selinux-policy/policy/modules/services/mta.te
Dominick Grift 68ac47d8c5 Whitespace, newline and tab fixes.
Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.

Whitespace, newline and tab fixes.
2010-09-22 15:41:42 +02:00

335 lines
8.8 KiB
Plaintext

policy_module(mta, 2.3.0)
########################################
#
# Declarations
#
attribute mailcontent_type;
attribute mta_exec_type;
attribute mta_user_agent;
attribute mailserver_delivery;
attribute mailserver_domain;
attribute mailserver_sender;
attribute user_mail_domain;
type etc_aliases_t;
files_type(etc_aliases_t)
type etc_mail_t;
files_config_file(etc_mail_t)
type mail_home_t alias mail_forward_t;
userdom_user_home_content(mail_home_t)
type mqueue_spool_t;
files_mountpoint(mqueue_spool_t)
type mail_spool_t;
files_mountpoint(mail_spool_t)
type sendmail_exec_t;
mta_agent_executable(sendmail_exec_t)
mta_base_mail_template(system)
role system_r types system_mail_t;
mta_base_mail_template(user)
typealias user_mail_t alias { staff_mail_t sysadm_mail_t };
typealias user_mail_t alias { auditadm_mail_t secadm_mail_t };
typealias user_mail_tmp_t alias { staff_mail_tmp_t sysadm_mail_tmp_t };
typealias user_mail_tmp_t alias { auditadm_mail_tmp_t secadm_mail_tmp_t };
ubac_constrained(user_mail_t)
ubac_constrained(user_mail_tmp_t)
########################################
#
# System mail local policy
#
# newalias required this, not sure if it is needed in 'if' file
allow system_mail_t self:capability { dac_override fowner };
read_files_pattern(system_mail_t, mailcontent_type, mailcontent_type)
dev_read_sysfs(system_mail_t)
dev_read_rand(system_mail_t)
dev_read_urand(system_mail_t)
files_read_usr_files(system_mail_t)
fs_rw_anon_inodefs_files(system_mail_t)
selinux_getattr_fs(system_mail_t)
term_dontaudit_use_unallocated_ttys(system_mail_t)
init_use_script_ptys(system_mail_t)
userdom_use_user_terminals(system_mail_t)
userdom_dontaudit_search_user_home_dirs(system_mail_t)
userdom_dontaudit_list_admin_dir(system_mail_t)
logging_append_all_logs(system_mail_t)
optional_policy(`
apache_read_squirrelmail_data(system_mail_t)
apache_append_squirrelmail_data(system_mail_t)
# apache should set close-on-exec
apache_dontaudit_append_log(system_mail_t)
apache_dontaudit_rw_stream_sockets(system_mail_t)
apache_dontaudit_rw_tcp_sockets(system_mail_t)
apache_dontaudit_rw_sys_script_stream_sockets(system_mail_t)
apache_dontaudit_write_tmp_files(system_mail_t)
# apache should set close-on-exec
apache_dontaudit_rw_stream_sockets(mta_user_agent)
apache_dontaudit_rw_sys_script_stream_sockets(mta_user_agent)
apache_append_log(mta_user_agent)
')
optional_policy(`
arpwatch_manage_tmp_files(system_mail_t)
ifdef(`hide_broken_symptoms',`
arpwatch_dontaudit_rw_packet_sockets(system_mail_t)
')
')
optional_policy(`
bugzilla_search_dirs(system_mail_t)
bugzilla_dontaudit_rw_script_stream_sockets(system_mail_t)
')
optional_policy(`
clamav_stream_connect(system_mail_t)
clamav_append_log(system_mail_t)
')
optional_policy(`
cron_read_system_job_tmp_files(system_mail_t)
cron_dontaudit_write_pipes(system_mail_t)
cron_rw_system_job_stream_sockets(system_mail_t)
cron_rw_inherited_spool_files(system_mail_t)
cron_rw_inherited_user_spool_files(system_mail_t)
')
optional_policy(`
courier_manage_spool_dirs(system_mail_t)
courier_manage_spool_files(system_mail_t)
courier_rw_spool_pipes(system_mail_t)
')
optional_policy(`
cvs_read_data(system_mail_t)
')
optional_policy(`
fail2ban_append_log(system_mail_t)
fail2ban_dontaudit_leaks(system_mail_t)
')
optional_policy(`
logrotate_read_tmp_files(system_mail_t)
')
optional_policy(`
logwatch_read_tmp_files(system_mail_t)
')
optional_policy(`
# newaliases runs as system_mail_t when the sendmail initscript does a restart
milter_getattr_all_sockets(system_mail_t)
')
optional_policy(`
munin_dontaudit_leaks(system_mail_t)
')
optional_policy(`
nagios_read_tmp_files(system_mail_t)
')
optional_policy(`
manage_dirs_pattern(system_mail_t, etc_aliases_t, etc_aliases_t)
manage_files_pattern(system_mail_t, etc_aliases_t, etc_aliases_t)
manage_lnk_files_pattern(system_mail_t, etc_aliases_t, etc_aliases_t)
manage_fifo_files_pattern(system_mail_t, etc_aliases_t, etc_aliases_t)
manage_sock_files_pattern(system_mail_t, etc_aliases_t, etc_aliases_t)
files_etc_filetrans(system_mail_t, etc_aliases_t, { file lnk_file sock_file fifo_file })
domain_use_interactive_fds(system_mail_t)
')
optional_policy(`
qmail_domtrans_inject(system_mail_t)
')
optional_policy(`
sxid_read_log(system_mail_t)
')
optional_policy(`
