[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: procmail

From: "Christopher J. PeBenito" <cpebenito tresys com>
To: Paul Howarth <paul city-fan org>
Cc: Daniel J Walsh <dwalsh redhat com>, fedora-selinux-list redhat com
Subject: Re: procmail
Date: Fri, 21 Apr 2006 09:15:41 -0400

On Fri, 2006-04-21 at 11:02 +0100, Paul Howarth wrote:
> Paul Howarth wrote:

> module procmail 0.1;
> 
> require {
[cut]
>          class dir { add_name getattr read remove_name search write };
>          class file { append create execute execute_no_trans getattr ioctl lock read rename unlink write };
>          class lnk_file read;
>          class process { noatsecure sigchld siginh transition rlimitinh };
>          class fd { use };
>          class fifo_file { getattr read write append ioctl lock };
[cut]
> This does seem to work but surely there's a tidier way of handling those 
> class requirements? What am I missing?

You want to use the "policy_module(procmail,0.1)" macro instead of the
module statement at the top.  It adds all of the kernel object classes,
so you don't have to write them all out.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

Follow-Ups:
- Re: procmail
  - From: Paul Howarth

References:
- procmail
  - From: Paul Howarth
- Re: procmail
  - From: Daniel J Walsh
- Re: procmail
  - From: Paul Howarth
- Re: procmail
  - From: Paul Howarth

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]