Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (filecon "/etc/dovecot(/.*)?" any (system_u object_r dovecot_etc_t (systemlow systemlow)))
- (filecon "/etc/dovecot/passwd.*" any (system_u object_r dovecot_passwd_t (systemlow systemlow)))
- (filecon "/etc/dovecot\.conf.*" any (system_u object_r dovecot_etc_t (systemlow systemlow)))
- (filecon "/etc/dovecot\.passwd.*" any (system_u object_r dovecot_passwd_t (systemlow systemlow)))
- (filecon "/etc/pki/dovecot(/.*)?" any (system_u object_r dovecot_cert_t (systemlow systemlow)))
- (filecon "/etc/rc\.d/init\.d/dovecot" file (system_u object_r dovecot_initrc_exec_t (systemlow systemlow)))
- (filecon "/usr/sbin/dovecot" file (system_u object_r dovecot_exec_t (systemlow systemlow)))
- (filecon "/usr/share/ssl/certs/dovecot\.pem" file (system_u object_r dovecot_cert_t (systemlow systemlow)))
- (filecon "/usr/share/ssl/private/dovecot\.pem" file (system_u object_r dovecot_cert_t (systemlow systemlow)))
- (filecon "/etc/ssl/dovecot(/.*)?" any (system_u object_r dovecot_cert_t (systemlow systemlow)))
- (filecon "/usr/lib/dovecot/auth" file (system_u object_r dovecot_auth_exec_t (systemlow systemlow)))
- (filecon "/usr/lib/dovecot/deliver" file (system_u object_r dovecot_deliver_exec_t (systemlow systemlow)))
- (filecon "/usr/lib/dovecot/dovecot-auth" file (system_u object_r dovecot_auth_exec_t (systemlow systemlow)))
- (filecon "/usr/lib/dovecot/dovecot-lda" file (system_u object_r dovecot_deliver_exec_t (systemlow systemlow)))
- (filecon "/usr/libexec/dovecot/auth" file (system_u object_r dovecot_auth_exec_t (systemlow systemlow)))
- (filecon "/usr/libexec/dovecot/deliver" file (system_u object_r dovecot_deliver_exec_t (systemlow systemlow)))
- (filecon "/usr/libexec/dovecot/deliver-lda" file (system_u object_r dovecot_deliver_exec_t (systemlow systemlow)))
- (filecon "/usr/libexec/dovecot/dovecot-auth" file (system_u object_r dovecot_auth_exec_t (systemlow systemlow)))
- (filecon "/var/run/dovecot(-login)?(/.*)?" any (system_u object_r dovecot_var_run_t (systemlow systemlow)))
- (filecon "/var/run/dovecot/login/ssl-parameters.dat" file (system_u object_r dovecot_var_lib_t (systemlow systemlow)))
- (filecon "/var/lib/dovecot(/.*)?" any (system_u object_r dovecot_var_lib_t (systemlow systemlow)))
- (filecon "/var/log/dovecot(/.*)?" any (system_u object_r dovecot_var_log_t (systemlow systemlow)))
- (filecon "/var/log/dovecot\.log.*" any (system_u object_r dovecot_var_log_t (systemlow systemlow)))
- (filecon "/var/spool/dovecot(/.*)?" any (system_u object_r dovecot_spool_t (systemlow systemlow)))
- (typeattribute dovecot_domain)
- (typeattributeset dovecot_domain (dovecot_t dovecot_auth_t dovecot_deliver_t ))
- (type dovecot_t)
- (roletype object_r dovecot_t)
- (type dovecot_exec_t)
- (roletype object_r dovecot_exec_t)
- (type dovecot_auth_t)
- (roletype object_r dovecot_auth_t)
- (type dovecot_auth_exec_t)
- (roletype object_r dovecot_auth_exec_t)
- (type dovecot_auth_tmp_t)
- (roletype object_r dovecot_auth_tmp_t)
- (type dovecot_cert_t)
- (roletype object_r dovecot_cert_t)
- (type dovecot_deliver_t)
- (roletype object_r dovecot_deliver_t)
- (type dovecot_deliver_exec_t)
- (roletype object_r dovecot_deliver_exec_t)
- (type dovecot_deliver_tmp_t)
- (roletype object_r dovecot_deliver_tmp_t)
- (type dovecot_etc_t)
- (roletype object_r dovecot_etc_t)
- (type dovecot_initrc_exec_t)
- (roletype object_r dovecot_initrc_exec_t)
- (type dovecot_keytab_t)
- (roletype object_r dovecot_keytab_t)
- (type dovecot_passwd_t)
- (roletype object_r dovecot_passwd_t)
- (type dovecot_spool_t)
- (roletype object_r dovecot_spool_t)
- (type dovecot_tmp_t)
- (roletype object_r dovecot_tmp_t)
- (type dovecot_var_lib_t)
- (roletype object_r dovecot_var_lib_t)
- (type dovecot_var_log_t)
- (roletype object_r dovecot_var_log_t)
- (type dovecot_var_run_t)
- (roletype object_r dovecot_var_run_t)
- (roleattributeset cil_gen_require system_r)
- (roletype system_r dovecot_t)
- (roletype system_r dovecot_auth_t)
- (roletype system_r dovecot_deliver_t)
- (typeattributeset cil_gen_require initrc_t)
- (typeattributeset cil_gen_require daemon)
- (typeattributeset daemon (dovecot_t ))
- (typeattributeset cil_gen_require domain)
- (typeattributeset domain (dovecot_t dovecot_auth_t dovecot_deliver_t ))
- (typeattributeset cil_gen_require init_t)
- (typeattributeset cil_gen_require sysfs_t)
- (typeattributeset cil_gen_require selinux_config_t)
- (typeattributeset cil_gen_require entry_type)
- (typeattributeset entry_type (dovecot_exec_t dovecot_auth_exec_t dovecot_deliver_exec_t dovecot_initrc_exec_t ))
- (typeattributeset cil_gen_require exec_type)
- (typeattributeset exec_type (dovecot_exec_t dovecot_auth_exec_t dovecot_deliver_exec_t dovecot_initrc_exec_t ))
- (typeattributeset cil_gen_require file_type)
- (typeattributeset file_type (dovecot_exec_t dovecot_auth_exec_t dovecot_auth_tmp_t dovecot_cert_t dovecot_deliver_exec_t dovecot_deliver_tmp_t dovecot_etc_t dovecot_initrc_exec_t dovecot_keytab_t dovecot_passwd_t dovecot_spool_t dovecot_tmp_t dovecot_var_lib_t dovecot_var_log_t dovecot_var_run_t ))
- (typeattributeset cil_gen_require non_security_file_type)
- (typeattributeset non_security_file_type (dovecot_exec_t dovecot_auth_exec_t dovecot_auth_tmp_t dovecot_cert_t dovecot_deliver_exec_t dovecot_deliver_tmp_t dovecot_etc_t dovecot_initrc_exec_t dovecot_keytab_t dovecot_passwd_t dovecot_spool_t dovecot_tmp_t dovecot_var_lib_t dovecot_var_log_t dovecot_var_run_t ))
- (typeattributeset cil_gen_require non_auth_file_type)
- (typeattributeset non_auth_file_type (dovecot_exec_t dovecot_auth_exec_t dovecot_auth_tmp_t dovecot_cert_t dovecot_deliver_exec_t dovecot_deliver_tmp_t dovecot_etc_t dovecot_initrc_exec_t dovecot_keytab_t dovecot_passwd_t dovecot_spool_t dovecot_tmp_t dovecot_var_lib_t dovecot_var_log_t dovecot_var_run_t ))
- (typeattributeset cil_gen_require console_device_t)
- (typeattributeset cil_gen_require initrc_devpts_t)
- (typeattributeset cil_gen_require devpts_t)
- (typeattributeset cil_gen_require device_t)
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (typeattributeset cil_gen_require tmpfile)
- (typeattributeset tmpfile (dovecot_auth_tmp_t dovecot_deliver_tmp_t dovecot_tmp_t ))
- (typeattributeset cil_gen_require tmp_t)
- (typeattributeset cil_gen_require polymember)
- (typeattributeset polymember (dovecot_auth_tmp_t dovecot_deliver_tmp_t dovecot_tmp_t ))
- (typeattributeset cil_gen_require cert_type)
- (typeattributeset cert_type (dovecot_cert_t ))
- (typeattributeset cil_gen_require configfile)
- (typeattributeset configfile (dovecot_etc_t ))
- (typeattributeset cil_gen_require init_script_file_type)
- (typeattributeset init_script_file_type (dovecot_initrc_exec_t ))
- (typeattributeset cil_gen_require init_run_all_scripts_domain)
- (typeattributeset cil_gen_require logfile)
- (typeattributeset logfile (dovecot_var_log_t ))
- (typeattributeset cil_gen_require tmpfs_t)
- (typeattributeset cil_gen_require pidfile)
- (typeattributeset pidfile (dovecot_var_run_t ))
- (typeattributeset cil_gen_require sysctl_type)
- (typeattributeset cil_gen_require proc_t)
- (typeattributeset cil_gen_require proc_net_t)
- (typeattributeset cil_gen_require bin_t)
- (typeattributeset cil_gen_require shell_exec_t)
- (typeattributeset cil_gen_require random_device_t)
- (typeattributeset cil_gen_require urandom_device_t)
