Browse Source

mta: merge policy with the current version from Debian stretch and bump version number

Helmut Pozimski 7 years ago
parent
commit
6df2dbed12
1 changed files with 12 additions and 2 deletions
  1. 12 2
      policy/modules/mta.te

+ 12 - 2
policy/modules/mta.te

@@ -1,4 +1,4 @@
-policy_module(mta, 2.8.5)
+policy_module(mta, 2.8.6)
 
 
 ########################################
 ########################################
 #
 #
@@ -202,6 +202,12 @@ init_use_script_ptys(system_mail_t)
 
 
 userdom_use_user_terminals(system_mail_t)
 userdom_use_user_terminals(system_mail_t)
 
 
+init_rw_stream_sockets(system_mail_t)
+init_use_fds(system_mail_t)
+
+apt_use_fds(system_mail_t)
+apt_use_ptys(system_mail_t)
+
 optional_policy(`
 optional_policy(`
 	gen_require(`
 	gen_require(`
 		type crond_tmp_t;
 		type crond_tmp_t;
@@ -222,7 +228,11 @@ optional_policy(`
         phpfpm_dontaudit_rw_stream_sockets(system_mail_t)
         phpfpm_dontaudit_rw_stream_sockets(system_mail_t)
         phpfpm_dontaudit_rw_tcp_sockets(system_mail_t)
         phpfpm_dontaudit_rw_tcp_sockets(system_mail_t)
         ')
         ')
-	
+
+optional_policy(`
+       permit_in_unconfined_r(system_mail_t)
+       unconfined_use_fds(system_mail_t)
+')	
 optional_policy(`
 optional_policy(`
 	arpwatch_manage_tmp_files(system_mail_t)
 	arpwatch_manage_tmp_files(system_mail_t)