mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 16:35:02 +01:00
70926b5d55
This commit adds a dovecot-common abstraction, as well as adjusting the profiles for dovecot's helper binaries to make use of it. The important addition is the ability for the dovecot master process to send signals to the helpers. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Seth Arnold <seth.arnold@canonical.com>
37 lines
1.1 KiB
Text
37 lines
1.1 KiB
Text
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2009 Dulmandakh Sukhbaatar <dulmandakh@gmail.com>
|
|
# Copyright (C) 2009-2014 Canonical Ltd.
|
|
# Copyright (C) 2011-2013 Christian Boltz
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
# vim: ft=apparmor
|
|
|
|
#include <tunables/global>
|
|
#include <tunables/dovecot>
|
|
|
|
/usr/lib/dovecot/deliver {
|
|
#include <abstractions/base>
|
|
#include <abstractions/nameservice>
|
|
#include <abstractions/dovecot-common>
|
|
|
|
capability setuid,
|
|
|
|
@{DOVECOT_MAILSTORE}/ rw,
|
|
@{DOVECOT_MAILSTORE}/** rwkl,
|
|
|
|
# http://www.postfix.org/SASL_README.html#server_dovecot
|
|
/etc/dovecot/dovecot.conf r,
|
|
/etc/dovecot/{auth,conf}.d/*.conf r,
|
|
/etc/dovecot/dovecot-postfix.conf r, # ???
|
|
|
|
@{HOME} r, # ???
|
|
/usr/lib/dovecot/deliver mr,
|
|
|
|
# Site-specific additions and overrides. See local/README for details.
|
|
#include <local/usr.lib.dovecot.deliver>
|
|
}
|