[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/services/

Wed, 30 Mar 2022 20:31:43 -0700 

commit:     96b25ec181556bbae727bb32714c6d4438f6ce67
Author:     Russell Coker <russell <AT> coker <DOT> com <DOT> au>
AuthorDate: Thu Feb 17 14:47:40 2022 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Mar 31 02:40:53 2022 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=96b25ec1

init dbus patch for GetDynamicUsers with systemd_use_nss() V2

Same as before but moved to the top of my patch list so it will apply to the
git policy.

Should be ready to merge now.

Signed-off-by: Russell Coker <russell <AT> coker.com.au>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 policy/modules/services/dictd.te   |  3 +++
 policy/modules/services/postfix.te | 18 ++++++++++--------
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/policy/modules/services/dictd.te b/policy/modules/services/dictd.te
index a6bc5336..a286f7de 100644
--- a/policy/modules/services/dictd.te
+++ b/policy/modules/services/dictd.te
@@ -79,3 +79,6 @@ optional_policy(`
        seutil_sigchld_newrole(dictd_t)
 ')
 
+ifdef(`init_systemd',`
+       systemd_use_nss(dictd_t)
+')

diff --git a/policy/modules/services/postfix.te 
b/policy/modules/services/postfix.te
index 5c324bc7..0f865b00 100644
--- a/policy/modules/services/postfix.te
+++ b/policy/modules/services/postfix.te
@@ -374,11 +374,7 @@ manage_files_pattern(postfix_bounce_t, 
postfix_spool_bounce_t, postfix_spool_bou
 manage_lnk_files_pattern(postfix_bounce_t, postfix_spool_bounce_t, 
postfix_spool_bounce_t)
 
 optional_policy(`
-       init_dbus_chat(postfix_bounce_t)
-')
-
-optional_policy(`
-       dbus_system_bus_client(postfix_bounce_t)
+       systemd_use_nss(postfix_bounce_t)
 ')
 
 ########################################
@@ -765,6 +761,10 @@ optional_policy(`
        cyrus_stream_connect(postfix_smtp_t)
 ')
 
+optional_policy(`
+       systemd_use_nss(postfix_smtp_t)
+')
+
 optional_policy(`
        dovecot_stream_connect(postfix_smtp_t)
 ')
@@ -773,6 +773,10 @@ optional_policy(`
        milter_stream_connect_all(postfix_smtp_t)
 ')
 
+optional_policy(`
+       systemd_use_nss(postfix_showq_t)
+')
+
 ########################################
 #
 # Smtpd local policy
@@ -803,9 +807,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-       dbus_send_system_bus(postfix_smtp_t)
-       dbus_system_bus_client(postfix_smtp_t)
-       init_dbus_chat(postfix_smtp_t)
+       systemd_use_nss(postfix_smtpd_t)
 ')
 
 optional_policy(`

Reply via email to