selinux-refpolicy/strict/domains/program/fetchmail.te

29 lines
881 B
Plaintext

#DESC fetchmail - remote-mail retrieval utility
#
# Author: Greg Norris <haphazard@kc.rr.com>
# X-Debian-Packages: fetchmail
#
# Note: This policy is only required when running fetchmail in daemon mode.
#################################
#
# Rules for the fetchmail_t domain.
#
daemon_domain(fetchmail);
type fetchmail_etc_t, file_type, sysadmfile;
type fetchmail_uidl_cache_t, file_type, sysadmfile;
# misc. requirements
allow fetchmail_t self:process setrlimit;
# network-related goodies
can_network(fetchmail_t)
allow fetchmail_t self:unix_dgram_socket create_socket_perms;
allow fetchmail_t self:unix_stream_socket create_stream_socket_perms;
# file access
allow fetchmail_t etc_t:file r_file_perms;
allow fetchmail_t fetchmail_etc_t:file r_file_perms;
allow fetchmail_t mail_spool_t:dir search;
file_type_auto_trans(fetchmail_t, mail_spool_t, fetchmail_uidl_cache_t, file)