Browse Source

update to 2.9.0 and merge my own changes

Helmut Pozimski 7 years ago
parent
commit
d56ad60eff

+ 1 - 0
policy/modules/spamassassin.fc

@@ -23,6 +23,7 @@ HOME_DIR/\.spamd(/.*)?	gen_context(system_u:object_r:spamd_home_t,s0)
 /var/log/mimedefang.*	--	gen_context(system_u:object_r:spamd_log_t,s0)
 /var/log/mimedefang.*	--	gen_context(system_u:object_r:spamd_log_t,s0)
 
 
 /var/run/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_var_run_t,s0)
 /var/run/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_var_run_t,s0)
+/var/run/spamassassin\.pid --	gen_context(system_u:object_r:spamd_var_run_t,s0)
 
 
 /var/spool/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_spool_t,s0)
 /var/spool/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_spool_t,s0)
 /var/spool/spamd(/.*)?	gen_context(system_u:object_r:spamd_spool_t,s0)
 /var/spool/spamd(/.*)?	gen_context(system_u:object_r:spamd_spool_t,s0)

+ 3 - 5
policy/modules/spamassassin.if

@@ -384,10 +384,7 @@ interface(`spamassassin_admin',`
 	allow $1 spamd_t:process { ptrace signal_perms };
 	allow $1 spamd_t:process { ptrace signal_perms };
 	ps_process_pattern($1, spamd_t)
 	ps_process_pattern($1, spamd_t)
 
 
-	init_labeled_script_domtrans($1, spamd_initrc_exec_t)
-	domain_system_change_exemption($1)
-	role_transition $2 spamd_initrc_exec_t system_r;
-	allow $2 system_r;
+	init_startstop_service($1, $2, spamd_t, spamd_initrc_exec_t)
 
 
 	files_list_tmp($1)
 	files_list_tmp($1)
 	admin_pattern($1, spamd_tmp_t)
 	admin_pattern($1, spamd_tmp_t)
@@ -404,5 +401,6 @@ interface(`spamassassin_admin',`
 	files_list_pids($1)
 	files_list_pids($1)
 	admin_pattern($1, spamd_var_run_t)
 	admin_pattern($1, spamd_var_run_t)
 
 
-	spamassassin_role($2, $1)
+	# This makes it impossible to apply _admin if _role has already been applied
+	#spamassassin_role($2, $1)
 ')
 ')

+ 1 - 1
policy/modules/spamassassin.te

@@ -1,4 +1,4 @@
-policy_module(spamassassin, 2.7.2)
+policy_module(spamassassin, 2.9.1)
 
 
 ########################################
 ########################################
 #
 #