Skip to content
This repository has been archived by the owner on Aug 23, 2019. It is now read-only.

SELinux rules #33

Open
ikedas opened this issue May 29, 2018 · 1 comment
Open

SELinux rules #33

ikedas opened this issue May 29, 2018 · 1 comment

Comments

@ikedas
Copy link
Owner

ikedas commented May 29, 2018

SELinux rules for sympa services and web interface would be bundled in package.
@double-p
Copy link

double-p commented Dec 7, 2018

When using postifx's "pipe", this one is sufficient:

policy_module(postfix-sympa, 1.0)

require{
 type postfix_pipe_t;
 type var_spool_t;
 class file { write create rename };
 class dir { add_name open read write create remove_name };
}

allow postfix_pipe_t var_spool_t:dir { add_name open read write remove_name };
allow postfix_pipe_t var_spool_t:file { create write rename };

sendmail might work with 'type sendmail_exec_t' but I've not testing ground for this.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@double-p @ikedas