[selinux-policy: 2930/3172] amavis patch from Dan Walsh
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:20:59 UTC 2010
commit b8097d6ec4c8a75ed7684810510bb3dcd4d44a03
Author: Jeremy Solt <jsolt at tresys.com>
Date: Mon Aug 30 09:50:15 2010 -0400
amavis patch from Dan Walsh
policy/modules/services/amavis.if | 4 ++--
policy/modules/services/amavis.te | 3 ++-
2 files changed, 4 insertions(+), 3 deletions(-)
---
diff --git a/policy/modules/services/amavis.if b/policy/modules/services/amavis.if
index adb3d5f..ceb2142 100644
--- a/policy/modules/services/amavis.if
+++ b/policy/modules/services/amavis.if
@@ -56,7 +56,7 @@ interface(`amavis_read_spool_files',`
')
files_search_spool($1)
- allow $1 amavis_spool_t:file read_file_perms;
+ read_files_pattern($1, amavis_spool_t, amavis_spool_t)
')
########################################
@@ -208,7 +208,7 @@ interface(`amavis_create_pid_files',`
########################################
## <summary>
-## All of the rules required to administrate
+## All of the rules required to administrate
## an amavis environment
## </summary>
## <param name="domain">
diff --git a/policy/modules/services/amavis.te b/policy/modules/services/amavis.te
index 3e8002a..c3a1903 100644
--- a/policy/modules/services/amavis.te
+++ b/policy/modules/services/amavis.te
@@ -92,9 +92,10 @@ manage_sock_files_pattern(amavis_t, amavis_var_log_t, amavis_var_log_t)
logging_log_filetrans(amavis_t, amavis_var_log_t, { sock_file file dir })
# pid file
+manage_dirs_pattern(amavis_t, amavis_var_run_t, amavis_var_run_t)
manage_files_pattern(amavis_t, amavis_var_run_t, amavis_var_run_t)
manage_sock_files_pattern(amavis_t, amavis_var_run_t, amavis_var_run_t)
-files_pid_filetrans(amavis_t, amavis_var_run_t, { file sock_file })
+files_pid_filetrans(amavis_t, amavis_var_run_t, { dir file sock_file })
kernel_read_kernel_sysctls(amavis_t)
# amavis tries to access /proc/self/stat, /etc/shadow and /root - perl...
More information about the scm-commits
mailing list