diff options
| author |   Russell Coker <russell@coker.com.au> | 2019-01-04 18:54:22 +1100 |
|---|---|---|
| committer |   Jason Zaman <jason@perfinion.com> | 2019-02-10 12:11:25 +0800 |
| commit | ec798c0736cdc0fff36f86c2cb7acb01e488e781 (patch) | |
| tree | 067be4f90916e2ac358f0b7283157c8fc5e82d25 /policy/modules/services/postfix.te | |
| parent | systemd: allow systemd-logind to use getutxent() (diff) | |
| download | hardened-refpolicy-ec798c0736cdc0fff36f86c2cb7acb01e488e781.tar.gz hardened-refpolicy-ec798c0736cdc0fff36f86c2cb7acb01e488e781.tar.bz2 hardened-refpolicy-ec798c0736cdc0fff36f86c2cb7acb01e488e781.zip | |
systemd misc
This patch has policy changes related to systemd and the systemd versions
of system programs.
Also has some dbus policy which probably isn't strictly a systemd thing, but it
all came at the same time.
Signed-off-by: Jason Zaman <jason@perfinion.com>
Diffstat (limited to 'policy/modules/services/postfix.te')
| -rw-r--r-- | policy/modules/services/postfix.te | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te index 15b717324..d0a3cd75d 100644 --- a/policy/modules/services/postfix.te +++ b/policy/modules/services/postfix.te @@ -347,6 +347,12 @@ optional_policy(` ') optional_policy(` + dbus_send_system_bus(postfix_master_t) + dbus_system_bus_client(postfix_master_t) + init_dbus_chat(postfix_master_t) +') + +optional_policy(` sendmail_signal(postfix_master_t) ') @@ -376,6 +382,10 @@ optional_policy(` init_dbus_chat(postfix_bounce_t) ') +optional_policy(` + dbus_system_bus_client(postfix_bounce_t) +') + ######################################## # # Cleanup local policy @@ -420,6 +430,12 @@ optional_policy(` mailman_read_data_files(postfix_cleanup_t) ') +optional_policy(` + dbus_send_system_bus(postfix_cleanup_t) + dbus_system_bus_client(postfix_cleanup_t) + init_dbus_chat(postfix_cleanup_t) +') + ######################################## # # Local local policy @@ -561,6 +577,11 @@ delete_files_pattern(postfix_pickup_t, postfix_spool_maildrop_t, postfix_spool_m mcs_file_read_all(postfix_pickup_t) mcs_file_write_all(postfix_pickup_t) +optional_policy(` + dbus_system_bus_client(postfix_pickup_t) + init_dbus_chat(postfix_pickup_t) +') + ######################################## # # Pipe local policy @@ -708,6 +729,12 @@ files_spool_filetrans(postfix_qmgr_t, postfix_spool_t, dir) corecmd_exec_bin(postfix_qmgr_t) +optional_policy(` + dbus_send_system_bus(postfix_qmgr_t) + dbus_system_bus_client(postfix_qmgr_t) + init_dbus_chat(postfix_qmgr_t) +') + ######################################## # # Showq local policy @@ -786,6 +813,12 @@ mta_read_aliases(postfix_smtpd_t) mta_map_aliases(postfix_smtpd_t) optional_policy(` + dbus_send_system_bus(postfix_smtp_t) + dbus_system_bus_client(postfix_smtp_t) + init_dbus_chat(postfix_smtp_t) +') + +optional_policy(` dovecot_stream_connect_auth(postfix_smtpd_t) dovecot_stream_connect(postfix_smtpd_t) ') |