[refpolicy] [PATCH 1/1] Make inetd_tcp_service_domain optional
Sven Vermeulen
sven.vermeulen at siphos.be
Tue Nov 15 03:49:39 CST 2011
The uwimap application does not require inetd to be running or even available on
the system. Since inetd is not mandatory, it is not considered part of the base
policy, so its call should be optional.
Signed-off-by: Sven Vermeulen <sven.vermeulen at siphos.be>
---
uwimap.te | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/uwimap.te b/uwimap.te
index 41fa663..5f5d61f 100644
--- a/uwimap.te
+++ b/uwimap.te
@@ -8,7 +8,6 @@ policy_module(uwimap, 1.8.0)
type imapd_t;
type imapd_exec_t;
init_daemon_domain(imapd_t, imapd_exec_t)
-inetd_tcp_service_domain(imapd_t, imapd_exec_t)
type imapd_tmp_t;
files_tmp_file(imapd_tmp_t)
@@ -83,6 +82,10 @@ userdom_user_home_dir_filetrans_user_home_content(imapd_t, { dir file lnk_file f
mta_rw_spool(imapd_t)
optional_policy(`
+ inetd_tcp_service_domain(imapd_t, imapd_exec_t)
+')
+
+optional_policy(`
seutil_sigchld_newrole(imapd_t)
')
--
1.7.3.4
More information about the refpolicy
mailing list