10 type setroubleshootd_t;
16 type httpd_sys_content_t;
19 type postfix_bounce_t;
21 type mysqld_var_run_t;
23 type postfix_cleanup_t;
24 type postfix_master_t;
25 type postfix_pickup_t;
30 class fifo_file { write read getattr ioctl };
32 class unix_stream_socket connectto;
33 class file { write getattr read create unlink };
34 class sock_file write;
36 class dir { write search read remove_name create add_name };
39 #============= avahi_t ==============
40 allow avahi_t mysqld_db_t:dir search;
41 allow avahi_t mysqld_etc_t:file getattr;
43 #============= httpd_t ==============
44 allow httpd_t system_mail_t:process signal;
46 #============= logwatch_t ==============
47 allow logwatch_t initrc_t:unix_stream_socket connectto;
48 allow logwatch_t mysqld_etc_t:file read;
49 allow logwatch_t mysqld_t:unix_stream_socket connectto;
51 #============= mailman_mail_t ==============
52 allow mailman_mail_t httpd_sys_content_t:dir { read write create add_name };
53 allow mailman_mail_t httpd_sys_content_t:file { read write create };
54 allow mailman_mail_t httpd_sys_content_t:lnk_file read;
55 allow mailman_mail_t self:fifo_file { write read getattr ioctl };
56 allow mailman_mail_t tmp_t:file { read getattr };
57 allow mailman_mail_t usr_t:file read;
58 allow mailman_mail_t var_run_t:dir { write remove_name };
59 allow mailman_mail_t var_run_t:file { read unlink };
61 #============= named_t ==============
62 allow named_t mysqld_db_t:dir search;
63 allow named_t mysqld_etc_t:file { read getattr };
65 #============= postfix_bounce_t ==============
66 allow postfix_bounce_t initrc_t:unix_stream_socket connectto;
67 allow postfix_bounce_t mysqld_db_t:dir search;
68 allow postfix_bounce_t mysqld_etc_t:file getattr;
69 allow postfix_bounce_t mysqld_t:unix_stream_socket connectto;
71 #============= postfix_cleanup_t ==============
72 allow postfix_cleanup_t initrc_t:unix_stream_socket connectto;
73 allow postfix_cleanup_t mysqld_db_t:dir search;
74 allow postfix_cleanup_t mysqld_etc_t:file getattr;
76 #============= postfix_master_t ==============
77 allow postfix_master_t initrc_t:unix_stream_socket connectto;
78 allow postfix_master_t mysqld_etc_t:file getattr;
80 #============= postfix_pickup_t ==============
81 allow postfix_pickup_t initrc_t:unix_stream_socket connectto;
82 allow postfix_pickup_t mysqld_db_t:dir search;
83 allow postfix_pickup_t mysqld_etc_t:file { read getattr };
84 allow postfix_pickup_t mysqld_var_run_t:sock_file write;
86 #============= postfix_qmgr_t ==============
87 allow postfix_qmgr_t initrc_t:unix_stream_socket connectto;
88 allow postfix_qmgr_t mysqld_db_t:dir search;
89 allow postfix_qmgr_t mysqld_etc_t:file getattr;
91 #============= postfix_smtp_t ==============
92 allow postfix_smtp_t initrc_t:unix_stream_socket connectto;
93 allow postfix_smtp_t mysqld_db_t:dir search;
94 allow postfix_smtp_t mysqld_etc_t:file getattr;
96 #============= postfix_smtpd_t ==============
97 allow postfix_smtpd_t initrc_t:unix_stream_socket connectto;
98 allow postfix_smtpd_t mysqld_db_t:dir search;
99 allow postfix_smtpd_t mysqld_etc_t:file getattr;
101 #============= setroubleshootd_t ==============
102 allow setroubleshootd_t httpd_sys_content_t:lnk_file read;
104 #============= system_dbusd_t ==============
105 allow system_dbusd_t mysqld_t:unix_stream_socket connectto;
106 allow system_dbusd_t mysqld_var_run_t:sock_file write;
108 #============= xfs_t ==============
109 allow xfs_t mysqld_t:unix_stream_socket connectto;