From: russell@coker.com.au (Russell Coker)
Date: Fri, 12 Apr 2013 13:39:15 +1000
Subject: [refpolicy] [PATCH 09/13] Postfix creates defer(red) queue
	locations
In-Reply-To: <1365669283-22005-10-git-send-email-sven.vermeulen@siphos.be>
References: <1365669283-22005-1-git-send-email-sven.vermeulen@siphos.be>
	<1365669283-22005-10-git-send-email-sven.vermeulen@siphos.be>
Message-ID: <201304121339.15850.russell@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, 11 Apr 2013, Sven Vermeulen <sven.vermeulen@siphos.be> wrote:
> At startup, the Postfix daemon will check if the defer and deferred queues
> are available. If not, it will create them. Introduce the proper file
> transitions to support this.

If you are going to assign a new type for the defer/deferred directories then 
is the maildrop name the correct one?  Those directories aren't for mail 
storage and the file contents are different to that which is used by programs 
such as maildrop.

It's always been postfix_spool_t for those directories, why do we need to 
change this?

> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
> ---
>  postfix.te | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/postfix.te b/postfix.te
> index 3f45a93..069bc2e 100644
> --- a/postfix.te
> +++ b/postfix.te
> @@ -244,6 +244,8 @@ create_dirs_pattern(postfix_master_t, postfix_spool_t,
> postfix_spool_maildrop_t) delete_files_pattern(postfix_master_t,
> postfix_spool_maildrop_t, postfix_spool_maildrop_t)
> rename_files_pattern(postfix_master_t, postfix_spool_maildrop_t,
> postfix_spool_maildrop_t) setattr_dirs_pattern(postfix_master_t,
> postfix_spool_maildrop_t, postfix_spool_maildrop_t)
> +filetrans_pattern(postfix_master_t, postfix_spool_t,
> postfix_spool_maildrop_t, dir, "defer")
> +filetrans_pattern(postfix_master_t, postfix_spool_t,
> postfix_spool_maildrop_t, dir, "deferred")
> filetrans_pattern(postfix_master_t, postfix_spool_t,
> postfix_spool_maildrop_t, dir, "maildrop")
> 
>  create_dirs_pattern(postfix_master_t, postfix_spool_t, postfix_var_run_t)


-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/