myexim01.te contents: Does it look ok?
Daniel J Walsh
dwalsh at redhat.com
Mon Oct 27 18:44:44 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frank Murphy wrote:
> Scenario
> Rebuilt server fresh F8 install then yum update.
>
> Below follows myexim01.te
> Original AVC(s) can be included if necessary.
> ======================================================
>
> module myexim01 1.0;
>
> require {
> type system_crond_t;
> type system_mail_t;
> type system_crond_var_run_t;
> type audisp_t;
> type system_mail_tmp_t;
> type exim_t;
> class capability sys_nice;
> class fifo_file getattr;
> class file { read append };
> }
>
> #============= audisp_t ==============
> allow audisp_t self:capability sys_nice;
>
> #============= exim_t ==============
> allow exim_t system_crond_t:fifo_file getattr;
> allow exim_t system_mail_tmp_t:file read;
>
> #============= system_mail_t ==============
> allow system_mail_t system_crond_var_run_t:file append;
>
>
> =========================================================
>
> Frank
>
Yes these look fine.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEUEARECAAYFAkkGDBwACgkQrlYvE4MpobNUOQCYs8JK1EKEW4viLNuOG6rF7MQ5
8QCcDoovylUo21/u71VNlJAt1WR5ST0=
=PC3f
-----END PGP SIGNATURE-----
More information about the selinux
mailing list