# exim local policy
#
-allow exim_t self:capability { chown dac_override dac_read_search fowner setuid setgid sys_resource };
+allow exim_t self:capability { chown dac_override dac_read_search fowner setuid setgid sys_resource };
allow exim_t self:process { setrlimit setpgid };
allow exim_t self:fifo_file rw_fifo_file_perms;
allow exim_t self:unix_stream_socket create_stream_socket_perms;
allow exim_t self:tcp_socket create_stream_socket_perms;
allow exim_t self:udp_socket create_socket_perms;
-can_exec(exim_t,exim_exec_t)
+can_exec(exim_t, exim_exec_t)
manage_files_pattern(exim_t, exim_log_t, exim_log_t)
logging_log_filetrans(exim_t, exim_log_t, { file dir })
tunable_policy(`exim_can_connect_db',`
corenet_tcp_connect_mysqld_port(exim_t)
corenet_sendrecv_mysqld_client_packets(exim_t)
- corenet_tcp_connect_postgresql_port(exim_t)
- corenet_sendrecv_postgresql_client_packets(exim_t)
+ corenet_tcp_connect_postgresql_port(exim_t)
+ corenet_sendrecv_postgresql_client_packets(exim_t)
')
tunable_policy(`exim_read_user_files',`