RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow socket creation for imapd/pop3d communication 

On Tue, Mar 22, 2011 at 08:44:49AM -0400, Christopher J. PeBenito wrote:
> > +manage_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
>
> It sounds like this should be create_dirs_pattern instead.

Indeed, create_dirs_pattern is sufficient here. Retry ;-)

During startup, authdaemon creates /var/lib/courier/authdaemon and creates a
socket for communication with courier imapd and pop3d daemons.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
This commit is contained in:
Sven Vermeulen 2011-05-02 22:22:13 +02:00 committed by Chris PeBenito
parent d5048bc791
commit 8a58ccee23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/services/courier.te
View File

@ -52,7 +52,9 @@ allow courier_authdaemon_t courier_tcpd_t:fd use;
allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
create_dirs_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
manage_sock_files_pattern(courier_authdaemon_t, courier_spool_t, courier_spool_t)
manage_sock_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
files_search_spool(courier_authdaemon_t)
corecmd_search_bin(courier_authdaemon_t)