You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

12345678910111213141516171819202122
  1. policy_module(postsrsd, 1.0.0)
  2. gen_require(`
  3. type http_cache_port_t;
  4. ')
  5. type postsrsd_t;
  6. type postsrsd_exec_t;
  7. init_daemon_domain(postsrsd_t, postsrsd_exec_t)
  8. type postsrsd_secret_t;
  9. files_type(postsrsd_secret_t)
  10. miscfiles_read_localization(postsrsd_t)
  11. auth_use_nsswitch(postsrsd_t)
  12. logging_send_syslog_msg(postsrsd_t)
  13. allow postsrsd_t self:capability { setuid sys_chroot };
  14. # 10001 and 10002 are labelled http_cache_port_t for whatever reason,
  15. # no point arguing with that...
  16. corenet_tcp_bind_http_cache_port(postsrsd_t)
  17. allow postsrsd_t self:tcp_socket server_stream_socket_perms;
  18. allow postsrsd_t postsrsd_secret_t:file read_file_perms;