| Summary: | Merge dkim policy with upstream | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Paul Howarth <paul> | ||||
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | amessina, dominick.grift, dwalsh, mgrepl, stevejenkins | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-07-23 10:10:59 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
All of my opendkim patches have now been merged upstream. In addition to the current dkim module, upstream commits a108d9db60747a887f626b99cce37738462dd3cd and d27a504b0e5f6cb14cec63e4951ce2d1fb39d512 for corenetwork are needed to add milter_port_t for inet socket support. Is there any chance of getting these changes into RHEL policy too? Has this made it to the Fedora 17 targeted policy? I'm hoping to have support for OpenDKIM as I've just installed it here as well. Thanks. Not Fedora 17, but it is in Rawhide. When I was working on this last year, there were some file ownership/permissions issues that I was hoping would be fixed upstream to avoid the need for dac_override in some circumstances; not sure if that's happened. (In reply to comment #3) > Not Fedora 17, but it is in Rawhide. > > When I was working on this last year, there were some file > ownership/permissions issues that I was hoping would be fixed upstream to > avoid the need for dac_override in some circumstances; not sure if that's > happened. By upstream, I mean opendkim upstream there. |
Created attachment 522945 [details] Patch against upstream policy for opendkim support As discussed on Fedora's selinux list. Upstream has policy for dkim in its own module, whilst Fedora has it as part of the milter module. Please remove the version in the milter module and add the separate upstream dkim module to the selinux-policy package build. Please also add the tweaks for opendkim in the attached patch (posted upstream).