can_exec($1,pyzor_exec_t) ') ####################################### ## <summary> ## The per user domain template for the pyzor module. ## </summary> ## <desc> ## <p> ## This template allows pyzor to manage files in ## a user home directory, creating files with the ## correct type. ## </p> ## <p> ## This template is invoked automatically for each user, and ## generally does not need to be invoked directly ## by policy writers. ## </p> ## </desc> ## <param name="userdomain_prefix"> ## <summary> ## The prefix of the user domain (e.g., user ## is the prefix for user_t). ## </summary> ## </param> # template(`pyzor_per_userdomain_template',` type $1_pyzor_home_t; userdom_user_home_content($1,$1_pyzor_home_t) allow pyzord_t $1_pyzor_home_t:dir create_dir_perms; allow pyzord_t $1_pyzor_home_t:file create_file_perms; allow pyzord_t $1_pyzor_home_t:lnk_file create_lnk_perms; userdom_search_user_home_dirs($1,pyzord_t) userdom_user_home_dir_filetrans($1,pyzord_t,$1_pyzor_home_t,{ dir file lnk_file }) ')