- (typeattributeset cil_gen_require etc_t)
- (typeattributeset cil_gen_require etc_runtime_t)
- (typeattributeset cil_gen_require syslogd_t)
- (typeattributeset cil_gen_require syslogd_var_run_t)
- (typeattributeset cil_gen_require devlog_t)
- (typeattributeset cil_gen_require init_var_run_t)
- (typeattributeset cil_gen_require locale_t)
- (typeattributeset cil_gen_require usr_t)
- (typeattributeset cil_gen_require var_log_t)
- (typeattributeset cil_gen_require unlabeled_t)
- (typeattributeset cil_gen_require netlabel_peer_t)
- (typeattributeset cil_gen_require netif_t)
- (typeattributeset cil_gen_require node_t)
- (typeattributeset cil_gen_require port_type)
- (typeattributeset cil_gen_require mail_server_packet_t)
- (typeattributeset cil_gen_require mail_port_t)
- (typeattributeset cil_gen_require pop_server_packet_t)
- (typeattributeset cil_gen_require pop_port_t)
- (typeattributeset cil_gen_require sieve_server_packet_t)
- (typeattributeset cil_gen_require sieve_port_t)
- (typeattributeset cil_gen_require client_packet_type)
- (typeattributeset cil_gen_require postgresql_port_t)
- (typeattributeset cil_gen_require privfd)
- (typeattributeset cil_gen_require var_lib_t)
- (typeattributeset cil_gen_require var_spool_t)
- (typeattributeset cil_gen_require default_t)
- (typeattributeset cil_gen_require mountpoint)
- (typeattributeset cil_gen_require filesystem_type)
- (typeattributeset cil_gen_require autofs_t)
- (typeattributeset cil_gen_require inotifyfs_t)
- (typeattributeset cil_gen_require initrc_var_run_t)
- (typeattributeset cil_gen_require nsswitch_domain)
- (typeattributeset nsswitch_domain (dovecot_t dovecot_auth_t dovecot_deliver_t ))
- (typeattributeset cil_gen_require cert_t)
- (typeattributeset cil_gen_require unpriv_userdomain)
- (typeattributeset cil_gen_require user_tty_device_t)
- (typeattributeset cil_gen_require user_devpts_t)
- (typeattributeset cil_gen_require nfs_t)
- (typeattributeset cil_gen_require cifs_t)
- (typeattributeset cil_gen_require chkpwd_t)
- (typeattributeset cil_gen_require chkpwd_exec_t)
- (typeattributeset cil_gen_require shadow_t)
- (typeattributeset cil_gen_require auth_cache_t)
- (typeattributeset cil_gen_require faillog_t)
- (typeattributeset cil_gen_require net_conf_t)
- (typeattributeset cil_gen_require ldap_port_t)
- (typeattributeset cil_gen_require ldap_client_packet_t)
- (allow dovecot_t dovecot_exec_t (file (entrypoint)))
- (allow dovecot_t dovecot_exec_t (file (ioctl read getattr lock execute open)))
- (allow initrc_t dovecot_exec_t (file (read getattr execute open)))
- (allow initrc_t dovecot_t (process (transition)))
- (dontaudit initrc_t dovecot_t (process (noatsecure siginh rlimitinh)))
- (typetransition initrc_t dovecot_exec_t process dovecot_t)
- (allow dovecot_t initrc_t (fd (use)))
- (allow dovecot_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
- (allow dovecot_t initrc_t (process (sigchld)))
- (dontaudit dovecot_t init_t (fd (use)))
- (dontaudit dovecot_t console_device_t (chr_file (ioctl read write getattr lock append open)))
- (allow dovecot_t device_t (dir (getattr search open)))
- (allow dovecot_t device_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t device_t (dir (getattr search open)))
- (allow dovecot_t device_t (lnk_file (read getattr)))
- (allow dovecot_t devpts_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t initrc_devpts_t (chr_file (ioctl read write getattr lock append open)))
- (allow dovecot_auth_t dovecot_auth_exec_t (file (entrypoint)))
- (allow dovecot_auth_t dovecot_auth_exec_t (file (ioctl read getattr lock execute open)))
- (allow dovecot_deliver_t dovecot_deliver_exec_t (file (entrypoint)))
- (allow dovecot_deliver_t dovecot_deliver_exec_t (file (ioctl read getattr lock execute open)))
- (allow initrc_t dovecot_initrc_exec_t (file (entrypoint)))
- (allow initrc_t dovecot_initrc_exec_t (file (ioctl read getattr lock execute open)))
- (allow init_run_all_scripts_domain dovecot_initrc_exec_t (file (read getattr execute open)))
- (allow init_run_all_scripts_domain initrc_t (process (transition)))
- (dontaudit init_run_all_scripts_domain initrc_t (process (noatsecure siginh rlimitinh)))
- (typetransition init_run_all_scripts_domain dovecot_initrc_exec_t process initrc_t)
- (allow initrc_t init_run_all_scripts_domain (fd (use)))
- (allow initrc_t init_run_all_scripts_domain (fifo_file (ioctl read write getattr lock append open)))
- (allow initrc_t init_run_all_scripts_domain (process (sigchld)))
- (allow dovecot_var_log_t tmp_t (filesystem (associate)))
- (allow dovecot_var_log_t tmpfs_t (filesystem (associate)))
- (allow dovecot_domain self (capability2 (block_suspend)))
- (allow dovecot_domain self (fifo_file (ioctl read write getattr lock append open)))
- (allow dovecot_domain dovecot_etc_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain dovecot_etc_t (file (ioctl read getattr lock open)))
- (allow dovecot_domain dovecot_etc_t (lnk_file (read getattr)))
- (allow dovecot_domain sysctl_type (dir (getattr search open)))
- (allow dovecot_domain proc_t (dir (getattr search open)))
- (allow dovecot_domain proc_net_t (dir (getattr search open)))
- (allow dovecot_domain sysctl_type (file (ioctl read getattr lock open)))
- (allow dovecot_domain proc_t (dir (getattr search open)))
- (allow dovecot_domain proc_net_t (dir (getattr search open)))
- (allow dovecot_domain sysctl_type (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain proc_t (dir (getattr search open)))
- (allow dovecot_domain proc_t (file (ioctl read getattr lock open)))
- (allow dovecot_domain proc_t (dir (getattr search open)))
- (allow dovecot_domain proc_t (lnk_file (read getattr)))
- (allow dovecot_domain proc_t (dir (getattr search open)))
- (allow dovecot_domain proc_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain bin_t (dir (getattr search open)))
- (allow dovecot_domain bin_t (lnk_file (read getattr)))
- (allow dovecot_domain bin_t (dir (getattr search open)))
- (allow dovecot_domain bin_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain bin_t (file (ioctl read getattr lock execute execute_no_trans open)))
- (allow dovecot_domain bin_t (dir (getattr search open)))
- (allow dovecot_domain bin_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain bin_t (dir (getattr search open)))
- (allow dovecot_domain bin_t (lnk_file (read getattr)))
- (allow dovecot_domain shell_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
- (allow dovecot_domain sysfs_t (dir (getattr search open)))
- (allow dovecot_domain sysfs_t (file (ioctl read getattr lock open)))
- (allow dovecot_domain sysfs_t (dir (getattr search open)))
- (allow dovecot_domain sysfs_t (lnk_file (read getattr)))
- (allow dovecot_domain sysfs_t (dir (getattr search open)))
- (allow dovecot_domain sysfs_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain device_t (dir (getattr search open)))
- (allow dovecot_domain random_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_domain device_t (dir (getattr search open)))
- (allow dovecot_domain urandom_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_domain etc_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain etc_t (dir (getattr search open)))
- (allow dovecot_domain etc_runtime_t (file (ioctl read getattr lock open)))
- (allow dovecot_domain etc_t (dir (getattr search open)))
- (allow dovecot_domain etc_runtime_t (lnk_file (read getattr)))
