dovecot profile update

Some updates for the dovecot profiles, based on a patch from 
Christian Wittmer <chris@computersalat.de> (he sent it as SR for the 
openSUSE package, which uses a slightly older version of the dovecot
profiles)

Fix problems with dovecot and managesieve:
* usr.lib.dovecot.managesieve-login: network inet6 stream
* usr.lib.dovecot.managesieve:
  +#include <tunables/dovecot>
    /usr/lib/dovecot/managesieve {
  +  capability setgid,   # covered by abstractions/dovecot-common, therefore not part of this patch
  +  capability setuid,
  +  network inet stream,
  +  network inet6 stream,
  +  @{DOVECOT_MAILSTORE}/ rw,
  +  @{DOVECOT_MAILSTORE}/** rwkl,
* add #include <abstractions/wutmp> to usr.lib.dovecot.auth
   apparmor="DENIED" operation="open" parent=18310 \
   profile="/usr/lib/dovecot/auth" name="/var/run/utmp" pid=20939 \
   comm="auth" requested_mask="r" denied_mask="r" fsuid=0 ouid=0


Acked-by: Steve Beattie <steve@nxnw.org>

Bug: https://launchpad.net/bugs/1322778

profiles/apparmor.d/usr.lib.dovecot.auth

@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2013 Christian Boltz
+#    Copyright (C) 2014 Christian Wittmer
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -16,6 +17,7 @@
   #include <abstractions/base>
   #include <abstractions/mysql>
   #include <abstractions/nameservice>
+  #include <abstractions/wutmp>
   #include <abstractions/dovecot-common>
 
   capability audit_write,

profiles/apparmor.d/usr.lib.dovecot.managesieve

@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2013 Christian Boltz
+#    Copyright (C) 2014 Christian Wittmer
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -10,11 +11,20 @@
 # vim: ft=apparmor
 
 #include <tunables/global>
+#include <tunables/dovecot>
 
 /usr/lib/dovecot/managesieve {
   #include <abstractions/base>
   #include <abstractions/dovecot-common>
 
+  capability setuid,
+
+  network inet stream,
+  network inet6 stream,
+
+  @{DOVECOT_MAILSTORE}/ rw,
+  @{DOVECOT_MAILSTORE}/** rwkl,
+
   /etc/dovecot/** r,
   /usr/bin/doveconf rix,
   /usr/lib/dovecot/managesieve mrix,

profiles/apparmor.d/usr.lib.dovecot.managesieve-login

@@ -3,6 +3,7 @@
 #    Copyright (c) 2009 Dulmandakh Sukhbaatar <dulmandakh@gmail.com>
 #    Copyright (C) 2009-2011 Canonical Ltd.
 #    Copyright (C) 2013 Christian Boltz
+#    Copyright (C) 2014 Christian Wittmer
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -23,6 +24,7 @@
   capability sys_chroot,
 
   network inet stream,
+  network inet6 stream,
 
   /usr/lib/dovecot/managesieve-login mr,
   /{,var/}run/dovecot/login/ r,