clean up patch from Serge Fri, 10 Feb 2006 18:01:06 -0600

diff --git a/refpolicy/policy/modules/services/mta.if b/refpolicy/policy/modules/services/mta.if
index 67198fe218bd2c60d43abdac7c9189c99c7a3348..157647e591757e7539148710bc92809c999eef0d 100644 (file)
--- a/refpolicy/policy/modules/services/mta.if
+++ b/refpolicy/policy/modules/services/mta.if
@@ -224,6 +224,12 @@ template(`mta_per_userdomain_template',`
        userdom_manage_user_home_subdir_pipes($1,mailserver_delivery)
        userdom_manage_user_home_subdir_sockets($1,mailserver_delivery)
        userdom_filetrans_user_home($1,mailserver_delivery,{ dir file lnk_file fifo_file sock_file })
+       # Read user temporary files.
+       userdom_read_user_tmp_files($1,$1_mail_t)
+       userdom_dontaudit_append_user_tmp_files($1,$1_mail_t)
+       # cjp: this should probably be read all user tmp
+       # files in an appropriate place for mta_user_agent
+       userdom_read_user_tmp_files($1,mta_user_agent)
 
        tunable_policy(`use_samba_home_dirs',`
                fs_manage_cifs_files($1_mail_t)
@@ -232,21 +238,17 @@ template(`mta_per_userdomain_template',`
 
        optional_policy(`postfix',`
                allow $1_mail_t self:capability dac_override;
-               postfix_read_config($1_mail_t)
-               postfix_list_spool($1_mail_t)
-       ')
 
-       ifdef(`TODO',`
-       # Read user temporary files.
-       allow $1_mail_t $1_tmp_t:file r_file_perms;
-       dontaudit $1_mail_t $1_tmp_t:file append;
-       ifdef(`postfix.te',`
+               # Read user temporary files.
                # postfix seems to need write access if the file handle is opened read/write
-               allow $1_mail_t $1_tmp_t:file write;
+               userdom_rw_user_tmp_files($1,$1_mail_t)
+
+               postfix_read_config($1_mail_t)
+               postfix_list_spool($1_mail_t)
        ')
 
-       allow mta_user_agent $1_tmp_t:file r_file_perms;
 
+       ifdef(`TODO',`
        # if you do not want to allow dead.letter then use the following instead
        #allow $1_mail_t { $1_home_dir_t $1_home_t }:dir r_dir_perms;
        #allow $1_mail_t $1_home_t:file r_file_perms;

diff --git a/refpolicy/policy/modules/services/postfix.if b/refpolicy/policy/modules/services/postfix.if
index dab0922046f78585e93c6eb0bd7e04c163def51c..446282eab9f9a7698ae9a22421ac98c2d8d18f9b 100644 (file)
--- a/refpolicy/policy/modules/services/postfix.if
+++ b/refpolicy/policy/modules/services/postfix.if
@@ -157,11 +157,10 @@ template(`postfix_user_domain_template',`
 template(`postfix_per_userdomain_template',`
        gen_require(`
                attribute postfix_user_domains;
+               type postfix_postdrop_t;
        ')
 
-       # cjp: perhaps this should actually be $3
-       # instead of just sysadm_r?
-       #role sysadm_r types postfix_user_domains;
+       role $3 types postfix_postdrop_t;
 
        allow postfix_user_domains $2:process sigchld;
        allow postfix_user_domains $2:fifo_file { write getattr };

diff --git a/refpolicy/policy/modules/system/userdomain.if b/refpolicy/policy/modules/system/userdomain.if
index d0e73f3545ff9cafa529143a16cb20a44ac79db1..82c0117733b14fa753f8250d52ae9e8f6f68b14e 100644 (file)
--- a/refpolicy/policy/modules/system/userdomain.if
+++ b/refpolicy/policy/modules/system/userdomain.if
@@ -1915,6 +1915,76 @@ template(`userdom_dontaudit_read_user_tmp_files',`
        dontaudit $2 $1_tmp_t:file r_file_perms;
 ')
 
+########################################
+## <summary>
+##     Do not audit attempts to append users
+##     temporary files.
+## </summary>
+## <desc>
+##     <p>
+##     Do not audit attempts to append users
+##     temporary files.
+##     </p>
+##     <p>
+##     This is a templated interface, and should only
+##     be called from a per-userdomain template.
+##     </p>
+## </desc>
+## <param name="userdomain_prefix">
+##     <summary>
+##     The prefix of the user domain (e.g., user
+##     is the prefix for user_t).
+##     </summary>
+## </param>
+## <param name="domain">
+##     <summary>
+##     Domain to not audit.
+##     </summary>
+## </param>
+#
+template(`userdom_dontaudit_append_user_tmp_files',`
+       gen_require(`
+               type $1_tmp_t;
+       ')
+
+       dontaudit $2 $1_tmp_t:file append;
+')
+
+########################################
+## <summary>
+##     Read and write user temporary files.
+## </summary>
+## <desc>
+##     <p>
+##     Read and write user temporary files.
+##     </p>
+##     <p>
+##     This is a templated interface, and should only
+##     be called from a per-userdomain template.
+##     </p>
+## </desc>
+## <param name="userdomain_prefix">
+##     <summary>
+##     The prefix of the user domain (e.g., user
+##     is the prefix for user_t).
+##     </summary>
+## </param>
+## <param name="domain">
+##     <summary>
+##     Domain allowed access.
+##     </summary>
+## </param>
+#
+template(`userdom_rw_user_tmp_files',`
+       gen_require(`
+               type $1_tmp_t;
+       ')
+
+       files_search_tmp($2)
+       allow $2 $1_tmp_t:dir r_dir_perms;
+       allow $2 $1_tmp_t:file rw_file_perms;
+')
+
 ########################################
 ## <summary>
 ##     Read user