From: domg472@gmail.com (Dominick Grift) Date: Tue, 27 Apr 2010 13:58:55 +0200 Subject: [refpolicy] [ Implement ClamSMTPd policy. 5/5] Allow postfix_master_t to bind tcp sockets to smtp_beforequeue_port_t. Message-ID: <20100427115853.GA337@localhost.localdomain> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Allow postfix_master_t to bind tcp sockets to smtp_beforequeue_port_t, and allow it to send and receive smtp before queue content filter server packets. Remove policy that allow postfix_master_t to bind tcp sockets to amavisd_send_port_t, and remove policy that allows it to send and receive avamisd send server packets. The amavisd_port_t port type is replaced by the smtp_beforequeue_port_t port type. Signed-off-by: Dominick Grift --- :100644 100644 70acaff... bd48fd9... M policy/modules/services/postfix.te policy/modules/services/postfix.te | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te index 70acaff..bd48fd9 100644 --- a/policy/modules/services/postfix.te +++ b/policy/modules/services/postfix.te @@ -154,10 +154,10 @@ corenet_udp_sendrecv_generic_node(postfix_master_t) corenet_tcp_sendrecv_all_ports(postfix_master_t) corenet_udp_sendrecv_all_ports(postfix_master_t) corenet_tcp_bind_generic_node(postfix_master_t) -corenet_tcp_bind_amavisd_send_port(postfix_master_t) +corenet_tcp_bind_smtp_beforequeue_port(postfix_master_t) corenet_tcp_bind_smtp_port(postfix_master_t) corenet_tcp_connect_all_ports(postfix_master_t) -corenet_sendrecv_amavisd_send_server_packets(postfix_master_t) +corenet_sendrecv_smtp_beforequeue_server_packets(postfix_master_t) corenet_sendrecv_smtp_server_packets(postfix_master_t) corenet_sendrecv_all_client_packets(postfix_master_t) -- 1.7.0.1 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100427/68f3e3e3/attachment.bin