Hi.
I have noticed that per default the salsauthd daemon is allowded to
answers to every nodes on the world, as the network rules are
corenet_tcp_sendrecv_all_if(saslauthd_t)
corenet_tcp_sendrecv_all_nodes(saslauthd_t).
However, I want to optimize this in order to provide a deeper control with
gen_tunable(allow_saslauthd_network_auth,true)
tunable_policy(`allow_saslauthd_network_auth',`
corenet_tcp_sendrecv_all_if(saslauthd_t)
corenet_tcp_sendrecv_all_nodes(saslauthd_t)
',`
corenet_tcp_sendrecv_lo_if(saslauthd_t)
corenet_tcp_sendrecv_all_nodes(saslauthd_t)
')
The compilation works well but I have a problem at the qmerge step :
the lo_netif_t dependance can not be solved. Why is this though
internel modules (namely kernel/corenetwork.if) used these macros ?
BTW, the .fc file is not well suited fot the postfix-sasl install.
la /var/lib give me
drwxr-xr-x root root system_u:object_r:var_lib_t sasl2
though it should be saslauthd_var_run_t (maybe a change of directory
for the saslauth project ? )
cd /var/lib
chcon -t saslauthd_var_run_t sasl2/ sasl2/* -R
-- Julien Thomas
--
[EMAIL PROTECTED] mailing list