|
|
@@ -1,4 +1,4 @@
|
|
|
-policy_module(spamassassin, 2.9.8)
|
|
|
+policy_module(spamassassin, 2.9.9)
|
|
|
|
|
|
require {
|
|
|
type etc_mail_t;
|
|
|
@@ -182,6 +182,7 @@ allow spamc_t self:fifo_file rw_fifo_file_perms;
|
|
|
allow spamc_t self:unix_dgram_socket sendto;
|
|
|
allow spamc_t self:unix_stream_socket { accept connectto listen };
|
|
|
allow spamc_t self:tcp_socket { accept listen };
|
|
|
+allow spamc_t node_t:udp_socket node_bind;
|
|
|
|
|
|
manage_dirs_pattern(spamc_t, spamc_tmp_t, spamc_tmp_t)
|
|
|
manage_files_pattern(spamc_t, spamc_tmp_t, spamc_tmp_t)
|
|
|
@@ -196,6 +197,8 @@ userdom_user_home_dir_filetrans(spamc_t, spamassassin_home_t, dir, ".spamassassi
|
|
|
|
|
|
list_dirs_pattern(spamc_t, spamd_var_lib_t, spamd_var_lib_t)
|
|
|
read_files_pattern(spamc_t, spamd_var_lib_t, spamd_var_lib_t)
|
|
|
+list_dirs_pattern(spamc_t, spamd_etc_t, spamd_etc_t)
|
|
|
+read_files_pattern(spamc_t, spamd_etc_t, spamd_etc_t)
|
|
|
|
|
|
stream_connect_pattern(spamc_t, { spamd_var_run_t spamd_tmp_t }, { spamd_var_run_t spamd_tmp_t }, spamd_t)
|
|
|
|
|
|
@@ -235,6 +238,16 @@ dovecot_domtrans_deliver(spamc_t)
|
|
|
search_dirs_pattern(spamc_t, etc_mail_t, etc_mail_t)
|
|
|
search_dirs_pattern(spamc_t, spamd_etc_t, spamd_etc_t)
|
|
|
|
|
|
+mysql_stream_connect(spamc_t)
|
|
|
+
|
|
|
+auth_read_shadow(spamc_t)
|
|
|
+corecmd_exec_shell(spamc_t)
|
|
|
+
|
|
|
+dev_read_urand(spamc_t)
|
|
|
+
|
|
|
+userdom_use_inherited_user_terminals(spamc_t)
|
|
|
+userdom_read_user_tmp_files(spamc_t)
|
|
|
+
|
|
|
tunable_policy(`use_nfs_home_dirs',`
|
|
|
fs_manage_nfs_dirs(spamc_t)
|
|
|
fs_manage_nfs_files(spamc_t)
|
