Allow authdaemon to create unix_stream_sockets

The authdaemon needs the create_stream_socket_perms privs in order to be able to start up.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
This commit is contained in:
Sven Vermeulen 2011-03-09 22:06:21 +01:00 committed by Chris PeBenito
parent 1b35a7c3be
commit 3db4e7fb5a

View File

@ -37,7 +37,7 @@ typealias courier_sqwebmail_exec_t alias sqwebmail_cron_exec_t;
# #
allow courier_authdaemon_t self:capability { setuid setgid sys_tty_config }; allow courier_authdaemon_t self:capability { setuid setgid sys_tty_config };
allow courier_authdaemon_t self:unix_stream_socket connectto; allow courier_authdaemon_t self:unix_stream_socket { create_stream_socket_perms connectto };
can_exec(courier_authdaemon_t, courier_exec_t) can_exec(courier_authdaemon_t, courier_exec_t)