Aurélien Bompard has proposed merging lp:~abompard/mailman/selinux into lp:mailman.
Requested reviews: Mailman Coders (mailman-coders) For more details, see: https://code.launchpad.net/~abompard/mailman/selinux/+merge/225120 This change introduces SELinux support, as discussed on the mailing-list. It's very simple: it labels the generated mailserver files as etc_mail_t to allow Postfix or Exim to read them. It assumes an FHS-compliant installation where the mailman var directory is in /var/lib/mailman (as in the mailman.cfg file) or in /var/lib/mailman3 (where it will be separated from an existing mailman2 install) -- https://code.launchpad.net/~abompard/mailman/selinux/+merge/225120 Your team Mailman Coders is requested to review the proposed merge of lp:~abompard/mailman/selinux into lp:mailman.
=== added directory 'selinux' === added file 'selinux/Makefile' --- selinux/Makefile 1970-01-01 00:00:00 +0000 +++ selinux/Makefile 2014-07-01 08:33:31 +0000 @@ -0,0 +1,13 @@ +include /usr/share/selinux/devel/Makefile + + +install_module: $(addprefix $(SHAREDIR)/$(NAME)/,$(all_packages)) +$(SHAREDIR)/$(NAME)/%.pp: %.pp + install -D -p -m 644 $^ $@ + +restore: + [ -d /var/lib/mailman3 ] && restorecon -R /var/lib/mailman3 + +install: install_module load restore + +.PHONY = install_module restore install === added file 'selinux/mailman3.fc' --- selinux/mailman3.fc 1970-01-01 00:00:00 +0000 +++ selinux/mailman3.fc 2014-07-01 08:33:31 +0000 @@ -0,0 +1,1 @@ +/var/lib/mailman3?/data(/.*)? gen_context(system_u:object_r:etc_mail_t,s0) === added file 'selinux/mailman3.te' --- selinux/mailman3.te 1970-01-01 00:00:00 +0000 +++ selinux/mailman3.te 2014-07-01 08:33:31 +0000 @@ -0,0 +1,1 @@ +policy_module(mailman3, 1.5) === modified file 'src/mailman/docs/START.rst' --- src/mailman/docs/START.rst 2014-04-15 14:34:04 +0000 +++ src/mailman/docs/START.rst 2014-07-01 08:33:31 +0000 @@ -192,6 +192,10 @@ ``bin/mailman start`` to start the runner subprocess daemons, and of course ``bin/mailman stop`` to stop them. +If you use SELinux on your server, you will want to run +``make -C selinux install`` to install the policy module which will set the +proper label on Mailman's files. + Postorius, a web UI for administration and subscriber settings, is being developed as a separate, Django-based project. For now, the most flexible means of configuration is via the command line and REST API.
_______________________________________________ Mailman-coders mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-coders
