')
')
+optional_policy(`
+ mta_filetrans_named_content(unconfined_t)
+')
+
optional_policy(`
ncftool_run(unconfined_t, unconfined_r)
')
samba_run_smbcontrol(unconfined_t, unconfined_r)
')
-optional_policy(`
- sendmail_run_unconfined(unconfined_t, unconfined_r)
-')
-
optional_policy(`
sysnet_run_dhcpc(unconfined_t, unconfined_r)
sysnet_dbus_chat_dhcpc(unconfined_t)
type etc_aliases_t;
')
- files_etc_filetrans($1, etc_aliases_t, file)
+ files_etc_filetrans($1, etc_aliases_t, file, $2)
')
########################################
userdom_search_admin_dir($1)
')
')
+
+########################################
+## <summary>
+## create mail content in the in the /root directory
+## with an correct label.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`mta_filetrans_admin_home_content',`
+ gen_require(`
+ type mail_home_t;
+ ')
+
+ userdom_admin_home_dir_filetrans($1, mail_home_t, file, dead.letter)
+ userdom_admin_home_dir_filetrans($1, mail_home_t, file, .forward)
+')
+
+########################################
+## <summary>
+## Transition to mta named content
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`mta_filetrans_home_content',`
+ gen_require(`
+ type mail_home_t;
+ ')
+
+ userdom_user_home_dir_filetrans($1, mail_home_t, file, dead.letter)
+ userdom_user_home_dir_filetrans($1, mail_home_t, file, .forward)
+')
+
+########################################
+## <summary>
+## Transition to apache named content
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`mta_filetrans_named_content',`
+ gen_require(`
+ type etc_aliases_t;
+ type etc_mail_t;
+ ')
+
+ filetrans_pattern($1, etc_mail_t, etc_aliases_t, { dir file )}
+ mta_etc_filetrans_aliases($1, aliases)
+ mta_etc_filetrans_aliases($1, aliases.db)
+ mta_filetrans_home_content($1)
+ mta_filetrans_admin_home_content($1)
+')
type sendmail_initrc_exec_t;
init_script_file(sendmail_initrc_exec_t)
-type unconfined_sendmail_t;
-application_domain(unconfined_sendmail_t, sendmail_exec_t)
-role system_r types unconfined_sendmail_t;
-
########################################
#
# Sendmail local policy
optional_policy(`
uucp_domtrans_uux(sendmail_t)
')
-
-########################################
-#
-# Unconfined sendmail local policy
-# Allow unconfined domain to run newalias and have transitions work
-#
-
-optional_policy(`
- mta_etc_filetrans_aliases(unconfined_sendmail_t)
- unconfined_domain_noaudit(unconfined_sendmail_t)
-')
projects / people / stevee / selinux-policy.git / commitdiff
