[selinux-policy: 863/3172] Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail proces
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:19:41 UTC 2010
commit f13da83f992d0b2ac5f65654ad07286ce0f98399
Author: Don Miner <dminer at tresys.com>
Date: Wed Oct 26 18:31:09 2005 +0000
Added search and getattr permissions to etc_mail_t dir for system_mail_t so that the sendmail process would be able to start through init
refpolicy/policy/modules/services/mta.te | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/services/mta.te b/refpolicy/policy/modules/services/mta.te
index 9e82279..7d78871 100644
--- a/refpolicy/policy/modules/services/mta.te
+++ b/refpolicy/policy/modules/services/mta.te
@@ -50,6 +50,7 @@ allow system_mail_t self:capability { setuid setgid chown };
allow system_mail_t self:process { signal_perms setrlimit };
allow system_mail_t self:tcp_socket create_socket_perms;
+allow system_mail_t etc_mail_t:dir { getattr search };
allow system_mail_t etc_mail_t:file r_file_perms;
# re-exec itself
More information about the scm-commits
mailing list