On Mon, Mar 15, 2010 at 19:09, John Griffiths <fedora03@xxxxxxxxxxx> wrote: > I use postfix and have for a long time. > > I put the certificates in: > > /etc/pki/tls/certs and /etc/pki/tls/private . > > The standard selinux policy works without modification on Fedora 12. > > Regards, > John Hi John, The policy in F-12 works, but it's to open IMHO. /etc/pki/tls/private is also labeled as cert_t. All applications who can read cert_t can read this directory. I want to restrict access to only postfix. Regards, Ruben -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
