Chris PeBenito 4605ad
## <summary>Postfix policy server</summary>
Chris PeBenito e87221
Chris PeBenito e87221
########################################
Chris PeBenito e87221
## <summary>
Chris PeBenito e87221
##	All of the rules required to administrate 
Chris PeBenito e87221
##	an postfixpolicyd environment
Chris PeBenito e87221
## </summary>
Chris PeBenito e87221
## <param name="domain">
Chris PeBenito e87221
##	<summary>
Chris PeBenito e87221
##	Domain allowed access.
Chris PeBenito e87221
##	</summary>
Chris PeBenito e87221
## </param>
Chris PeBenito e87221
## <param name="role">
Chris PeBenito e87221
##	<summary>
Chris PeBenito e87221
##	The role to be allowed to manage the postfixpolicyd domain.
Chris PeBenito e87221
##	</summary>
Chris PeBenito e87221
## </param>
Chris PeBenito e87221
## <rolecap/>
Chris PeBenito e87221
#
Chris PeBenito e87221
interface(`postfixpolicyd_admin',`
Chris PeBenito e87221
	gen_require(`
Chris PeBenito e87221
		type postfix_policyd_t, postfix_policyd_conf_t;
Dominick Grift 2528a2
		type postfix_policyd_var_run_t, postfix_policyd_initrc_exec_t;
Chris PeBenito e87221
	')
Chris PeBenito e87221
Chris PeBenito e87221
	allow $1 postfix_policyd_t:process { ptrace signal_perms };
Chris PeBenito e87221
	ps_process_pattern($1, postfix_policyd_t)
Chris PeBenito e87221
Chris PeBenito e87221
	init_labeled_script_domtrans($1, postfix_policyd_initrc_exec_t)
Chris PeBenito e87221
	domain_system_change_exemption($1)
Chris PeBenito e87221
	role_transition $2 postfix_policyd_initrc_exec_t system_r;
Chris PeBenito e87221
	allow $2 system_r;
Chris PeBenito e87221
Chris PeBenito e87221
	files_list_etc($1)
Chris PeBenito e87221
	admin_pattern($1, postfix_policyd_conf_t)
Chris PeBenito e87221
Chris PeBenito e87221
	files_list_pids($1)
Chris PeBenito e87221
	admin_pattern($1, postfix_policyd_var_run_t)
Chris PeBenito e87221
')