rpms/selinux-policy/F-7 policy-20070501.patch, 1.75, 1.76 selinux-policy.spec, 1.505, 1.506

[Daniel J Walsh (dwalsh)]

Author: dwalsh

Update of /cvs/extras/rpms/selinux-policy/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1174

Modified Files:
	policy-20070501.patch selinux-policy.spec 
Log Message:
* Tue Nov 13 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-57
- Allow dovecot to communicate with postfix_private sockets


policy-20070501.patch:

Index: policy-20070501.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-7/policy-20070501.patch,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -r1.75 -r1.76
--- policy-20070501.patch	12 Nov 2007 23:04:14 -0000	1.75
+++ policy-20070501.patch	13 Nov 2007 21:43:23 -0000	1.76
@@ -5598,7 +5598,7 @@
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-2.6.4/policy/modules/services/dovecot.te
 --- nsaserefpolicy/policy/modules/services/dovecot.te	2007-05-07 14:50:57.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/dovecot.te	2007-11-06 11:00:24.000000000 -0500
++++ serefpolicy-2.6.4/policy/modules/services/dovecot.te	2007-11-13 16:42:56.000000000 -0500
 @@ -15,6 +15,12 @@
  domain_entry_file(dovecot_auth_t,dovecot_auth_exec_t)
  role system_r types dovecot_auth_t;
@@ -5737,7 +5737,7 @@
 +')
 +
 +optional_policy(`
-+	postfix_create_pivate_sockets(dovecot_auth_t)
++	postfix_manage_pivate_sockets(dovecot_auth_t)
 +	postfix_search_spool(dovecot_auth_t)
 +')
 +
@@ -8069,7 +8069,7 @@
  /usr/libexec/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-2.6.4/policy/modules/services/postfix.if
 --- nsaserefpolicy/policy/modules/services/postfix.if	2007-05-07 14:50:57.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/postfix.if	2007-09-26 11:18:04.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/postfix.if	2007-11-13 16:42:47.000000000 -0500
 @@ -41,6 +41,7 @@
  	allow postfix_$1_t self:unix_stream_socket connectto;
  
@@ -8176,7 +8176,7 @@
  ##	Execute postfix user mail programs
  ##	in their respective domains.
  ## </summary>
-@@ -455,3 +509,22 @@
+@@ -455,3 +509,42 @@
  
  	typeattribute $1 postfix_user_domtrans;
  ')
@@ -8199,6 +8199,26 @@
 +	allow $1 postfix_private_t:dir list_dir_perms;
 +	create_sock_files_pattern($1,postfix_private_t,postfix_private_t)
 +')
++
++########################################
++## <summary>
++##	Manage named socket in a postfix private directory.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`postfix_manage_pivate_sockets',`
++	gen_require(`
++		type postfix_private_t;
++	')
++
++	allow $1 postfix_private_t:dir list_dir_perms;
++	manage_sock_files_pattern($1,postfix_private_t,postfix_private_t)
++')
++
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-2.6.4/policy/modules/services/postfix.te
 --- nsaserefpolicy/policy/modules/services/postfix.te	2007-05-07 14:51:01.000000000 -0400
 +++ serefpolicy-2.6.4/policy/modules/services/postfix.te	2007-10-12 09:13:26.000000000 -0400


Index: selinux-policy.spec
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-7/selinux-policy.spec,v
retrieving revision 1.505
retrieving revision 1.506
diff -u -r1.505 -r1.506
--- selinux-policy.spec	12 Nov 2007 23:04:14 -0000	1.505
+++ selinux-policy.spec	13 Nov 2007 21:43:23 -0000	1.506
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 2.6.4
-Release: 56%{?dist}
+Release: 57%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -363,6 +363,9 @@
 %endif
 
 %changelog
+* Tue Nov 13 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-57
+- Allow dovecot to communicate with postfix_private sockets
+
 * Tue Nov 6 2007 Dan Walsh <dwalsh at redhat.com> 2.6.4-56
 - Allow saslauthd to use nis_authentication