1 |
commit: b1e0a75ca9dd68264191b04214a4e18d4312b8fc |
2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
3 |
AuthorDate: Sun Aug 31 16:04:34 2014 +0000 |
4 |
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com> |
5 |
CommitDate: Sun Aug 31 16:04:34 2014 +0000 |
6 |
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b1e0a75c |
7 |
|
8 |
Move gentoo specifics downward |
9 |
|
10 |
--- |
11 |
policy/modules/contrib/courier.te | 53 ++++++++++++++++++++++++--------------- |
12 |
1 file changed, 33 insertions(+), 20 deletions(-) |
13 |
|
14 |
diff --git a/policy/modules/contrib/courier.te b/policy/modules/contrib/courier.te |
15 |
index 9bd64f5..5660ef5 100644 |
16 |
--- a/policy/modules/contrib/courier.te |
17 |
+++ b/policy/modules/contrib/courier.te |
18 |
@@ -116,10 +116,6 @@ miscfiles_read_localization(courier_authdaemon_t) |
19 |
|
20 |
userdom_dontaudit_search_user_home_dirs(courier_authdaemon_t) |
21 |
|
22 |
-ifdef(`distro_gentoo',` |
23 |
- read_lnk_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t) |
24 |
-') |
25 |
- |
26 |
######################################## |
27 |
# |
28 |
# Calendar (PCP) local policy |
29 |
@@ -148,14 +144,6 @@ miscfiles_read_localization(courier_pop_t) |
30 |
userdom_manage_user_home_content_files(courier_pop_t) |
31 |
userdom_manage_user_home_content_dirs(courier_pop_t) |
32 |
|
33 |
-ifdef(`distro_gentoo',` |
34 |
- files_search_var_lib(courier_pop_t) |
35 |
- search_dirs_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t) |
36 |
- read_lnk_files_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t) |
37 |
- |
38 |
- courier_authdaemon_rw_inherited_stream_sockets(courier_pop_t) |
39 |
-') |
40 |
- |
41 |
######################################## |
42 |
# |
43 |
# TCPd local policy |
44 |
@@ -186,11 +174,6 @@ dev_read_urand(courier_tcpd_t) |
45 |
|
46 |
miscfiles_read_localization(courier_tcpd_t) |
47 |
|
48 |
-ifdef(`distro_gentoo',` |
49 |
- courier_authdaemon_stream_connect(courier_tcpd_t) |
50 |
- courier_domtrans_authdaemon(courier_tcpd_t) |
51 |
-') |
52 |
- |
53 |
######################################## |
54 |
# |
55 |
# Webmail local policy |
56 |
@@ -198,12 +181,42 @@ ifdef(`distro_gentoo',` |
57 |
|
58 |
kernel_read_kernel_sysctls(courier_sqwebmail_t) |
59 |
|
60 |
+optional_policy(` |
61 |
+ cron_system_entry(courier_sqwebmail_t, courier_sqwebmail_exec_t) |
62 |
+') |
63 |
+ |
64 |
ifdef(`distro_gentoo',` |
65 |
+ |
66 |
+ ######################################## |
67 |
+ # |
68 |
+ # Courier authdaemon policy |
69 |
+ # |
70 |
+ read_lnk_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t) |
71 |
+ |
72 |
optional_policy(` |
73 |
mysql_stream_connect(courier_authdaemon_t) |
74 |
') |
75 |
-') |
76 |
|
77 |
-optional_policy(` |
78 |
- cron_system_entry(courier_sqwebmail_t, courier_sqwebmail_exec_t) |
79 |
+ ######################################## |
80 |
+ # |
81 |
+ # Courier imap daemon policy |
82 |
+ # |
83 |
+ |
84 |
+ |
85 |
+ ######################################## |
86 |
+ # |
87 |
+ # Courier pop daemon policy |
88 |
+ # |
89 |
+ files_search_var_lib(courier_pop_t) |
90 |
+ search_dirs_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t) |
91 |
+ read_lnk_files_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t) |
92 |
+ |
93 |
+ courier_authdaemon_rw_inherited_stream_sockets(courier_pop_t) |
94 |
+ |
95 |
+ ######################################## |
96 |
+ # |
97 |
+ # Courier tcpd daemon policy |
98 |
+ # |
99 |
+ courier_authdaemon_stream_connect(courier_tcpd_t) |
100 |
+ courier_domtrans_authdaemon(courier_tcpd_t) |
101 |
') |