On 13/10/10 1:44 AM, Ben McGinnes wrote: > Hello, > Does anyone have a sample SELinux policy for dkim-milter? > > I'm using the configuration from this page: > > http://www.howtoforge.com/set-up-dkim-for-multiple-domains-on-postfix-with-dkim-milter-2.8.x-centos-5.3 > > Along with the latest RPM from the link on that page. Okay, my solution was this: module dkimlocal 1.0; require { type postfix_smtpd_t; type postfix_cleanup_t; class tcp_socket { read write }; } #============= postfix_cleanup_t ============== allow postfix_cleanup_t postfix_smtpd_t:tcp_socket { read write }; #EOF Which was generated from the audit.log. Simply trying to load it with "semodule -i dkimlocal.te" failed (magic number error), but doing the following fixed it: make -f /usr/share/selinux/devel/Makefile semodule -i dkimlocal.pp Special thanks go to Dan Walsh at Red Hat for lending a hand here. Regards, Ben -- Ben McGinnes http://www.adversary.org/ Twitter: benmcginnes Systems Administrator, Writer, ICT Consultant Encrypted email preferred - primary OpenPGP/GPG key: 0xA04AE313 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x371AC5BFA04AE313
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
