---
spamassassin.te | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/spamassassin.te b/spamassassin.te
index 9bc81030..23fa8747 100644
--- a/spamassassin.te
+++ b/spamassassin.te
@@ -553,6 +553,9 @@ optional_policy(`
allow spamd_gpg_t spamd_var_lib_t:file rw_file_perms;
allow spamd_gpg_t spamd_update_tmp_t:file read_file_perms;
+ # fips
+ kernel_search_crypto_sysctls(spamd_gpg_t)
+
domain_use_interactive_fds(spamd_gpg_t)
files_read_etc_files(spamd_gpg_t)
@@ -562,6 +565,7 @@ optional_policy(`
files_search_tmp(spamd_gpg_t)
init_use_fds(spamd_gpg_t)
+ init_rw_inherited_stream_socket(spamd_gpg_t)
miscfiles_read_localization(spamd_gpg_t)
--
2.15.1
On 01/01/2018 06:16 AM, Christian G?ttsche via refpolicy wrote:
> ---
> spamassassin.te | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/spamassassin.te b/spamassassin.te
> index 9bc81030..23fa8747 100644
> --- a/spamassassin.te
> +++ b/spamassassin.te
> @@ -553,6 +553,9 @@ optional_policy(`
> allow spamd_gpg_t spamd_var_lib_t:file rw_file_perms;
> allow spamd_gpg_t spamd_update_tmp_t:file read_file_perms;
>
> + # fips
> + kernel_search_crypto_sysctls(spamd_gpg_t)
This interface doesn't exist.
--
Chris PeBenito