allow abrt_t self:netlink_route_socket r_netlink_socket_perms;
# abrt etc files
+list_dirs_pattern(abrt_t, abrt_etc_t, abrt_etc_t)
rw_files_pattern(abrt_t, abrt_etc_t, abrt_etc_t)
# log file
files_exec_etc_files(dirsrvadmin_t)
+libs_exec_ld_so(dirsrvadmin_t)
+
logging_search_logs(dirsrvadmin_t)
miscfiles_read_localization(dirsrvadmin_t)
#
interface(`lircd_admin',`
gen_require(`
- type lircd_t, lircd_var_run_t, lircd_etc_t;
+ type lircd_t, lircd_var_run_t;
type lircd_initrc_exec_t;
')
role_transition $2 lircd_initrc_exec_t system_r;
allow $2 system_r;
- files_list_etc($1)
- admin_pattern($1, lircd_etc_t)
-
files_list_pids($1)
admin_pattern($1, lircd_var_run_t)
')
## Allow postfix_local domain full write access to mail_spool directories
## </p>
## </desc>
-gen_tunable(allow_postfix_local_write_mail_spool, false)
+gen_tunable(allow_postfix_local_write_mail_spool, true)
attribute postfix_spool_type;
attribute postfix_user_domains;
projects / people / stevee / selinux-policy.git / commitdiff
