mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-09 02:41:03 +01:00
727f3948ec
Darix' guess is that this is needed by libpq because he uses a postgresql database with dovecot and has ssl enabled in postgresql. Acked-by: Seth Arnold <seth.arnold@canonical.com> for trunk and 2.9
44 lines
1.2 KiB
Text
44 lines
1.2 KiB
Text
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2013 Christian Boltz
|
|
# Copyright (C) 2014 Christian Wittmer
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
# vim: ft=apparmor
|
|
|
|
#include <tunables/global>
|
|
|
|
/usr/lib/dovecot/auth {
|
|
#include <abstractions/authentication>
|
|
#include <abstractions/base>
|
|
#include <abstractions/mysql>
|
|
#include <abstractions/nameservice>
|
|
#include <abstractions/openssl>
|
|
#include <abstractions/wutmp>
|
|
#include <abstractions/dovecot-common>
|
|
|
|
capability audit_write,
|
|
capability setuid,
|
|
|
|
/etc/my.cnf r,
|
|
/etc/my.cnf.d/ r,
|
|
/etc/my.cnf.d/*.cnf r,
|
|
|
|
/etc/dovecot/* r,
|
|
/usr/lib/dovecot/auth mr,
|
|
|
|
# kerberos replay cache
|
|
/var/tmp/imap_* rw,
|
|
/var/tmp/pop_* rw,
|
|
/var/tmp/sieve_* rw,
|
|
/var/tmp/smtp_* rw,
|
|
|
|
/{var/,}run/dovecot/auth-token-secret.dat{,.tmp} rw,
|
|
|
|
# Site-specific additions and overrides. See local/README for details.
|
|
#include <local/usr.lib.dovecot.auth>
|
|
}
|