- (allow dovecot_domain devlog_t (sock_file (write getattr append open)))
- (allow dovecot_domain var_run_t (lnk_file (read getattr)))
- (allow dovecot_domain var_t (dir (getattr search open)))
- (allow dovecot_domain var_run_t (dir (getattr search open)))
- (allow dovecot_domain init_var_run_t (dir (getattr search open)))
- (allow dovecot_domain syslogd_var_run_t (dir (getattr search open)))
- (allow dovecot_domain syslogd_t (unix_dgram_socket (sendto)))
- (allow dovecot_domain syslogd_t (unix_stream_socket (connectto)))
- (allow dovecot_domain self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- (allow dovecot_domain self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- (allow dovecot_domain device_t (dir (getattr search open)))
- (allow dovecot_domain device_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain device_t (dir (getattr search open)))
- (allow dovecot_domain device_t (lnk_file (read getattr)))
- (allow dovecot_domain console_device_t (chr_file (ioctl write getattr lock append open)))
- (dontaudit dovecot_domain console_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_domain etc_t (dir (getattr search open)))
- (allow dovecot_domain etc_t (lnk_file (read getattr)))
- (allow dovecot_domain usr_t (dir (getattr search open)))
- (allow dovecot_domain locale_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_domain locale_t (dir (getattr search open)))
- (allow dovecot_domain locale_t (file (ioctl read getattr lock open)))
- (allow dovecot_domain locale_t (dir (getattr search open)))
- (allow dovecot_domain locale_t (lnk_file (read getattr)))
- (allow dovecot_t self (capability (chown dac_override dac_read_search fsetid kill setgid setuid sys_chroot)))
- (dontaudit dovecot_t self (capability (sys_tty_config)))
- (allow dovecot_t self (process (sigchld sigkill sigstop signull signal setsched getcap setcap setrlimit)))
- (allow dovecot_t self (tcp_socket (listen accept)))
- (allow dovecot_t self (unix_stream_socket (listen accept connectto)))
- (allow dovecot_t dovecot_cert_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t dovecot_cert_t (file (ioctl read getattr lock open)))
- (allow dovecot_t dovecot_cert_t (lnk_file (read getattr)))
- (allow dovecot_t dovecot_keytab_t (file (ioctl read getattr lock open)))
- (allow dovecot_t dovecot_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_t dovecot_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (typetransition dovecot_t tmp_t dir dovecot_tmp_t)
- (typetransition dovecot_t tmp_t file dovecot_tmp_t)
- (allow dovecot_t dovecot_var_lib_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_lib_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t dovecot_var_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_log_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_t dovecot_var_log_t (dir (getattr search open)))
- (allow dovecot_t dovecot_var_log_t (file (ioctl getattr lock append open)))
- (allow dovecot_t dovecot_var_log_t (dir (ioctl write getattr lock add_name search open)))
- (allow dovecot_t dovecot_var_log_t (file (create getattr open)))
- (allow dovecot_t dovecot_var_log_t (dir (getattr search open)))
- (allow dovecot_t dovecot_var_log_t (file (setattr)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (typetransition dovecot_t var_log_t dir dovecot_var_log_t)
- (typetransition dovecot_t var_log_t file dovecot_var_log_t)
- (allow dovecot_t dovecot_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_spool_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_t dovecot_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_spool_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t dovecot_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_spool_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_t dovecot_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_t dovecot_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t dovecot_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_run_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_t dovecot_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t dovecot_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t dovecot_var_run_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (typetransition dovecot_t var_run_t fifo_file dovecot_var_run_t)
- (typetransition dovecot_t var_run_t dir dovecot_var_run_t)
- (typetransition dovecot_t var_run_t file dovecot_var_run_t)
- (allow dovecot_t dovecot_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
- (allow dovecot_t dovecot_auth_t (process (signal)))
- (allow dovecot_t dovecot_auth_exec_t (file (read getattr execute open)))
- (allow dovecot_t dovecot_auth_t (process (transition)))
- (dontaudit dovecot_t dovecot_auth_t (process (noatsecure siginh rlimitinh)))
- (typetransition dovecot_t dovecot_auth_exec_t process dovecot_auth_t)
- (allow dovecot_auth_t dovecot_t (fd (use)))
- (allow dovecot_auth_t dovecot_t (fifo_file (ioctl read write getattr lock append open)))
- (allow dovecot_auth_t dovecot_t (process (sigchld)))
- (allow dovecot_t unlabeled_t (tcp_socket (recvfrom)))
- (allow dovecot_t unlabeled_t (udp_socket (recvfrom)))
- (allow dovecot_t unlabeled_t (rawip_socket (recvfrom)))
- (allow dovecot_t unlabeled_t (peer (recv)))
- (allow dovecot_t unlabeled_t (association (sendto recvfrom)))
- (allow dovecot_t netlabel_peer_t (peer (recv)))
- (allow dovecot_t netlabel_peer_t (tcp_socket (recvfrom)))
- (allow dovecot_t netlabel_peer_t (udp_socket (recvfrom)))
- (allow dovecot_t netlabel_peer_t (rawip_socket (recvfrom)))
- (allow dovecot_t netif_t (netif (tcp_recv tcp_send ingress egress)))
- (allow dovecot_t node_t (node (tcp_recv tcp_send recvfrom sendto)))
- (allow dovecot_t port_type (tcp_socket (recv_msg send_msg)))
- (allow dovecot_t node_t (tcp_socket (node_bind)))
- (allow dovecot_t mail_server_packet_t (packet (send)))
- (allow dovecot_t mail_server_packet_t (packet (recv)))
- (allow dovecot_t mail_port_t (tcp_socket (name_bind)))
- (allow dovecot_t pop_server_packet_t (packet (send)))
- (allow dovecot_t pop_server_packet_t (packet (recv)))
- (allow dovecot_t pop_port_t (tcp_socket (name_bind)))
- (allow dovecot_t self (capability (net_bind_service)))
- (allow dovecot_t sieve_server_packet_t (packet (send)))
- (allow dovecot_t sieve_server_packet_t (packet (recv)))
- (allow dovecot_t sieve_port_t (tcp_socket (name_bind)))
- (allow dovecot_t client_packet_type (packet (send)))
- (allow dovecot_t client_packet_type (packet (recv)))
- (allow dovecot_t port_type (tcp_socket (name_connect)))
- (allow dovecot_t postgresql_port_t (tcp_socket (name_connect)))
- (allow dovecot_t privfd (fd (use)))
- (allow dovecot_t var_lib_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_lib_t (dir (getattr search open)))
- (allow dovecot_t var_lib_t (file (ioctl read getattr lock open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_t (lnk_file (read getattr)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_spool_t (dir (getattr search open)))
- (dontaudit dovecot_t default_t (dir (ioctl read getattr lock search open)))
- (dontaudit dovecot_t file_type (dir (getattr search open)))
- (allow dovecot_t mountpoint (dir (getattr search open)))
- (allow dovecot_t filesystem_type (filesystem (getattr)))
- (allow dovecot_t file_type (filesystem (getattr)))
- (allow dovecot_t filesystem_type (dir (getattr)))
- (allow dovecot_t autofs_t (dir (getattr search open)))
