Merge pull request #300 from cgzones/macro

postfixpolicyd: split multi-class rule
2020-08-26 15:29:52 -04:00 · 2020-08-26 15:29:52 -04:00 · d655ae7afa
commit d655ae7afa
parent bdb9ffd00e 850fefc626
1 changed files with 2 additions and 1 deletions
--- a/policy/modules/services/postfixpolicyd.te
+++ b/policy/modules/services/postfixpolicyd.te
@ -37,7 +37,8 @@ allow postfix_policyd_t postfix_policyd_conf_t:lnk_file read_lnk_file_perms;
 manage_files_pattern(postfix_policyd_t, postfix_policyd_runtime_t, postfix_policyd_runtime_t)
 files_runtime_filetrans(postfix_policyd_t, postfix_policyd_runtime_t, file)

-allow postfix_policyd_t postfix_policyd_tmp_t:{ file sock_file } manage_file_perms;
+allow postfix_policyd_t postfix_policyd_tmp_t:file manage_file_perms;
+allow postfix_policyd_t postfix_policyd_tmp_t:sock_file manage_sock_file_perms;
 files_tmp_filetrans(postfix_policyd_t, postfix_policyd_tmp_t, { file sock_file })

 kernel_search_network_sysctl(postfix_policyd_t)