commit: e91a62ad6b10e91e8723c5fc3600842758710bd4 Author: Kenton Groombridge <me <AT> concord <DOT> sh> AuthorDate: Tue Nov 9 16:00:29 2021 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Thu Nov 11 21:26:50 2021 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e91a62ad
spamassassin: fix file contexts for rspamd symlinks rspamd installs symlinks to /usr/bin that point to the real rspam* binaries. Make these files bin_t so that other programs can read them without any additional access needed. Signed-off-by: Kenton Groombridge <me <AT> concord.sh> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/services/spamassassin.fc | 3 --- 1 file changed, 3 deletions(-) diff --git a/policy/modules/services/spamassassin.fc b/policy/modules/services/spamassassin.fc index e42f44fa..9229ad2f 100644 --- a/policy/modules/services/spamassassin.fc +++ b/policy/modules/services/spamassassin.fc @@ -16,11 +16,8 @@ HOME_DIR/\.spamd(/.*)? gen_context(system_u:object_r:spamd_home_t,s0) /usr/bin/spamd -- gen_context(system_u:object_r:spamd_exec_t,s0) /usr/bin/spampd -- gen_context(system_u:object_r:spamd_exec_t,s0) /usr/bin/sa-update -- gen_context(system_u:object_r:spamd_update_exec_t,s0) -/usr/bin/rspamd -l gen_context(system_u:object_r:spamd_exec_t,s0) /usr/bin/rspamd-[^/]+ -- gen_context(system_u:object_r:spamd_exec_t,s0) -/usr/bin/rspamc -l gen_context(system_u:object_r:spamc_exec_t,s0) /usr/bin/rspamc-[^/]+ -- gen_context(system_u:object_r:spamc_exec_t,s0) -/usr/bin/rspamadm -l gen_context(system_u:object_r:spamc_exec_t,s0) /usr/bin/rspamadm-[^/]+ -- gen_context(system_u:object_r:spamc_exec_t,s0) /usr/sbin/spamd -- gen_context(system_u:object_r:spamd_exec_t,s0)