- (allow dovecot_t inotifyfs_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t initrc_var_run_t (file (getattr)))
- (allow dovecot_t cert_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t cert_t (dir (getattr search open)))
- (allow dovecot_t cert_t (file (ioctl read getattr lock open)))
- (allow dovecot_t cert_t (dir (getattr search open)))
- (allow dovecot_t cert_t (lnk_file (read getattr)))
- (dontaudit dovecot_t unpriv_userdomain (fd (use)))
- (allow dovecot_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
- (allow dovecot_t user_devpts_t (chr_file (ioctl read write getattr append open)))
- (allow dovecot_t device_t (dir (getattr search open)))
- (allow dovecot_t device_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t device_t (dir (getattr search open)))
- (allow dovecot_t device_t (lnk_file (read getattr)))
- (allow dovecot_t devpts_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t self (capability (chown dac_override setgid setuid ipc_lock sys_nice)))
- (allow dovecot_auth_t self (process (sigchld sigkill sigstop signull signal getsched setsched getcap setcap)))
- (allow dovecot_auth_t self (unix_stream_socket (listen accept connectto)))
- (allow dovecot_auth_t dovecot_passwd_t (dir (getattr search open)))
- (allow dovecot_auth_t dovecot_passwd_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t dovecot_auth_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_auth_t dovecot_auth_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_auth_t dovecot_auth_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_auth_t dovecot_auth_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_auth_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (typetransition dovecot_auth_t tmp_t dir dovecot_auth_tmp_t)
- (typetransition dovecot_auth_t tmp_t file dovecot_auth_tmp_t)
- (allow dovecot_auth_t dovecot_var_run_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t dovecot_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_auth_t dovecot_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_auth_t dovecot_t (unix_stream_socket (ioctl read write getattr setattr append bind connect listen accept getopt setopt shutdown connectto)))
- (allow dovecot_auth_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t usr_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t usr_t (dir (getattr search open)))
- (allow dovecot_auth_t usr_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t usr_t (dir (getattr search open)))
- (allow dovecot_auth_t usr_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_lib_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_lib_t (dir (getattr search open)))
- (allow dovecot_auth_t var_lib_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t auth_cache_t (dir (getattr search open)))
- (allow dovecot_auth_t bin_t (dir (getattr search open)))
- (allow dovecot_auth_t bin_t (dir (getattr search open)))
- (allow dovecot_auth_t chkpwd_exec_t (file (read getattr execute open)))
- (allow dovecot_auth_t chkpwd_t (process (transition)))
- (dontaudit dovecot_auth_t chkpwd_t (process (noatsecure siginh rlimitinh)))
- (typetransition dovecot_auth_t chkpwd_exec_t process chkpwd_t)
- (allow chkpwd_t dovecot_auth_t (fd (use)))
- (allow chkpwd_t dovecot_auth_t (fifo_file (ioctl read write getattr lock append open)))
- (allow chkpwd_t dovecot_auth_t (process (sigchld)))
- (dontaudit dovecot_auth_t shadow_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t device_t (dir (getattr search open)))
- (allow dovecot_auth_t random_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_auth_t device_t (dir (getattr search open)))
- (allow dovecot_auth_t urandom_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_log_t (dir (getattr search open)))
- (allow dovecot_auth_t faillog_t (file (ioctl read write getattr lock append open)))
- (allow dovecot_auth_t self (capability (audit_write)))
- (allow dovecot_auth_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
- (allow dovecot_auth_t cert_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t cert_t (dir (getattr search open)))
- (allow dovecot_auth_t cert_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t cert_t (dir (getattr search open)))
- (allow dovecot_auth_t cert_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_run_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t initrc_var_run_t (file (ioctl read write getattr lock append open)))
- (allow dovecot_auth_t self (capability (audit_write)))
- (allow dovecot_auth_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
- (dontaudit dovecot_auth_t selinux_config_t (dir (getattr search open)))
- (allow dovecot_auth_t self (tcp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- (allow dovecot_auth_t unlabeled_t (tcp_socket (recvfrom)))
- (allow dovecot_auth_t unlabeled_t (udp_socket (recvfrom)))
- (allow dovecot_auth_t unlabeled_t (rawip_socket (recvfrom)))
- (allow dovecot_auth_t unlabeled_t (peer (recv)))
- (allow dovecot_auth_t unlabeled_t (association (sendto recvfrom)))
- (allow dovecot_auth_t netlabel_peer_t (peer (recv)))
- (allow dovecot_auth_t netlabel_peer_t (tcp_socket (recvfrom)))
- (allow dovecot_auth_t netlabel_peer_t (udp_socket (recvfrom)))
- (allow dovecot_auth_t netlabel_peer_t (rawip_socket (recvfrom)))
- (allow dovecot_auth_t netif_t (netif (tcp_recv tcp_send ingress egress)))
- (allow dovecot_auth_t node_t (node (tcp_recv tcp_send recvfrom sendto)))
- (allow dovecot_auth_t ldap_port_t (tcp_socket (recv_msg send_msg)))
- (allow dovecot_auth_t ldap_port_t (tcp_socket (name_connect)))
- (allow dovecot_auth_t ldap_client_packet_t (packet (send)))
- (allow dovecot_auth_t ldap_client_packet_t (packet (recv)))
- (allow dovecot_auth_t device_t (dir (getattr search open)))
- (allow dovecot_auth_t random_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_auth_t device_t (dir (getattr search open)))
- (allow dovecot_auth_t urandom_device_t (chr_file (ioctl read getattr lock open)))
- (allow dovecot_auth_t etc_t (dir (getattr search open)))
- (allow dovecot_auth_t net_conf_t (file (ioctl read getattr lock open)))
- (allow dovecot_deliver_t dovecot_cert_t (dir (getattr search open)))
- (allow dovecot_deliver_t dovecot_var_log_t (dir (getattr search open)))
- (allow dovecot_deliver_t dovecot_var_log_t (file (ioctl getattr lock append open)))
- (allow dovecot_deliver_t dovecot_deliver_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_deliver_t dovecot_deliver_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_deliver_t dovecot_deliver_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_deliver_t dovecot_deliver_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_deliver_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (typetransition dovecot_deliver_t tmp_t dir dovecot_deliver_tmp_t)
- (typetransition dovecot_deliver_t tmp_t file dovecot_deliver_tmp_t)
- (allow dovecot_deliver_t dovecot_var_run_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_deliver_t dovecot_var_run_t (file (ioctl read getattr lock open)))
- (allow dovecot_deliver_t dovecot_var_run_t (sock_file (read getattr open)))
- (allow dovecot_deliver_t dovecot_var_run_t (dir (getattr search open)))
- (allow dovecot_deliver_t dovecot_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_deliver_t dovecot_t (unix_stream_socket (connectto)))
- (allow dovecot_deliver_t dovecot_auth_t (unix_stream_socket (connectto)))
