Gentoo Archives: gentoo-commits

From:	Sven Vermeulen <swift@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:mailinfra commit in: policy/modules/contrib/
Date:	Sun, 24 Aug 2014 08:02:57
Message-Id:	`1408821391.d79c9c8d3840afdece3a9b93b5d426d611e14819.swift@gentoo`

1	commit: d79c9c8d3840afdece3a9b93b5d426d611e14819
2	Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3	AuthorDate: Sat Aug 23 19:16:31 2014 +0000
4	Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
5	CommitDate: Sat Aug 23 19:16:31 2014 +0000
6	URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d79c9c8d
7
8	Use postfix_user_sendmail_privs
9
10	---
11	policy/modules/contrib/mail.te \| 15 +--------------
12	1 file changed, 1 insertion(+), 14 deletions(-)
13
14	diff --git a/policy/modules/contrib/mail.te b/policy/modules/contrib/mail.te
15	index 68af687..aad451d 100644
16	--- a/policy/modules/contrib/mail.te
17	+++ b/policy/modules/contrib/mail.te
18	@@ -68,18 +68,5 @@ miscfiles_read_localization(user_sendmail_t)
19
20	# Postfix implementation specifics
21	ifdef(`use_postfix',`
22	- # TODO Bring this into a postfix_sendmail_privs interface
23	- allow user_sendmail_t self:process { setrlimit };
24	- allow user_sendmail_t self:tcp_socket create_socket_perms;
25	- allow user_sendmail_t self:unix_dgram_socket create_socket_perms;
26	-
27	- kernel_read_network_state(user_sendmail_t)
28	-
29	- auth_use_nsswitch(user_sendmail_t)
30	-
31	- logging_send_syslog_msg(user_sendmail_t)
32	-
33	- postfix_domtrans_postdrop(user_sendmail_t)
34	- postfix_read_config(user_sendmail_t)
35	- postfix_read_spool_files(user_sendmail_t)
36	+ postfix_user_sendmail_privs(user_sendmail_t)
37	')