Tree - rpms/selinux-policy - CentOS Git server

rpms / selinux-policy

Blame refpolicy/policy/modules/services/sendmail.if

Blob History Raw

Chris PeBenito	02b584	`## <summary>Policy for sendmail.</summary>`
Chris PeBenito	02b584
Chris PeBenito	02b584	`########################################`
Chris PeBenito	f7ebea	`## <summary>`
Chris PeBenito	12ae75	`## Sendmail stub interface. No access allowed.`
Chris PeBenito	12ae75	`## </summary>`
Chris PeBenito	12ae75	`## <param name="domain" optional="true">`
Chris PeBenito	12ae75	`## N/A`
Chris PeBenito	12ae75	`## </param>`
Chris PeBenito	12ae75	`#`
Chris PeBenito	12ae75	interface(`sendmail_stub',`
Chris PeBenito	12ae75	gen_require(`
Chris PeBenito	12ae75	`type sendmail_t;`
Chris PeBenito	12ae75	`')`
Chris PeBenito	12ae75	`')`
Chris PeBenito	12ae75
Chris PeBenito	12ae75	`########################################`
Chris PeBenito	12ae75	`## <summary>`
Chris PeBenito	414e41	`## Domain transition to sendmail.`
Chris PeBenito	f7ebea	`## </summary>`
Chris PeBenito	414e41	`## <param name="domain">`
Chris PeBenito	3e6c81	`## Domain allowed access.`
Chris PeBenito	414e41	`## </param>`
Chris PeBenito	02b584	`#`
Chris PeBenito	199895	interface(`sendmail_domtrans',`
Chris PeBenito	5e6f9e	gen_require(`
Chris PeBenito	5e6f9e	`type sendmail_exec_t, sendmail_t;`
Chris PeBenito	5e6f9e	`')`
Chris PeBenito	02b584
Chris PeBenito	5e6f9e	`files_search_usr($1)`
Chris PeBenito	5e6f9e	`corecmd_search_sbin($1)`
Chris PeBenito	02b584	`domain_auto_trans($1,sendmail_exec_t,sendmail_t)`
Chris PeBenito	02b584
Chris PeBenito	02b584	`allow $1 sendmail_t:fd use;`
Chris PeBenito	02b584	`allow sendmail_t $1:fd use;`
Chris PeBenito	02b584	`allow sendmail_t $1:fifo_file rw_file_perms;`
Chris PeBenito	02b584	`allow sendmail_t $1:process sigchld;`
Chris PeBenito	02b584	`')`
Chris PeBenito	02b584
Chris PeBenito	3e6c81	`########################################`
Chris PeBenito	3e6c81	`## <summary>`
Chris PeBenito	3e6c81	`## Read and write sendmail TCP sockets.`
Chris PeBenito	3e6c81	`## </summary>`
Chris PeBenito	3e6c81	`## <param name="domain">`
Chris PeBenito	3e6c81	`## Domain allowed access.`
Chris PeBenito	3e6c81	`## </param>`
Chris PeBenito	3e6c81	`#`
Chris PeBenito	3e6c81	interface(`sendmail_rw_tcp_socket',`
Chris PeBenito	3e6c81	gen_require(`
Chris PeBenito	3e6c81	`type sendmail_t;`
Chris PeBenito	3e6c81	`')`
Chris PeBenito	3e6c81
Chris PeBenito	3e6c81	`allow $1 sendmail_t:tcp_socket { read write };`
Chris PeBenito	3e6c81	`')`
Chris PeBenito	08cd98
Chris PeBenito	08cd98	`########################################`
Chris PeBenito	08cd98	`## <summary>`
Chris PeBenito	08cd98	`## Create, read, write, and delete sendmail logs.`
Chris PeBenito	08cd98	`## </summary>`
Chris PeBenito	08cd98	`## <param name="domain">`
Chris PeBenito	08cd98	`## Domain allowed access.`
Chris PeBenito	08cd98	`## </param>`
Chris PeBenito	08cd98	`#`
Chris PeBenito	08cd98	interface(`sendmail_manage_log',`
Chris PeBenito	08cd98	gen_require(`
Chris PeBenito	08cd98	`type sendmail_log_t;`
Chris PeBenito	08cd98	`')`
Chris PeBenito	08cd98
Chris PeBenito	08cd98	`logging_search_logs($1)`
Chris PeBenito	08cd98	`allow $1 sendmail_log_t:file manage_file_perms;`
Chris PeBenito	08cd98	`')`
Chris PeBenito	08cd98
Chris PeBenito	08cd98	`########################################`
Chris PeBenito	08cd98	`## <summary>`
Chris PeBenito	08cd98	`## Create sendmail logs with the correct type.`
Chris PeBenito	08cd98	`## </summary>`
Chris PeBenito	08cd98	`## <param name="domain">`
Chris PeBenito	08cd98	`## Domain allowed access.`
Chris PeBenito	08cd98	`## </param>`
Chris PeBenito	08cd98	`#`
Chris PeBenito	08cd98	interface(`sendmail_create_log',`
Chris PeBenito	08cd98	gen_require(`
Chris PeBenito	08cd98	`type sendmail_log_t;`
Chris PeBenito	08cd98	`')`
Chris PeBenito	08cd98
Chris PeBenito	9d5949	`logging_filetrans_log($1,sendmail_log_t,file)`
Chris PeBenito	08cd98	`')`

rpms / selinux-policy

Source Code

Blame refpolicy/policy/modules/services/sendmail.if