> PS Alexy, I'm not sure if you want to get involved in SE Linux policy
> development to the level of testing this patch out. If not then just wait a
> week or so and this will become a standard policy feature.
Thanks,
nothing prevents me from waiting some time and nothing doing
meanwhile... New Year anyway.
But I've noticed some moments in patch:
---
+/var/lib/milter-greylist(/.*)? system_u:object_r:mta_filter_var_lib_t:s0
+/var/lib/milter-greylist/run/milter-greylist.sock -s system_u:object_r:mta_filter_var_run_t:s0
+/usr/sbin/milter-greylist -- system_u:object_r:mta_filter_exec_t:s0
---
By default (make, make install), $DESTDIR is not set, so Makefile from milter-greylist 2.0.2
${INSTALL} -d -m 755 -o ${USER} ${DESTDIR}/var/milter-greylist
create db and stuff dir /var/milter-greylist, not /var/lib/milter-greylist
Default locations, defined in greylist.conf, are:
#pidfile "/var/run/milter-greylist.pid"
#socket "/var/milter-greylist/milter-greylist.sock"
#dumpfile "/var/milter-greylist/greylist.db"
Also, executable milter_greylist placed to /usr/local/sbin:
prefix= /usr/local
exec_prefix= ${prefix}
SBINDIR= ${exec_prefix}/sbin
${INSTALL} -m 755 milter-greylist ${DESTDIR}${SBINDIR}
May be, it's just in newest versions of milter-greylist.
> PPS Happy holidays everyone!
Same to you.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
