From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 30 Jun 2009 15:53:48 -0400
Subject: [refpolicy] services_dovecot.patch
In-Reply-To: <1246390147.2276.213.camel@gorn>
References: <4A2DAD4C.2060308@redhat.com> <1246390147.2276.213.camel@gorn>
Message-ID: <4A4A6D4C.5010304@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/30/2009 03:29 PM, Christopher J. PeBenito wrote:
> On Mon, 2009-06-08 at 20:31 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_dovecot.patch
>>
>> Add context for dovecot init script
>>
>> policy to cover dovecot/deliver executable
>>
>> Dovecot uses kerberos templates.
>>
>> Dovecot_auth neesds chown and dac_override
>>
>> dovecot auth creates /tmp files
>>
>> Uses var_run and connects to the auth_stream
>>
>> Sends audit and syslog messages
>
> Merged.  Now that there is a deliver domain, can the userdom_* calls be
> removed from the main dovecot_t ddomain?
>
Probably.