- (allow dovecot_deliver_t dovecot_deliver_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
- (allow dovecot_deliver_t dovecot_t (process (signull)))
- (allow dovecot_deliver_t filesystem_type (filesystem (getattr)))
- (allow dovecot_deliver_t file_type (filesystem (getattr)))
- (allow dovecot_deliver_t var_t (dir (getattr search open)))
- (allow dovecot_deliver_t var_log_t (dir (getattr search open)))
- (booleanif (use_samba_home_dirs)
- (true
- (allow dovecot_t cifs_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_t cifs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t cifs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t cifs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t cifs_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_deliver_t cifs_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_deliver_t cifs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_deliver_t cifs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_deliver_t cifs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_deliver_t cifs_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- )
- )
- (booleanif (use_nfs_home_dirs)
- (true
- (allow dovecot_t nfs_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_t nfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t nfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t nfs_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_deliver_t nfs_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_deliver_t nfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_deliver_t nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_deliver_t nfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_deliver_t nfs_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- )
- )
- (optional dovecot_optional_2
- (typeattributeset cil_gen_require init_t)
- (allow dovecot_t init_t (process (sigchld)))
- (allow dovecot_t init_t (process (signull)))
- (optional dovecot_optional_3
- (typeattributeset cil_gen_require rpm_t)
- (allow dovecot_t rpm_t (fd (use)))
- (allow dovecot_t rpm_t (fifo_file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_4
- (typeattributeset cil_gen_require security_t)
- (typeattributeset cil_gen_require sysfs_t)
- (dontaudit dovecot_t security_t (filesystem (getattr)))
- (dontaudit dovecot_t sysfs_t (filesystem (getattr)))
- (dontaudit dovecot_t sysfs_t (dir (getattr search open)))
- (dontaudit dovecot_t security_t (dir (getattr search open)))
- (dontaudit dovecot_t security_t (file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_5
- (typeattributeset cil_gen_require selinux_config_t)
- (dontaudit dovecot_t selinux_config_t (dir (getattr search open)))
- (dontaudit dovecot_t selinux_config_t (file (ioctl read getattr lock open)))
- (optional dovecot_optional_6
- (typeattributeset cil_gen_require nscd_t)
- (typeattributeset cil_gen_require nscd_var_run_t)
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (booleanif (nscd_use_shm)
- (true
- (allow dovecot_t nscd_var_run_t (sock_file (read getattr open)))
- (allow dovecot_t nscd_var_run_t (dir (ioctl read getattr lock search open)))
- (dontaudit dovecot_t nscd_var_run_t (file (ioctl read getattr lock open)))
- (allow dovecot_t nscd_t (unix_stream_socket (connectto)))
- (allow dovecot_t nscd_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_t nscd_var_run_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (dir (getattr search open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_t nscd_t (fd (use)))
- (allow dovecot_t nscd_t (nscd (getpwd getgrp gethost shmempwd shmemgrp shmemhost)))
- (allow dovecot_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
- )
- (false
- (allow nscd_t dovecot_t (process (getattr)))
- (allow nscd_t dovecot_t (lnk_file (read getattr)))
- (allow nscd_t dovecot_t (file (ioctl read getattr lock open)))
- (allow nscd_t dovecot_t (dir (ioctl read getattr lock search open)))
- (dontaudit dovecot_t nscd_var_run_t (file (ioctl read getattr lock open)))
- (allow dovecot_t nscd_t (unix_stream_socket (connectto)))
- (allow dovecot_t nscd_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_t nscd_var_run_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (dir (getattr search open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (lnk_file (read getattr)))
- (dontaudit dovecot_t nscd_t (nscd (shmempwd shmemgrp shmemhost getserv shmemserv)))
- (dontaudit dovecot_t nscd_t (fd (use)))
- (allow dovecot_t nscd_t (nscd (getpwd getgrp gethost)))
- (allow dovecot_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- )
- )
- )
- (optional dovecot_optional_7
- (typeattributeset cil_gen_require init_t)
- (allow dovecot_auth_t init_t (process (sigchld)))
- (allow dovecot_auth_t init_t (process (signull)))
- (optional dovecot_optional_8
- (typeattributeset cil_gen_require rpm_t)
- (allow dovecot_auth_t rpm_t (fd (use)))
- (allow dovecot_auth_t rpm_t (fifo_file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_9
- (typeattributeset cil_gen_require security_t)
- (typeattributeset cil_gen_require sysfs_t)
- (dontaudit dovecot_auth_t security_t (filesystem (getattr)))
- (dontaudit dovecot_auth_t sysfs_t (filesystem (getattr)))
- (dontaudit dovecot_auth_t sysfs_t (dir (getattr search open)))
- (dontaudit dovecot_auth_t security_t (dir (getattr search open)))
- (dontaudit dovecot_auth_t security_t (file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_10
- (typeattributeset cil_gen_require selinux_config_t)
- (dontaudit dovecot_auth_t selinux_config_t (dir (getattr search open)))
- (dontaudit dovecot_auth_t selinux_config_t (file (ioctl read getattr lock open)))
- (optional dovecot_optional_11
- (typeattributeset cil_gen_require init_t)
- (allow dovecot_deliver_t init_t (process (sigchld)))
- (allow dovecot_deliver_t init_t (process (signull)))
- (optional dovecot_optional_12
- (typeattributeset cil_gen_require rpm_t)
- (allow dovecot_deliver_t rpm_t (fd (use)))
- (allow dovecot_deliver_t rpm_t (fifo_file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_13
- (typeattributeset cil_gen_require security_t)
- (typeattributeset cil_gen_require sysfs_t)
- (dontaudit dovecot_deliver_t security_t (filesystem (getattr)))
- (dontaudit dovecot_deliver_t sysfs_t (filesystem (getattr)))
- (dontaudit dovecot_deliver_t sysfs_t (dir (getattr search open)))
- (dontaudit dovecot_deliver_t security_t (dir (getattr search open)))
- (dontaudit dovecot_deliver_t security_t (file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_14
- (typeattributeset cil_gen_require selinux_config_t)
- (dontaudit dovecot_deliver_t selinux_config_t (dir (getattr search open)))
- (dontaudit dovecot_deliver_t selinux_config_t (file (ioctl read getattr lock open)))
- (optional dovecot_optional_15
- (typeattributeset cil_gen_require security_t)
- (typeattributeset cil_gen_require sysfs_t)
- (typeattributeset cil_gen_require selinux_config_t)
- (typeattributeset cil_gen_require tmp_t)
- (typeattributeset cil_gen_require etc_t)
- (typeattributeset cil_gen_require unlabeled_t)
- (typeattributeset cil_gen_require netlabel_peer_t)
- (typeattributeset cil_gen_require netif_t)
- (typeattributeset cil_gen_require node_t)
- (typeattributeset cil_gen_require krb5_host_rcache_t)
- (typeattributeset cil_gen_require can_change_object_identity)
- (typeattributeset cil_gen_require default_context_t)
- (typeattributeset cil_gen_require file_context_t)
