http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dovecot.patch
Add context for dovecot init script
policy to cover dovecot/deliver executable
Dovecot uses kerberos templates.
Dovecot_auth neesds chown and dac_override
dovecot auth creates /tmp files
Uses var_run and connects to the auth_stream
Sends audit and syslog messages
On Mon, 2009-06-08 at 20:31 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dovecot.patch
>
> Add context for dovecot init script
>
> policy to cover dovecot/deliver executable
>
> Dovecot uses kerberos templates.
>
> Dovecot_auth neesds chown and dac_override
>
> dovecot auth creates /tmp files
>
> Uses var_run and connects to the auth_stream
>
> Sends audit and syslog messages
Merged. Now that there is a deliver domain, can the userdom_* calls be
removed from the main dovecot_t ddomain?
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 06/30/2009 03:29 PM, Christopher J. PeBenito wrote:
> On Mon, 2009-06-08 at 20:31 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dovecot.patch
>>
>> Add context for dovecot init script
>>
>> policy to cover dovecot/deliver executable
>>
>> Dovecot uses kerberos templates.
>>
>> Dovecot_auth neesds chown and dac_override
>>
>> dovecot auth creates /tmp files
>>
>> Uses var_run and connects to the auth_stream
>>
>> Sends audit and syslog messages
>
> Merged. Now that there is a deliver domain, can the userdom_* calls be
> removed from the main dovecot_t ddomain?
>
Probably.