rpms/selinux-policy/F-10 policy-20080710.patch,1.169,1.170

Miroslav Grepl mgrepl at fedoraproject.org
Wed Jun 3 13:26:06 UTC 2009 

Author: mgrepl

Update of /cvs/extras/rpms/selinux-policy/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6621

Modified Files:
	policy-20080710.patch 
Log Message:
- Allow sendmail to transition to postfix_postqueue domain



policy-20080710.patch:

Index: policy-20080710.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-10/policy-20080710.patch,v
retrieving revision 1.169
retrieving revision 1.170
diff -u -p -r1.169 -r1.170
--- policy-20080710.patch	3 Jun 2009 07:15:05 -0000	1.169
+++ policy-20080710.patch	3 Jun 2009 13:26:03 -0000	1.170
@@ -23376,7 +23376,7 @@ diff --exclude-from=exclude -N -u -r nsa
  /var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.5.13/policy/modules/services/postfix.if
 --- nsaserefpolicy/policy/modules/services/postfix.if	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/postfix.if	2009-03-05 13:42:04.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/postfix.if	2009-06-03 14:57:00.000000000 +0200
 @@ -46,6 +46,7 @@
  
  	allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
@@ -23440,7 +23440,7 @@ diff --exclude-from=exclude -N -u -r nsa
  	gen_require(`
  		type postfix_private_t;
  	')
-@@ -432,6 +452,25 @@
+@@ -432,6 +452,44 @@
  
  ########################################
  ## <summary>
@@ -23461,12 +23461,31 @@ diff --exclude-from=exclude -N -u -r nsa
 +	manage_sock_files_pattern($1, postfix_private_t, postfix_private_t)
 +')
 +
++#######################################
++## <summary>
++##      Execute the postqueue postfix program in the
++##      postfix_postqueue domain.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      Domain allowed access.
++##      </summary>
++## </param>
++#
++interface(`postfix_domtrans_postqueue',`
++        gen_require(`
++                type postfix_postqueue_t, postfix_postqueue_exec_t;
++        ')
++
++        domtrans_pattern($1, postfix_postqueue_exec_t, postfix_postqueue_t)
++')
++
 +########################################
 +## <summary>
  ##	Execute the master postfix program in the
  ##	postfix_master domain.
  ## </summary>
-@@ -461,10 +500,10 @@
+@@ -461,10 +519,10 @@
  #
  interface(`postfix_search_spool',`
  	gen_require(`
@@ -23479,7 +23498,7 @@ diff --exclude-from=exclude -N -u -r nsa
  	files_search_spool($1)
  ')
  
-@@ -480,15 +519,34 @@
+@@ -480,15 +538,34 @@
  #
  interface(`postfix_list_spool',`
  	gen_require(`
@@ -23516,7 +23535,7 @@ diff --exclude-from=exclude -N -u -r nsa
  ##	Read postfix mail spool files.
  ## </summary>
  ## <param name="domain">
-@@ -499,11 +557,30 @@
+@@ -499,11 +576,30 @@
  #
  interface(`postfix_read_spool_files',`
  	gen_require(`
@@ -23549,7 +23568,7 @@ diff --exclude-from=exclude -N -u -r nsa
  ')
  
  ########################################
-@@ -524,3 +601,23 @@
+@@ -524,3 +620,23 @@
  
  	typeattribute $1 postfix_user_domtrans;
  ')
@@ -27581,7 +27600,7 @@ diff --exclude-from=exclude -N -u -r nsa
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.te serefpolicy-3.5.13/policy/modules/services/sendmail.te
 --- nsaserefpolicy/policy/modules/services/sendmail.te	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/sendmail.te	2009-04-14 12:30:20.000000000 +0200
++++ serefpolicy-3.5.13/policy/modules/services/sendmail.te	2009-06-03 14:57:34.000000000 +0200
 @@ -20,13 +20,17 @@
  mta_mailserver_delivery(sendmail_t)
  mta_mailserver_sender(sendmail_t)
@@ -27641,7 +27660,7 @@ diff --exclude-from=exclude -N -u -r nsa
  
  auth_use_nsswitch(sendmail_t)
  
-@@ -91,34 +102,63 @@
+@@ -91,34 +102,64 @@
  libs_read_lib_files(sendmail_t)
  
  logging_send_syslog_msg(sendmail_t)
@@ -27697,6 +27716,7 @@ diff --exclude-from=exclude -N -u -r nsa
 +
 +optional_policy(`
 +	postfix_domtrans_postdrop(sendmail_t)
++	postfix_domtrans_postqueue(sendmail_t)
 +	postfix_domtrans_master(sendmail_t)
  	postfix_read_config(sendmail_t)
  	postfix_search_spool(sendmail_t)
@@ -27708,7 +27728,7 @@ diff --exclude-from=exclude -N -u -r nsa
  ')
  
  optional_policy(`
-@@ -126,24 +166,33 @@
+@@ -126,24 +167,33 @@
  ')
  
  optional_policy(`

More information about the fedora-extras-commits mailing list