userdom_dontaudit_use_user_ptys(system_mail_t)
optional_policy(`
cron_dontaudit_append_system_job_tmp_files(system_mail_t)
')
')
optional_policy(`
spamd_stream_connect(system_mail_t)
')
optional_policy(`
smartmon_read_tmp_files(system_mail_t)
')
# should break this up among sections:
optional_policy(`
# why is mail delivered to a directory of type arpwatch_data_t?
arpwatch_search_data(mailserver_delivery)
arpwatch_manage_tmp_files(mta_user_agent)
ifdef(`hide_broken_symptoms',`
arpwatch_dontaudit_rw_packet_sockets(mta_user_agent)
')
optional_policy(`
cron_read_system_job_tmp_files(mta_user_agent)
')
')
########################################
#
# Mailserver delivery local policy
#
allow mailserver_delivery mail_spool_t:dir list_dir_perms;
create_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
read_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
append_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
create_lnk_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
read_lnk_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
userdom_search_admin_dir(mailserver_delivery)
read_files_pattern(mailserver_delivery, mail_home_t, mail_home_t)
read_files_pattern(mailserver_delivery, system_mail_tmp_t, system_mail_tmp_t)
tunable_policy(`use_samba_home_dirs',`
fs_manage_cifs_dirs(mailserver_delivery)
fs_manage_cifs_files(mailserver_delivery)
fs_manage_cifs_symlinks(mailserver_delivery)
')
tunable_policy(`use_nfs_home_dirs',`
fs_manage_nfs_dirs(mailserver_delivery)
fs_manage_nfs_files(mailserver_delivery)
fs_manage_nfs_symlinks(mailserver_delivery)
')
optional_policy(`
dovecot_manage_spool(mailserver_delivery)
dovecot_domtrans_deliver(mailserver_delivery)
')
optional_policy(`
# so MTA can access /var/lib/mailman/mail/wrapper
files_search_var_lib(mailserver_delivery)
mailman_domtrans(mailserver_delivery)
mailman_read_data_symlinks(mailserver_delivery)
')
optional_policy(`
uucp_domtrans_uux(mailserver_delivery)
')
########################################
#
# User send mail local policy
#
domain_use_interactive_fds(user_mail_t)
userdom_use_user_terminals(user_mail_t)
# Write to the user domain tty. cjp: why?
userdom_use_user_terminals(mta_user_agent)
# Create dead.letter in user home directories.
userdom_manage_user_home_content_files(user_mail_t)
userdom_user_home_dir_filetrans_user_home_content(user_mail_t, file)
# for reading .forward - maybe we need a new type for it?
# also for delivering mail to maildir
userdom_manage_user_home_content_dirs(mailserver_delivery)
userdom_manage_user_home_content_files(mailserver_delivery)
userdom_manage_user_home_content_symlinks(mailserver_delivery)
userdom_manage_user_home_content_pipes(mailserver_delivery)
userdom_manage_user_home_content_sockets(mailserver_delivery)
userdom_user_home_dir_filetrans_user_home_content(mailserver_delivery, { dir file lnk_file fifo_file sock_file })
# Read user temporary files.
userdom_read_user_tmp_files(user_mail_t)
userdom_dontaudit_append_user_tmp_files(user_mail_t)
# cjp: this should probably be read all user tmp
# files in an appropriate place for mta_user_agent
userdom_read_user_tmp_files(mta_user_agent)
tunable_policy(`use_samba_home_dirs',`
fs_manage_cifs_files(user_mail_t)
fs_manage_cifs_symlinks(user_mail_t)
')
optional_policy(`
allow user_mail_t self:capability dac_override;
# Read user temporary files.
# postfix seems to need write access if the file handle is opened read/write
userdom_rw_user_tmp_files(user_mail_t)
postfix_read_config(user_mail_t)
postfix_list_spool(user_mail_t)
')
########################################
#
# Comman user_mail_domain policy
#
allow user_mail_domain self:fifo_file rw_fifo_file_perms;
allow user_mail_domain mta_exec_type:file entrypoint;
read_files_pattern(user_mail_domain, etc_aliases_t, etc_aliases_t)
can_exec(user_mail_domain, mta_exec_type)
allow system_mail_t user_mail_domain:file read_file_perms;
read_files_pattern(user_mail_domain, etc_mail_t, etc_mail_t)
kernel_read_system_state(user_mail_domain)
kernel_read_network_state(user_mail_domain)
kernel_request_load_module(user_mail_domain)
optional_policy(`
# postfix needs this for newaliases
files_getattr_tmp_dirs(user_mail_domain)
postfix_exec_master(user_mail_domain)
postfix_read_config(user_mail_domain)
postfix_search_spool(user_mail_domain)
ifdef(`distro_redhat',`
# compatability for old default main.cf
postfix_config_filetrans(user_mail_domain, etc_aliases_t, { dir file lnk_file sock_file fifo_file })
')
')
optional_policy(`
exim_domtrans(user_mail_domain)
exim_manage_log(user_mail_domain)
')