Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 232606 - allow cyrus-imapd to send emails
allow cyrus-imapd to send emails
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2007-03-16 08:35 EDT by Kostas Georgiou
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-03-20 11:54:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kostas Georgiou 2007-03-16 08:35:08 EDT
To allow cyrus-imapd to send emails (a sieve reject rule for example) the
following module is needed.

module mycyrusimapd 1.0.8;

require {
  class dir { getattr search add_name read remove_name write };
  class file { read getattr create lock rename unlink write execute
execute_no_trans };
  class lnk_file read;
  type cyrus_t;
  type etc_mail_t;
  type mqueue_spool_t;
  type sendmail_exec_t;
  type sbin_t;
  role system_r;

allow cyrus_t sbin_t:dir search;
allow cyrus_t sbin_t:lnk_file read;
allow cyrus_t etc_mail_t:dir { getattr search };
allow cyrus_t etc_mail_t:file { getattr read };
allow cyrus_t mqueue_spool_t:dir { add_name getattr read remove_name search write };
allow cyrus_t mqueue_spool_t:file { create getattr lock read rename unlink write };
allow cyrus_t sendmail_exec_t:file { execute read execute_no_trans };
Comment 1 Daniel Walsh 2007-03-20 11:39:58 EDT
 Would have been a better interface to use.

Comment 2 Kostas Georgiou 2007-03-20 11:54:25 EDT
Thanks, I wasn't even aware that mta_send_mail() existed until now :) I have to
read the docs at some point I guess ;P

Note You need to log in before you can comment on or make changes to this bug.