During startup, authdaemon creates /var/lib/courier/authdaemon and creates
a socket for communication with courier imapd and pop3d daemons
Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/services/courier.te | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
index 55d64bc..877bab8 100644
--- a/policy/modules/services/courier.te
+++ b/policy/modules/services/courier.te
@@ -52,7 +52,9 @@ allow courier_authdaemon_t courier_tcpd_t:fd use;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
+manage_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
manage_sock_files_pattern(courier_authdaemon_t, courier_spool_t, courier_spool_t)
+manage_sock_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
files_search_spool(courier_authdaemon_t)
corecmd_search_bin(courier_authdaemon_t)
--
1.7.3.4
On 03/09/11 16:07, Sven Vermeulen wrote:
> During startup, authdaemon creates /var/lib/courier/authdaemon and creates
> a socket for communication with courier imapd and pop3d daemons
>
> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/services/courier.te | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
> index 55d64bc..877bab8 100644
> --- a/policy/modules/services/courier.te
> +++ b/policy/modules/services/courier.te
> @@ -52,7 +52,9 @@ allow courier_authdaemon_t courier_tcpd_t:fd use;
> allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
> allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
>
> +manage_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
It sounds like this should be create_dirs_pattern instead.
> manage_sock_files_pattern(courier_authdaemon_t, courier_spool_t, courier_spool_t)
> +manage_sock_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
> files_search_spool(courier_authdaemon_t)
>
> corecmd_search_bin(courier_authdaemon_t)
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com
On Tue, Mar 22, 2011 at 08:44:49AM -0400, Christopher J. PeBenito wrote:
> > +manage_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
>
> It sounds like this should be create_dirs_pattern instead.
Indeed, create_dirs_pattern is sufficient here. Retry ;-)
During startup, authdaemon creates /var/lib/courier/authdaemon and creates a
socket for communication with courier imapd and pop3d daemons.
Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/services/courier.te | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
index 7e7444c..23ddb7d 100644
--- a/policy/modules/services/courier.te
+++ b/policy/modules/services/courier.te
@@ -52,7 +52,9 @@ allow courier_authdaemon_t courier_tcpd_t:fd use;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
+create_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
manage_sock_files_pattern(courier_authdaemon_t, courier_spool_t, courier_spool_t)
+manage_sock_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
files_search_spool(courier_authdaemon_t)
corecmd_search_bin(courier_authdaemon_t)
--
1.7.3.4
On 05/02/11 16:22, Sven Vermeulen wrote:
> On Tue, Mar 22, 2011 at 08:44:49AM -0400, Christopher J. PeBenito wrote:
>>> +manage_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
>>
>> It sounds like this should be create_dirs_pattern instead.
>
> Indeed, create_dirs_pattern is sufficient here. Retry ;-)
>
> During startup, authdaemon creates /var/lib/courier/authdaemon and creates a
> socket for communication with courier imapd and pop3d daemons.
Merged.
> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/services/courier.te | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
> index 7e7444c..23ddb7d 100644
> --- a/policy/modules/services/courier.te
> +++ b/policy/modules/services/courier.te
> @@ -52,7 +52,9 @@ allow courier_authdaemon_t courier_tcpd_t:fd use;
> allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
> allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
>
> +create_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
> manage_sock_files_pattern(courier_authdaemon_t, courier_spool_t, courier_spool_t)
> +manage_sock_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
> files_search_spool(courier_authdaemon_t)
>
> corecmd_search_bin(courier_authdaemon_t)
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com