rpms / selinux-policy

Clone
Source Code
GIT

Files

  1.   2705f9a0f3e3764b0256a63ffefdf84e76cfe1cf
  2.   strict
  3.   domains
  4.   program
  5.   unused
  6.   ucspi-tcp.te
Blob Blame History Raw 
#DESC ucspi-tcp - TCP Server and Client Tools
#
# Author Petre Rodan <kaiowas@gentoo.org>
#			Andy Dustman (rblsmtp-related policy)
#

# http://cr.yp.to/ucspi-tcp.html

daemon_base_domain(utcpserver)
can_network(utcpserver_t)

allow utcpserver_t etc_t:file r_file_perms;
allow utcpserver_t { bin_t sbin_t var_t }:dir search;

allow utcpserver_t self:capability { net_bind_service setgid setuid };
allow utcpserver_t self:fifo_file { read write };
allow utcpserver_t self:process { fork sigchld };

allow utcpserver_t port_t:udp_socket name_bind;

ifdef(`qmail.te', `
domain_auto_trans(utcpserver_t, qmail_smtpd_exec_t, qmail_smtpd_t)
allow utcpserver_t smtp_port_t:tcp_socket name_bind;
allow qmail_smtpd_t utcpserver_t:tcp_socket { read write getattr };
allow utcpserver_t qmail_etc_t:dir r_dir_perms;
allow utcpserver_t qmail_etc_t:file r_file_perms;
')

daemon_base_domain(rblsmtpd)
can_network(rblsmtpd_t)

allow rblsmtpd_t self:process { fork sigchld };

allow rblsmtpd_t etc_t:file r_file_perms;
allow rblsmtpd_t { bin_t var_t }:dir search;
allow rblsmtpd_t port_t:udp_socket name_bind;
allow rblsmtpd_t utcpserver_t:tcp_socket { read write getattr };

ifdef(`qmail.te', `
domain_auto_trans(rblsmtpd_t, qmail_smtpd_exec_t, qmail_smtpd_t)
allow qmail_queue_t rblsmtpd_t:fd use;
')

ifdef(`daemontools.te', `
svc_ipc_domain(rblsmtpd_t)
')

domain_auto_trans(utcpserver_t, rblsmtpd_exec_t, rblsmtpd_t)
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.