mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-06 17:31:01 +01:00
85c01a56e6
Exceptions are - ubuntu-browsers (because we already have ubuntu-browsers.d with different usage) - ubuntu-helpers (which includes the sanitized_helper subprofile, so adding something in the global area wouldn't make much sense) Also adjust abstractions/postfix-common to use the style all abstractions use.
40 lines
1.2 KiB
Text
40 lines
1.2 KiB
Text
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2002-2005 Novell/SUSE
|
|
# Copyright (C) 2015-2018 Canonical, Ltd.
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
# used with postfix/*
|
|
|
|
|
|
capability setuid,
|
|
capability setgid,
|
|
capability sys_chroot,
|
|
|
|
# postfix's master can send us signals
|
|
signal receive peer=postfix-master,
|
|
|
|
unix (send, receive) peer=(label=postfix-master),
|
|
|
|
/etc/mailname r,
|
|
/etc/postfix/*.cf r,
|
|
/etc/postfix/*.db rk,
|
|
@{PROC}/net/if_inet6 r,
|
|
/usr/lib/postfix/*.so mr,
|
|
/usr/lib{,32,64}/sasl2/* mr,
|
|
/usr/lib{,32,64}/sasl2/ r,
|
|
/usr/lib/@{multiarch}/sasl2/* mr,
|
|
/usr/lib/@{multiarch}/sasl2/ r,
|
|
|
|
/var/spool/postfix/etc/* r,
|
|
/var/spool/postfix/lib/lib*.so* mr,
|
|
/var/spool/postfix/lib/@{multiarch}/lib*.so* mr,
|
|
|
|
/etc/postfix/dynamicmaps.cf.d/ r,
|
|
|
|
# Include additions to the abstraction
|
|
#include if exists <abstractions/postfix-common.d>
|