From: dac.override@gmail.com (Dominick Grift)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [PATCH 1/6] Courier TCPd startup creates imapd.pid.lock and imapd.lock
Date: Tue, 30 Dec 2014 21:44:37 +0100 [thread overview]
Message-ID: <20141230204437.GA12724@bigboy.network2> (raw)
In-Reply-To: <1419970899-19892-2-git-send-email-sven.vermeulen@siphos.be>
On Tue, Dec 30, 2014 at 09:21:34PM +0100, Sven Vermeulen wrote:
> Startup of courier-imapd creates /var/run/imapd.pid.lock and imapd.lock
>
> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
> ---
> courier.te | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/courier.te b/courier.te
> index ae3bc70..112a60b 100644
> --- a/courier.te
> +++ b/courier.te
> @@ -172,6 +172,8 @@ corenet_tcp_sendrecv_pop_port(courier_tcpd_t)
> dev_read_rand(courier_tcpd_t)
> dev_read_urand(courier_tcpd_t)
>
> +files_pid_filetrans(courier_tcpd_t, courier_var_run_t, file)
Then this should probably go with a file context specification for /var/run/imapd.pid.lock and /var/run/imapd.lock
Could you enclose those as part of this patch if there are none for the above locations already (i could not find them in courier.fc)
> +
> miscfiles_read_localization(courier_tcpd_t)
>
> ########################################
> --
> 2.0.5
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
--
Dominick Grift
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 648 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20141230/22ac2530/attachment.bin
next prev parent reply other threads:[~2014-12-30 20:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-30 20:21 [refpolicy] [PATCH 0/6] Courier IMAPd related policy changes Sven Vermeulen
2014-12-30 20:21 ` [refpolicy] [PATCH 1/6] Courier TCPd startup creates imapd.pid.lock and imapd.lock Sven Vermeulen
2014-12-30 20:44 ` Dominick Grift [this message]
2014-12-30 20:21 ` [refpolicy] [PATCH 2/6] Locate authdaemon socket and communicate with authdaemon Sven Vermeulen
2014-12-30 20:47 ` Dominick Grift
2014-12-31 16:04 ` Sven Vermeulen
2014-12-30 20:21 ` [refpolicy] [PATCH 3/6] Allow authdaemon to access selinux fs to check SELinux state Sven Vermeulen
2014-12-30 20:21 ` [refpolicy] [PATCH 4/6] Grant setuid/setgid to courier_pop_t Sven Vermeulen
2014-12-30 20:21 ` [refpolicy] [PATCH 5/6] Execute courier helper script after authentication Sven Vermeulen
2014-12-30 20:21 ` [refpolicy] [PATCH 6/6] Courier IMAP needs to manage the users' maildir Sven Vermeulen
2014-12-30 20:54 ` Dominick Grift
2014-12-31 16:09 ` Sven Vermeulen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141230204437.GA12724@bigboy.network2 \
--to=dac.override@gmail.com \
--cc=refpolicy@oss.tresys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.