- (typeattributeset cil_gen_require krb5_keytab_t)
- (typeattributeset cil_gen_require krb5kdc_conf_t)
- (typeattributeset cil_gen_require krb5_conf_t)
- (typeattributeset cil_gen_require krb5_home_t)
- (typeattributeset cil_gen_require user_home_dir_t)
- (typeattributeset cil_gen_require home_root_t)
- (typeattributeset cil_gen_require kerberos_client_packet_t)
- (typeattributeset cil_gen_require kerberos_port_t)
- (typeattributeset cil_gen_require ocsp_client_packet_t)
- (typeattributeset cil_gen_require ocsp_port_t)
- (typeattributeset cil_gen_require can_change_object_identity)
- (typeattributeset can_change_object_identity (dovecot_t ))
- (allow dovecot_t etc_t (dir (getattr search open)))
- (allow dovecot_t krb5_keytab_t (file (ioctl read getattr lock open)))
- (allow dovecot_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t etc_t (dir (getattr search open)))
- (allow dovecot_t krb5_conf_t (file (ioctl read getattr lock open)))
- (allow dovecot_t user_home_dir_t (dir (getattr search open)))
- (allow dovecot_t home_root_t (dir (getattr search open)))
- (allow dovecot_t home_root_t (lnk_file (read getattr)))
- (allow dovecot_t krb5_home_t (file (ioctl read getattr lock open)))
- (dontaudit dovecot_t krb5_conf_t (file (ioctl write getattr lock append open)))
- (dontaudit dovecot_t krb5kdc_conf_t (dir (ioctl read getattr lock search open)))
- (dontaudit dovecot_t krb5kdc_conf_t (file (ioctl read write getattr lock append open)))
- (dontaudit dovecot_t self (process (setfscreate)))
- (dontaudit dovecot_t security_t (dir (ioctl read getattr lock search open)))
- (dontaudit dovecot_t security_t (file (ioctl read write getattr lock append open)))
- (dontaudit dovecot_t security_t (security (check_context)))
- (dontaudit dovecot_t selinux_config_t (dir (getattr search open)))
- (dontaudit dovecot_t default_context_t (dir (getattr search open)))
- (dontaudit dovecot_t file_context_t (dir (getattr search open)))
- (dontaudit dovecot_t file_context_t (file (ioctl read getattr lock open)))
- (typetransition dovecot_t tmp_t file "imap_0" krb5_host_rcache_t)
- (booleanif (allow_kerberos)
- (true
- (allow dovecot_t krb5_host_rcache_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t tmp_t (dir (getattr search open)))
- (allow dovecot_t file_context_t (file (ioctl read getattr lock open)))
- (allow dovecot_t file_context_t (dir (getattr search open)))
- (allow dovecot_t selinux_config_t (dir (getattr search open)))
- (allow dovecot_t default_context_t (dir (getattr search open)))
- (allow dovecot_t etc_t (dir (getattr search open)))
- (allow dovecot_t security_t (security (check_context)))
- (allow dovecot_t security_t (file (ioctl read write getattr lock append open)))
- (allow dovecot_t security_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t sysfs_t (dir (getattr search open)))
- (allow dovecot_t sysfs_t (dir (getattr search open)))
- (allow dovecot_t self (process (setfscreate)))
- (allow dovecot_t krb5_host_rcache_t (file (getattr)))
- (allow dovecot_t ocsp_port_t (tcp_socket (recv_msg send_msg)))
- (allow dovecot_t ocsp_port_t (tcp_socket (name_connect)))
- (allow dovecot_t ocsp_client_packet_t (packet (recv)))
- (allow dovecot_t ocsp_client_packet_t (packet (send)))
- (allow dovecot_t kerberos_port_t (udp_socket (recv_msg)))
- (allow dovecot_t kerberos_port_t (udp_socket (send_msg)))
- (allow dovecot_t kerberos_port_t (tcp_socket (recv_msg send_msg)))
- (allow dovecot_t kerberos_port_t (tcp_socket (name_connect)))
- (allow dovecot_t kerberos_client_packet_t (packet (recv)))
- (allow dovecot_t kerberos_client_packet_t (packet (send)))
- (allow dovecot_t node_t (node (udp_recv recvfrom)))
- (allow dovecot_t node_t (node (udp_send sendto)))
- (allow dovecot_t node_t (node (tcp_recv tcp_send recvfrom sendto)))
- (allow dovecot_t netif_t (netif (udp_recv ingress)))
- (allow dovecot_t netif_t (netif (udp_send egress)))
- (allow dovecot_t netif_t (netif (tcp_recv tcp_send ingress egress)))
- (allow dovecot_t netlabel_peer_t (tcp_socket (recvfrom)))
- (allow dovecot_t netlabel_peer_t (udp_socket (recvfrom)))
- (allow dovecot_t netlabel_peer_t (rawip_socket (recvfrom)))
- (allow dovecot_t netlabel_peer_t (peer (recv)))
- (allow dovecot_t unlabeled_t (association (sendto recvfrom)))
- (allow dovecot_t unlabeled_t (peer (recv)))
- (allow dovecot_t unlabeled_t (rawip_socket (recvfrom)))
- (allow dovecot_t unlabeled_t (udp_socket (recvfrom)))
- (allow dovecot_t unlabeled_t (tcp_socket (recvfrom)))
- (allow dovecot_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- (allow dovecot_t self (tcp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- )
- )
- (optional dovecot_optional_16
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (typeattributeset cil_gen_require pcscd_t)
- (typeattributeset cil_gen_require pcscd_var_run_t)
- (booleanif (allow_kerberos)
- (true
- (allow dovecot_t pcscd_t (unix_stream_socket (connectto)))
- (allow dovecot_t pcscd_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_t pcscd_var_run_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (dir (getattr search open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (lnk_file (read getattr)))
- )
- )
- )
- (optional dovecot_optional_17
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_lib_t)
- (typeattributeset cil_gen_require sssd_public_t)
- (typeattributeset cil_gen_require sssd_var_lib_t)
- (allow dovecot_t sssd_var_lib_t (dir (getattr search open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_lib_t (dir (getattr search open)))
- (allow dovecot_t sssd_public_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t sssd_public_t (dir (getattr search open)))
- (allow dovecot_t sssd_public_t (file (ioctl read getattr lock open)))
- )
- )
- (optional dovecot_optional_18
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_spool_t)
- (typeattributeset cil_gen_require user_home_dir_t)
- (typeattributeset cil_gen_require home_root_t)
- (typeattributeset cil_gen_require mail_spool_t)
- (typeattributeset cil_gen_require mail_home_rw_t)
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_spool_t (dir (getattr search open)))
- (allow dovecot_t mail_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t mail_spool_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_t mail_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t mail_spool_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t mail_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t mail_spool_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_t user_home_dir_t (dir (getattr search open)))
- (allow dovecot_t home_root_t (dir (getattr search open)))
- (allow dovecot_t home_root_t (lnk_file (read getattr)))
- (allow dovecot_t mail_home_rw_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t mail_home_rw_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
- (allow dovecot_t mail_home_rw_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t mail_home_rw_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t mail_home_rw_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t mail_home_rw_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
- (allow dovecot_t user_home_dir_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t home_root_t (dir (getattr search open)))
- (allow dovecot_t home_root_t (lnk_file (read getattr)))
