dovecot_additional.te 670 B

12345678910111213141516171819202122232425262728
  1. policy_module(dovecot_additional, 0.0.7)
  2. require {
  3. type dovecot_deliver_exec_t;
  4. type dovecot_deliver_t;
  5. type dovecot_t;
  6. type mail_spool_t;
  7. type postfix_master_t;
  8. type sendmail_exec_t;
  9. }
  10. optional_policy(`
  11. mta_sendmail_domtrans(dovecot_deliver_t)
  12. ')
  13. allow dovecot_deliver_t self:process setrlimit;
  14. mta_manage_spool(dovecot_deliver_t)
  15. mta_sendmail_exec(dovecot_deliver_t)
  16. allow dovecot_t mail_spool_t:file map;
  17. allow dovecot_deliver_t mail_spool_t:file map;
  18. allow dovecot_deliver_t postfix_master_t:unix_stream_socket connectto;
  19. postfix_domtrans_postdrop(dovecot_deliver_t)
  20. postfix_search_spool(dovecot_deliver_t)
  21. postfix_read_config(dovecot_deliver_t)