From: Diyab <diyab@diyab.net>
To: SELinux <SELinux@tycho.nsa.gov>
Subject: postfix virtual delivery patch
Date: Tue, 23 Sep 2003 23:40:49 -0400 [thread overview]
Message-ID: <3F711241.2020101@diyab.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 532 bytes --]
Attached is a patch to the current selinux userland archive. It adds
two lines into postfix.te to allow virtual domain delivery to work and
one line in postfix.fc to relabel /usr/lib/postfix/virtual.
For some reason when it tries to apply the patch section for
selinux-usr/policy/file_contexts/program/postfix.fc it says that it can
not find the file but if you type in the exact same thing when it
prompts you it will work.
Timothy,
--
I put instant coffee in a microwave and almost went back in time.
-- Steven Wright
[-- Attachment #2: postfix_virtual.diff --]
[-- Type: text/plain, Size: 1375 bytes --]
diff -ur src/policy/domains/program/unused/postfix.te selinux-usr/policy/domains/program/unused/postfix.te
--- src/policy/domains/program/unused/postfix.te 2003-09-23 22:03:57.000000000 -0400
+++ selinux-usr/policy/domains/program/unused/postfix.te 2003-09-23 22:05:29.000000000 -0400
@@ -150,6 +151,9 @@
allow postfix_local_t postfix_public_t:sock_file write;
can_exec(postfix_local_t, shell_exec_t)
+postfix_server_domain(virtual, `, mta_delivery_agent')
+allow postfix_virtual_t postfix_spool_t:file rw_file_perms;
+
define(`postfix_public_domain',`
postfix_server_domain($1)
allow postfix_$1_t postfix_public_t:dir search;
diff -ur src/policy/file_contexts/program/postfix.fc selinux-usr/policy/file_contexts/program/postfix.fc
--- src/policy/file_contexts/program/postfix.fc 2003-09-23 22:03:08.000000000 -0400
+++ selinux-usr/policy/file_contexts/program/postfix.fc 2003-09-23 22:05:02.000000000 -0400
@@ -13,6 +13,7 @@
/usr/lib/postfix/smtpd system_u:object_r:postfix_smtpd_exec_t
/usr/lib/postfix/bounce system_u:object_r:postfix_bounce_exec_t
/usr/lib/postfix/pipe system_u:object_r:postfix_pipe_exec_t
+/usr/lib/postfix/virtual system_u:object_r:postfix_virtual_exec_t
/usr/sbin/postalias system_u:object_r:postfix_master_exec_t
/usr/sbin/postcat system_u:object_r:postfix_master_exec_t
/usr/sbin/postconf system_u:object_r:postfix_master_exec_t
reply other threads:[~2003-09-24 3:40 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F711241.2020101@diyab.net \
--to=diyab@diyab.net \
--cc=SELinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.