- (allow dovecot_t user_home_dir_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t home_root_t (dir (getattr search open)))
- (allow dovecot_t home_root_t (lnk_file (read getattr)))
- (typetransition dovecot_t user_home_dir_t dir ".maildir" mail_home_rw_t)
- (typetransition dovecot_t user_home_dir_t dir "Maildir" mail_home_rw_t)
- )
- (optional dovecot_optional_19
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (typeattributeset cil_gen_require tmp_t)
- (typeattributeset cil_gen_require postgresql_t)
- (typeattributeset cil_gen_require postgresql_var_run_t)
- (typeattributeset cil_gen_require postgresql_tmp_t)
- (allow dovecot_t postgresql_var_run_t (dir (getattr search open)))
- (allow dovecot_t postgresql_tmp_t (dir (getattr search open)))
- (allow dovecot_t postgresql_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_t postgresql_tmp_t (sock_file (write getattr append open)))
- (allow dovecot_t postgresql_t (unix_stream_socket (connectto)))
- (allow dovecot_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_run_t (dir (getattr search open)))
- (allow dovecot_t tmp_t (dir (getattr search open)))
- )
- (optional dovecot_optional_20
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_spool_t)
- (typeattributeset cil_gen_require postfix_private_t)
- (typeattributeset cil_gen_require postfix_spool_t)
- (allow dovecot_t postfix_private_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_t postfix_private_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_spool_t (dir (getattr search open)))
- (allow dovecot_t postfix_spool_t (dir (getattr search open)))
- )
- (optional dovecot_optional_21
- (typeattributeset cil_gen_require bin_t)
- (typeattributeset cil_gen_require sendmail_t)
- (typeattributeset cil_gen_require sendmail_exec_t)
- (allow dovecot_t bin_t (dir (getattr search open)))
- (allow dovecot_t bin_t (dir (getattr search open)))
- (allow dovecot_t bin_t (dir (getattr search open)))
- (allow dovecot_t bin_t (dir (getattr search open)))
- (allow dovecot_t sendmail_exec_t (file (read getattr execute open)))
- (allow dovecot_t sendmail_t (process (transition)))
- (dontaudit dovecot_t sendmail_t (process (noatsecure siginh rlimitinh)))
- (typetransition dovecot_t sendmail_exec_t process sendmail_t)
- (allow dovecot_t sendmail_exec_t (lnk_file (read getattr)))
- (allow sendmail_t dovecot_t (fd (use)))
- (allow sendmail_t dovecot_t (fifo_file (ioctl read write getattr lock append open)))
- (allow sendmail_t dovecot_t (process (sigchld)))
- )
- (optional dovecot_optional_22
- (typeattributeset cil_gen_require newrole_t)
- (allow dovecot_t newrole_t (process (sigchld)))
- )
- (optional dovecot_optional_23
- (typeattributeset cil_gen_require squid_cache_t)
- (dontaudit dovecot_t squid_cache_t (dir (getattr search open)))
- )
- (optional dovecot_optional_24
- (typeattributeset cil_gen_require device_t)
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require etc_t)
- (typeattributeset cil_gen_require var_lib_t)
- (typeattributeset cil_gen_require udev_tbl_t)
- (typeattributeset cil_gen_require udev_var_run_t)
- (allow dovecot_t udev_tbl_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t udev_tbl_t (dir (getattr search open)))
- (allow dovecot_t udev_tbl_t (file (ioctl read getattr lock open)))
- (allow dovecot_t udev_tbl_t (dir (getattr search open)))
- (allow dovecot_t udev_tbl_t (lnk_file (read getattr)))
- (allow dovecot_t device_t (dir (getattr search open)))
- (allow dovecot_t device_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_t device_t (dir (getattr search open)))
- (allow dovecot_t device_t (lnk_file (read getattr)))
- (allow dovecot_t etc_t (dir (getattr search open)))
- (allow dovecot_t var_t (dir (getattr search open)))
- (allow dovecot_t var_lib_t (dir (getattr search open)))
- (allow dovecot_t udev_var_run_t (dir (getattr search open)))
- (allow dovecot_t udev_var_run_t (dir (getattr search open)))
- )
- (optional dovecot_optional_25
- (typeattributeset cil_gen_require etc_t)
- (typeattributeset cil_gen_require krb5_keytab_t)
- (allow dovecot_auth_t etc_t (dir (getattr search open)))
- (allow dovecot_auth_t krb5_keytab_t (file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_26
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (typeattributeset cil_gen_require pcscd_t)
- (typeattributeset cil_gen_require pcscd_var_run_t)
- (allow dovecot_auth_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t pcscd_var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t pcscd_var_run_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t pcscd_var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t pcscd_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_auth_t pcscd_t (unix_stream_socket (connectto)))
- )
- (optional dovecot_optional_27
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (typeattributeset cil_gen_require samba_var_t)
- (typeattributeset cil_gen_require winbind_t)
- (typeattributeset cil_gen_require winbind_var_run_t)
- (typeattributeset cil_gen_require smbd_var_run_t)
- (allow dovecot_auth_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t samba_var_t (dir (getattr search open)))
- (allow dovecot_auth_t winbind_var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t smbd_var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t winbind_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_auth_t winbind_t (unix_stream_socket (connectto)))
- )
- (optional dovecot_optional_28
- (typeattributeset cil_gen_require tmp_t)
- (typeattributeset cil_gen_require user_tmp_t)
- (allow dovecot_auth_t user_tmp_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t tmp_t (dir (getattr search open)))
- (allow dovecot_auth_t user_tmp_t (dir (getattr search open)))
- (allow dovecot_auth_t user_tmp_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t user_tmp_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t tmp_t (dir (getattr search open)))
- (allow dovecot_auth_t user_tmp_t (dir (getattr search open)))
- (allow dovecot_auth_t user_tmp_t (lnk_file (read getattr)))
- (allow dovecot_auth_t user_tmp_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t tmp_t (dir (getattr search open)))
- )
- (optional dovecot_optional_29
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_run_t)
- (typeattributeset cil_gen_require etc_t)
- (typeattributeset cil_gen_require netlabel_peer_t)
- (typeattributeset cil_gen_require mysqld_t)
- (typeattributeset cil_gen_require mysqld_var_run_t)
- (typeattributeset cil_gen_require mysqld_db_t)
- (typeattributeset cil_gen_require mysqld_etc_t)
- (typeattributeset cil_gen_require mysqld_port_t)
- (typeattributeset cil_gen_require mysqld_client_packet_t)
- (allow dovecot_auth_t var_run_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t mysqld_var_run_t (dir (getattr search open)))
- (allow dovecot_auth_t mysqld_db_t (dir (getattr search open)))
- (allow dovecot_auth_t mysqld_var_run_t (sock_file (write getattr append open)))
- (allow dovecot_auth_t mysqld_t (unix_stream_socket (connectto)))
- (allow dovecot_auth_t etc_t (dir (getattr search open)))
- (allow dovecot_auth_t mysqld_etc_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t mysqld_etc_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t mysqld_etc_t (lnk_file (read getattr)))
- (allow dovecot_auth_t self (association (sendto)))
- (allow mysqld_t self (association (sendto)))
- (allow dovecot_auth_t mysqld_t (tcp_socket (recvfrom)))
