postfix: allow access to *.lmdb files

... in addition to *.db files. openSUSE Tumbleweed now uses the lmdb format by default.
2025-08-29 13:28:19 +00:00 · 2021-03-07 14:20:42 +01:00 · 2021-03-07 14:20:42 +01:00 · a07f30e25d
commit a07f30e25d
parent 32bd2bcec3
5 changed files with 14 additions and 9 deletions
--- a/profiles/apparmor.d/abstractions/postfix-common
+++ b/profiles/apparmor.d/abstractions/postfix-common
@ -2,7 +2,7 @@
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
 #    Copyright (C) 2015-2018 Canonical, Ltd.
-#    Copyright (C) 2020 Christian Boltz
+#    Copyright (C) 2020-2021 Christian Boltz
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@ -26,6 +26,7 @@
  /etc/mailname         r,
  /etc/postfix/*.cf     r,
  /etc/postfix/*.db     rk,
+  /etc/postfix/*.lmdb   rk,
  @{PROC}/net/if_inet6  r,
  /usr/lib/postfix/*.so mr,
  /usr/lib{,32,64}/sasl2/*    mr,
--- a/profiles/apparmor/profiles/extras/postfix-local
+++ b/profiles/apparmor/profiles/extras/postfix-local
@ -2,6 +2,7 @@
 #
 #    Copyright (C) 2002-2006 Novell/SUSE
 #    Copyright (C) 2018 Canonical, Ltd.
+#    Copyright (C) 2021 Christian Boltz
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@ -31,9 +32,9 @@ profile postfix-local /usr/lib/postfix/{bin/,sbin/,}local {
  /{usr/,}bin/date                                      mixr,

  /dev/tty                                              rw,
-  /etc/aliases.db                                       rk,
+  /etc/aliases.{lm,}db                                  rk,
  # mailman on SuSE is configured to have its own alias file
-  /var/lib/mailman/data/aliases.db                      rk,
+  /var/lib/mailman/data/aliases.{lm,}db                 rk,
  /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/*      rw,
  /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/       rw,
  /{var/spool/postfix/,}active/[0-9A-F]/                rw,
--- a/profiles/apparmor/profiles/extras/postfix-smtpd
+++ b/profiles/apparmor/profiles/extras/postfix-smtpd
@ -2,7 +2,7 @@
 #
 #    Copyright (C) 2002-2006 Novell/SUSE
 #    Copyright (C) 2018 Canonical, Ltd.
-#    Copyright (C) 2019 Christian Boltz
+#    Copyright (C) 2019-2021 Christian Boltz
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@ -29,9 +29,9 @@ profile postfix-smtpd /usr/lib/postfix/{bin/,sbin/,}smtpd {
  /usr/sbin/postdrop                           rPx,

  /dev/urandom                                r,
-  /etc/aliases.db                             rk,
+  /etc/aliases.{lm,}db                        rk,
  # mailman on SuSE is configured to have its own alias db
-  /var/lib/mailman/data/aliases.db             rk,
+  /var/lib/mailman/data/aliases.{lm,}db       rk,
  /etc/mtab                                   r,
  /etc/fstab                                  r,
  /etc/postfix/*.regexp                       r,
--- a/profiles/apparmor/profiles/extras/usr.sbin.postalias
+++ b/profiles/apparmor/profiles/extras/usr.sbin.postalias
@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
+#    Copyright (C) 2021 Christian Boltz
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@ -19,11 +20,11 @@ include <tunables/global>
  include <abstractions/consoles>
  include <abstractions/postfix-common>
  /etc/aliases                         r,
-  /etc/aliases.db                      rwlk,
+  /etc/aliases.{lm,}db                 rwlk,
  /etc/postfix                         r,
  /etc/postfix/main.cf                 r,
  /etc/postfix/aliases                 r,
-  /etc/postfix/aliases.db              rwl,
+  /etc/postfix/aliases.{lm,}db         rwl,
  /etc/postfix/__db.aliases.db         lrw,
  /etc/__db.aliases.db                 rwl,
  /usr/sbin/postalias                  rmix,
@ -31,7 +32,7 @@ include <tunables/global>
  # On SuSE, mailman is configured to use its own alias db
  /var/lib/mailman/data/aliases        r,
  /var/lib/mailman/data/__db.aliases.db rwl,
-  /var/lib/mailman/data/aliases.db     rwl,
+  /var/lib/mailman/data/aliases.{lm,}db rwl,
  /var/spool/postfix                   r,
  /var/spool/postfix/pid               r,
 }
--- a/profiles/apparmor/profiles/extras/usr.sbin.postmap
+++ b/profiles/apparmor/profiles/extras/usr.sbin.postmap
@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
+#    Copyright (C) 2021 Christian Boltz
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@ -22,6 +23,7 @@ include <tunables/global>
  /etc/mtab                         r,
  /etc/postfix/*                    r,
  /etc/postfix/*.db                 rwlk,
+  /etc/postfix/*.lmdb               rwlk,
  @{PROC}/net/if_inet6              r,
  /usr/share/icu/[0-9]*.[0-9]*/*.dat r,
  /usr/sbin/postmap                 rmix,