dovecot 1.0.rc1
Daniel J Walsh
dwalsh at redhat.com
Thu Jul 13 15:34:31 UTC 2006
Paul Howarth wrote:
> New in rc1 is a directory /var/lib/dovecot where the SSL parameters
> files are generated before they are copied to the login directory.
>
> The following additions to policy support this:
>
> ::::::::::::::
> dovecot.fc
> ::::::::::::::
> /var/lib/dovecot(/.*)?
> gen_context(system_u:object_r:dovecot_var_lib_t,s0)
> ::::::::::::::
> dovecot.te
> ::::::::::::::
> policy_module(dovecot, 0.1.4)
>
> ########################################
> #
> # Declarations
> #
>
> require {
> type dovecot_t;
> };
>
> # /var/lib/dovecot holds SSL parameters file
> type dovecot_var_lib_t;
> files_type(dovecot_var_lib_t)
>
> ########################################
> #
> # Local policy
> #
>
> # Allow dovecot to read the routing table (in selinux-policy
> 2.2.43-4.fc5)
> #allow dovecot_t self:netlink_route_socket { r_netlink_socket_perms };
>
> # Allow dovecot to create and read SSL parameters file
> files_search_var_lib(dovecot_t)
> allow dovecot_t dovecot_var_lib_t:dir { rw_dir_perms };
> allow dovecot_t dovecot_var_lib_t:file { manage_file_perms };
>
>
> Paul.
Added to selinux-policy-2.3.2-3
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
More information about the selinux
mailing list