- (allow dovecot_auth_t mysqld_t (association (recvfrom)))
- (allow mysqld_t dovecot_auth_t (tcp_socket (recvfrom)))
- (allow mysqld_t dovecot_auth_t (association (recvfrom)))
- (allow dovecot_auth_t mysqld_t (peer (recv)))
- (allow mysqld_t dovecot_auth_t (peer (recv)))
- (allow dovecot_auth_t netlabel_peer_t (peer (recv)))
- (allow dovecot_auth_t netlabel_peer_t (tcp_socket (recvfrom)))
- (allow mysqld_t netlabel_peer_t (peer (recv)))
- (allow mysqld_t netlabel_peer_t (tcp_socket (recvfrom)))
- (allow dovecot_auth_t mysqld_port_t (tcp_socket (recv_msg send_msg)))
- (allow dovecot_auth_t mysqld_port_t (tcp_socket (name_connect)))
- (allow dovecot_auth_t mysqld_client_packet_t (packet (send)))
- (allow dovecot_auth_t mysqld_client_packet_t (packet (recv)))
- )
- (optional dovecot_optional_30
- (typeattributeset cil_gen_require etc_t)
- (typeattributeset cil_gen_require unlabeled_t)
- (typeattributeset cil_gen_require netlabel_peer_t)
- (typeattributeset cil_gen_require netif_t)
- (typeattributeset cil_gen_require node_t)
- (typeattributeset cil_gen_require port_type)
- (typeattributeset cil_gen_require net_conf_t)
- (typeattributeset cil_gen_require var_yp_t)
- (typeattributeset cil_gen_require port_t)
- (typeattributeset cil_gen_require defined_port_type)
- (typeattributeset cil_gen_require reserved_port_type)
- (typeattributeset cil_gen_require portmap_port_t)
- (typeattributeset cil_gen_require reserved_port_t)
- (typeattributeset cil_gen_require portmap_client_packet_t)
- (typeattributeset cil_gen_require client_packet_t)
- (typeattributeset cil_gen_require server_packet_t)
- (typeattributeset cil_gen_require rpc_port_type)
- (booleanif (allow_ypbind)
- (true
- (allow dovecot_auth_t self (capability (net_bind_service)))
- (allow dovecot_auth_t rpc_port_type (udp_socket (name_bind)))
- (allow dovecot_auth_t self (capability (net_bind_service)))
- (allow dovecot_auth_t rpc_port_type (tcp_socket (name_bind)))
- (allow dovecot_auth_t net_conf_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t etc_t (dir (getattr search open)))
- (allow dovecot_auth_t server_packet_t (packet (recv)))
- (allow dovecot_auth_t server_packet_t (packet (send)))
- (allow dovecot_auth_t client_packet_t (packet (recv)))
- (allow dovecot_auth_t client_packet_t (packet (send)))
- (allow dovecot_auth_t portmap_client_packet_t (packet (recv)))
- (allow dovecot_auth_t portmap_client_packet_t (packet (send)))
- (dontaudit dovecot_auth_t port_type (tcp_socket (name_connect)))
- (allow dovecot_auth_t port_t (tcp_socket (name_connect)))
- (allow dovecot_auth_t reserved_port_t (tcp_socket (name_connect)))
- (allow dovecot_auth_t portmap_port_t (tcp_socket (name_connect)))
- (dontaudit dovecot_auth_t port_type (udp_socket (name_bind)))
- (dontaudit dovecot_auth_t port_type (tcp_socket (name_bind)))
- (dontaudit dovecot_auth_t reserved_port_type (udp_socket (name_bind)))
- (dontaudit dovecot_auth_t reserved_port_type (tcp_socket (name_bind)))
- (dontaudit dovecot_auth_t defined_port_type (udp_socket (name_bind)))
- (allow dovecot_auth_t port_t (udp_socket (name_bind)))
- (dontaudit dovecot_auth_t defined_port_type (tcp_socket (name_bind)))
- (allow dovecot_auth_t port_t (tcp_socket (name_bind)))
- (allow dovecot_auth_t node_t (udp_socket (node_bind)))
- (allow dovecot_auth_t node_t (tcp_socket (node_bind)))
- (allow dovecot_auth_t port_type (udp_socket (recv_msg)))
- (allow dovecot_auth_t port_type (udp_socket (send_msg)))
- (allow dovecot_auth_t port_type (tcp_socket (recv_msg send_msg)))
- (allow dovecot_auth_t node_t (node (udp_recv recvfrom)))
- (allow dovecot_auth_t node_t (node (udp_send sendto)))
- (allow dovecot_auth_t node_t (node (tcp_recv tcp_send recvfrom sendto)))
- (allow dovecot_auth_t netif_t (netif (udp_recv ingress)))
- (allow dovecot_auth_t netif_t (netif (udp_send egress)))
- (allow dovecot_auth_t netif_t (netif (tcp_recv tcp_send ingress egress)))
- (allow dovecot_auth_t netlabel_peer_t (tcp_socket (recvfrom)))
- (allow dovecot_auth_t netlabel_peer_t (udp_socket (recvfrom)))
- (allow dovecot_auth_t netlabel_peer_t (rawip_socket (recvfrom)))
- (allow dovecot_auth_t netlabel_peer_t (peer (recv)))
- (allow dovecot_auth_t unlabeled_t (association (sendto recvfrom)))
- (allow dovecot_auth_t unlabeled_t (peer (recv)))
- (allow dovecot_auth_t unlabeled_t (rawip_socket (recvfrom)))
- (allow dovecot_auth_t unlabeled_t (udp_socket (recvfrom)))
- (allow dovecot_auth_t unlabeled_t (tcp_socket (recvfrom)))
- (allow dovecot_auth_t var_yp_t (lnk_file (read getattr)))
- (allow dovecot_auth_t var_yp_t (file (ioctl read getattr lock open)))
- (allow dovecot_auth_t var_yp_t (dir (ioctl read getattr lock search open)))
- (allow dovecot_auth_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
- (allow dovecot_auth_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
- (allow dovecot_auth_t self (capability (net_bind_service)))
- )
- )
- )
- (optional dovecot_optional_31
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_spool_t)
- (typeattributeset cil_gen_require postfix_private_t)
- (typeattributeset cil_gen_require postfix_spool_t)
- (allow dovecot_auth_t postfix_private_t (dir (ioctl read write getattr lock add_name remove_name search open)))
- (allow dovecot_auth_t postfix_private_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
- (allow dovecot_auth_t var_t (dir (getattr search open)))
- (allow dovecot_auth_t var_spool_t (dir (getattr search open)))
- (allow dovecot_auth_t postfix_spool_t (dir (getattr search open)))
- )
- (optional dovecot_optional_32
- (typeattributeset cil_gen_require var_t)
- (typeattributeset cil_gen_require var_spool_t)
- (typeattributeset cil_gen_require mailserver_delivery)
- (typeattributeset cil_gen_require mqueue_spool_t)
- (typeattributeset cil_gen_require mailserver_delivery)
- (typeattributeset mailserver_delivery (dovecot_deliver_t ))
- (allow dovecot_deliver_t var_t (dir (getattr search open)))
- (allow dovecot_deliver_t var_spool_t (dir (getattr search open)))
- (allow dovecot_deliver_t mqueue_spool_t (dir (getattr search open)))
- (allow dovecot_deliver_t mqueue_spool_t (file (ioctl read getattr lock open)))
- )
- (optional dovecot_optional_33
- (typeattributeset cil_gen_require postfix_master_t)
- (allow dovecot_deliver_t postfix_master_t (fd (use)))
- )
- (optional dovecot_optional_34
- (typeattributeset cil_gen_require bin_t)
- (typeattributeset cil_gen_require sendmail_t)
- (typeattributeset cil_gen_require sendmail_exec_t)
- (allow dovecot_deliver_t bin_t (dir (getattr search open)))
- (allow dovecot_deliver_t bin_t (dir (getattr search open)))
- (allow dovecot_deliver_t bin_t (dir (getattr search open)))
- (allow dovecot_deliver_t bin_t (dir (getattr search open)))
- (allow dovecot_deliver_t sendmail_exec_t (file (read getattr execute open)))
- (allow dovecot_deliver_t sendmail_t (process (transition)))
- (dontaudit dovecot_deliver_t sendmail_t (process (noatsecure siginh rlimitinh)))
- (typetransition dovecot_deliver_t sendmail_exec_t process sendmail_t)
- (allow dovecot_deliver_t sendmail_exec_t (lnk_file (read getattr)))
- (allow sendmail_t dovecot_deliver_t (fd (use)))
- (allow sendmail_t dovecot_deliver_t (fifo_file (ioctl read write getattr lock append open)))
- (allow sendmail_t dovecot_deliver_t (process (sigchld)))
- )
- )
- )
- )
- )
- )
- )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement