diff options
Diffstat (limited to 'sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch')
| -rw-r--r-- | sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch b/sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch deleted file mode 100644 index df3af68576c0..000000000000 --- a/sec-policy/selinux-postfix/files/fix-services-postfix-r2.patch +++ /dev/null @@ -1,76 +0,0 @@ ---- services/postfix.te 2010-08-03 15:11:07.000000000 +0200 -+++ services/postfix.te 2011-03-13 16:04:36.436999999 +0100 -@@ -93,7 +93,7 @@ - # - - # chown is to set the correct ownership of queue dirs --allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config }; -+allow postfix_master_t self:capability { chown dac_override kill setgid setuid net_bind_service sys_tty_config dac_read_search }; - allow postfix_master_t self:fifo_file rw_fifo_file_perms; - allow postfix_master_t self:tcp_socket create_stream_socket_perms; - allow postfix_master_t self:udp_socket create_socket_perms; -@@ -201,6 +201,9 @@ - - optional_policy(` - mysql_stream_connect(postfix_master_t) -+ mysql_stream_connect(postfix_cleanup_t) -+ mysql_stream_connect(postfix_local_t) -+ mysql_stream_connect(postfix_virtual_t) - ') - - optional_policy(` -@@ -589,6 +592,7 @@ - # for OpenSSL certificates - files_read_usr_files(postfix_smtpd_t) - mta_read_aliases(postfix_smtpd_t) -+mta_read_config(postfix_smtpd_t) - - optional_policy(` - dovecot_stream_connect_auth(postfix_smtpd_t) ---- services/postfix.fc 2010-08-03 15:11:07.000000000 +0200 -+++ services/postfix.fc 2011-03-13 15:54:11.765000000 +0100 -@@ -16,20 +16,21 @@ - /usr/libexec/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) - /usr/libexec/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) - ', ` --/usr/lib/postfix/.* -- gen_context(system_u:object_r:postfix_exec_t,s0) --/usr/lib/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0) --/usr/lib/postfix/local -- gen_context(system_u:object_r:postfix_local_exec_t,s0) --/usr/lib/postfix/master -- gen_context(system_u:object_r:postfix_master_exec_t,s0) --/usr/lib/postfix/pickup -- gen_context(system_u:object_r:postfix_pickup_exec_t,s0) --/usr/lib/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0) --/usr/lib/postfix/showq -- gen_context(system_u:object_r:postfix_showq_exec_t,s0) --/usr/lib/postfix/smtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/lmtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/scache -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) --/usr/lib/postfix/smtpd -- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0) --/usr/lib/postfix/bounce -- gen_context(system_u:object_r:postfix_bounce_exec_t,s0) --/usr/lib/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) --/usr/lib/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) -+/usr/lib(64)?/postfix/.* -- gen_context(system_u:object_r:postfix_exec_t,s0) -+/usr/lib(64)?/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0) -+/usr/lib(64)?/postfix/local -- gen_context(system_u:object_r:postfix_local_exec_t,s0) -+/usr/lib(64)?/postfix/master -- gen_context(system_u:object_r:postfix_master_exec_t,s0) -+/usr/lib(64)?/postfix/pickup -- gen_context(system_u:object_r:postfix_pickup_exec_t,s0) -+/usr/lib(64)?/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0) -+/usr/lib(64)?/postfix/showq -- gen_context(system_u:object_r:postfix_showq_exec_t,s0) -+/usr/lib(64)?/postfix/smtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/lmtp -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/scache -- gen_context(system_u:object_r:postfix_smtp_exec_t,s0) -+/usr/lib(64)?/postfix/smtpd -- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0) -+/usr/lib(64)?/postfix/bounce -- gen_context(system_u:object_r:postfix_bounce_exec_t,s0) -+/usr/lib(64)?/postfix/pipe -- gen_context(system_u:object_r:postfix_pipe_exec_t,s0) -+/usr/lib(64)?/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0) -+/usr/lib(64)?/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0) - ') - /etc/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0) - /etc/postfix/prng_exch -- gen_context(system_u:object_r:postfix_prng_t,s0) -@@ -48,7 +49,7 @@ - - /var/spool/postfix(/.*)? gen_context(system_u:object_r:postfix_spool_t,s0) - /var/spool/postfix/maildrop(/.*)? gen_context(system_u:object_r:postfix_spool_maildrop_t,s0) --/var/spool/postfix/pid/.* gen_context(system_u:object_r:postfix_var_run_t,s0) -+/var/spool/postfix/pid(/.*)? gen_context(system_u:object_r:postfix_var_run_t,s0) - /var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0) - /var/spool/postfix/public(/.*)? gen_context(system_u:object_r:postfix_public_t,s0) - /var/spool/postfix/bounce(/.*)? gen_context(system_u:object_r:postfix_spool_bounce_t,s0) |