Allow postfix_master_t to bind tcp sockets to smtp_beforequeue_port_t, and allow it
to send and receive smtp before queue content filter server packets.
Remove policy that allow postfix_master_t to bind tcp sockets to amavisd_send_port_t, and
remove policy that allows it to send and receive avamisd send server packets. The amavisd_port_t
port type is replaced by the smtp_beforequeue_port_t port type.
Signed-off-by: Dominick Grift <[email protected]>
---
:100644 100644 70acaff... bd48fd9... M policy/modules/services/postfix.te
policy/modules/services/postfix.te | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te
index 70acaff..bd48fd9 100644
--- a/policy/modules/services/postfix.te
+++ b/policy/modules/services/postfix.te
@@ -154,10 +154,10 @@ corenet_udp_sendrecv_generic_node(postfix_master_t)
corenet_tcp_sendrecv_all_ports(postfix_master_t)
corenet_udp_sendrecv_all_ports(postfix_master_t)
corenet_tcp_bind_generic_node(postfix_master_t)
-corenet_tcp_bind_amavisd_send_port(postfix_master_t)
+corenet_tcp_bind_smtp_beforequeue_port(postfix_master_t)
corenet_tcp_bind_smtp_port(postfix_master_t)
corenet_tcp_connect_all_ports(postfix_master_t)
-corenet_sendrecv_amavisd_send_server_packets(postfix_master_t)
+corenet_sendrecv_smtp_beforequeue_server_packets(postfix_master_t)
corenet_sendrecv_smtp_server_packets(postfix_master_t)
corenet_sendrecv_all_client_packets(postfix_master_t)
--
1.7.0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100427/68f3e3e3/attachment.bin