apparmor/profiles/extras/usr.sbin.postdrop

# $Id$
# ------------------------------------------------------------------
#
#    Copyright (C) 2002-2005 Novell/SUSE
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
# vim:syntax=apparmor

#include <tunables/global>

/usr/sbin/postdrop {
  #include <abstractions/base>
  #include <abstractions/kerberosclient>
  #include <abstractions/nameservice>
  #include <program-chunks/postfix-common>

  # This is needed at least for permissions=paranoid
  capability dac_override,
  capability dac_read_search,

  /etc/postfix r,
  /etc/postfix/main.cf r,
  /etc/postfix/postfix-script mixr,
  /proc/net/if_inet6 r,
  /usr/sbin/postdrop rmix,
  /var/spool/postfix r,
  /var/spool/postfix/maildrop r,
  /var/spool/postfix/maildrop/* rwl,
  /var/spool/postfix/pid r,
  /var/spool/postfix/public/pickup w,
}
Update svn:keywords properties. Fix makefile to find new common/ location. 2006-04-12 20:35:41 +00:00			`# $Id$`
Import the rest of the core functionality of the internal apparmor development tree (trunk branch). From svn repo version 6381. 2006-04-11 21:52:54 +00:00			`# ------------------------------------------------------------------`
			`#`
			`# Copyright (C) 2002-2005 Novell/SUSE`
			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of version 2 of the GNU General Public`
			`# License published by the Free Software Foundation.`
			`#`
			`# ------------------------------------------------------------------`
			`# vim:syntax=apparmor`

			`#include <tunables/global>`

			`/usr/sbin/postdrop {`
			`#include <abstractions/base>`
			`#include <abstractions/kerberosclient>`
			`#include <abstractions/nameservice>`
			`#include <program-chunks/postfix-common>`

postfix permissions=paranoid fixes from Volker Kuhlmann 2007-01-03 07:29:28 +00:00			`# This is needed at least for permissions=paranoid`
			`capability dac_override,`
			`capability dac_read_search,`

Import the rest of the core functionality of the internal apparmor development tree (trunk branch). From svn repo version 6381. 2006-04-11 21:52:54 +00:00			`/etc/postfix r,`
			`/etc/postfix/main.cf r,`
r3527@dhcp-81: root \| 2006-08-02 15:33:07 -0700 Fix up the m, U, and P stuff, and other misc fixes 2006-08-04 18:13:59 +00:00			`/etc/postfix/postfix-script mixr,`
Import the rest of the core functionality of the internal apparmor development tree (trunk branch). From svn repo version 6381. 2006-04-11 21:52:54 +00:00			`/proc/net/if_inet6 r,`
r3527@dhcp-81: root \| 2006-08-02 15:33:07 -0700 Fix up the m, U, and P stuff, and other misc fixes 2006-08-04 18:13:59 +00:00			`/usr/sbin/postdrop rmix,`
Import the rest of the core functionality of the internal apparmor development tree (trunk branch). From svn repo version 6381. 2006-04-11 21:52:54 +00:00			`/var/spool/postfix r,`
			`/var/spool/postfix/maildrop r,`
			`/var/spool/postfix/maildrop/* rwl,`
			`/var/spool/postfix/pid r,`
			`/var/spool/postfix/public/pickup w,`
			`}`