document postfix templates, remove postfix_public_domain_template()
This commit is contained in:
parent
e58da022e9
commit
e8ffdfc78f
@ -11,12 +11,12 @@ attribute postfix_user_domains;
|
||||
# postfix user domains
|
||||
attribute postfix_user_domtrans;
|
||||
|
||||
postfix_public_domain_template(bounce)
|
||||
postfix_server_domain_template(bounce)
|
||||
|
||||
type postfix_spool_bounce_t;
|
||||
files_type(postfix_spool_bounce_t)
|
||||
|
||||
postfix_public_domain_template(cleanup)
|
||||
postfix_server_domain_template(cleanup)
|
||||
|
||||
type postfix_etc_t;
|
||||
files_type(postfix_etc_t)
|
||||
@ -45,9 +45,9 @@ typealias postfix_master_t alias postfix_t;
|
||||
# generation macro work
|
||||
mta_mailserver(postfix_t,postfix_master_exec_t)
|
||||
|
||||
postfix_public_domain_template(pickup)
|
||||
postfix_server_domain_template(pickup)
|
||||
|
||||
postfix_public_domain_template(pipe)
|
||||
postfix_server_domain_template(pipe)
|
||||
|
||||
postfix_user_domain_template(postdrop)
|
||||
mta_mailserver_user_agent(postfix_postdrop_t)
|
||||
@ -60,7 +60,7 @@ files_type(postfix_private_t)
|
||||
type postfix_prng_t;
|
||||
files_type(postfix_prng_t)
|
||||
|
||||
postfix_public_domain_template(qmgr)
|
||||
postfix_server_domain_template(qmgr)
|
||||
|
||||
postfix_user_domain_template(showq)
|
||||
|
||||
@ -223,6 +223,7 @@ allow postfix_bounce_t self:capability dac_read_search;
|
||||
allow postfix_bounce_t self:tcp_socket create_socket_perms;
|
||||
|
||||
allow postfix_bounce_t postfix_public_t:sock_file write;
|
||||
allow postfix_bounce_t postfix_public_t:dir search;
|
||||
|
||||
allow postfix_bounce_t postfix_spool_t:dir create_dir_perms;
|
||||
allow postfix_bounce_t postfix_spool_t:file create_file_perms;
|
||||
@ -246,6 +247,7 @@ allow postfix_cleanup_t postfix_private_t:sock_file rw_file_perms;
|
||||
|
||||
allow postfix_cleanup_t postfix_public_t:fifo_file rw_file_perms;
|
||||
allow postfix_cleanup_t postfix_public_t:sock_file { getattr write };
|
||||
allow postfix_cleanup_t postfix_public_t:dir search;
|
||||
|
||||
allow postfix_cleanup_t postfix_spool_t:dir create_dir_perms;
|
||||
allow postfix_cleanup_t postfix_spool_t:file create_file_perms;
|
||||
@ -393,6 +395,7 @@ allow postfix_pickup_t postfix_private_t:sock_file write;
|
||||
|
||||
allow postfix_pickup_t postfix_public_t:fifo_file rw_file_perms;
|
||||
allow postfix_pickup_t postfix_public_t:sock_file rw_file_perms;
|
||||
allow postfix_pickup_t postfix_public_t:dir search;
|
||||
|
||||
postfix_list_spool(postfix_pickup_t)
|
||||
allow postfix_pickup_t postfix_spool_maildrop_t:dir rw_dir_perms;
|
||||
@ -410,6 +413,7 @@ allow postfix_pipe_t postfix_private_t:dir search;
|
||||
allow postfix_pipe_t postfix_private_t:sock_file write;
|
||||
|
||||
allow postfix_pipe_t postfix_public_t:fifo_file { getattr write };
|
||||
allow postfix_pipe_t postfix_public_t:dir search;
|
||||
|
||||
allow postfix_pipe_t postfix_spool_t:dir search;
|
||||
allow postfix_pipe_t postfix_spool_t:file rw_file_perms;
|
||||
@ -515,6 +519,7 @@ allow postfix_qmgr_t postfix_private_t:sock_file rw_file_perms;
|
||||
|
||||
allow postfix_qmgr_t postfix_public_t:fifo_file rw_file_perms;
|
||||
allow postfix_qmgr_t postfix_public_t:sock_file write;
|
||||
allow postfix_qmgr_t postfix_public_t:dir search;
|
||||
|
||||
# for /var/spool/postfix/active
|
||||
allow postfix_qmgr_t postfix_spool_t:dir create_dir_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user