From a07f30e25d55de40232b3203838d035dbf1935b4 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Sun, 7 Mar 2021 14:20:42 +0100 Subject: [PATCH] postfix: allow access to *.lmdb files ... in addition to *.db files. openSUSE Tumbleweed now uses the lmdb format by default. --- profiles/apparmor.d/abstractions/postfix-common | 3 ++- profiles/apparmor/profiles/extras/postfix-local | 5 +++-- profiles/apparmor/profiles/extras/postfix-smtpd | 6 +++--- profiles/apparmor/profiles/extras/usr.sbin.postalias | 7 ++++--- profiles/apparmor/profiles/extras/usr.sbin.postmap | 2 ++ 5 files changed, 14 insertions(+), 9 deletions(-) diff --git a/profiles/apparmor.d/abstractions/postfix-common b/profiles/apparmor.d/abstractions/postfix-common index c45fe8115..68d4f7a82 100644 --- a/profiles/apparmor.d/abstractions/postfix-common +++ b/profiles/apparmor.d/abstractions/postfix-common @@ -2,7 +2,7 @@ # # Copyright (C) 2002-2005 Novell/SUSE # Copyright (C) 2015-2018 Canonical, Ltd. -# Copyright (C) 2020 Christian Boltz +# Copyright (C) 2020-2021 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -26,6 +26,7 @@ /etc/mailname r, /etc/postfix/*.cf r, /etc/postfix/*.db rk, + /etc/postfix/*.lmdb rk, @{PROC}/net/if_inet6 r, /usr/lib/postfix/*.so mr, /usr/lib{,32,64}/sasl2/* mr, diff --git a/profiles/apparmor/profiles/extras/postfix-local b/profiles/apparmor/profiles/extras/postfix-local index 1e5d4e9b5..292e617af 100644 --- a/profiles/apparmor/profiles/extras/postfix-local +++ b/profiles/apparmor/profiles/extras/postfix-local @@ -2,6 +2,7 @@ # # Copyright (C) 2002-2006 Novell/SUSE # Copyright (C) 2018 Canonical, Ltd. +# Copyright (C) 2021 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -31,9 +32,9 @@ profile postfix-local /usr/lib/postfix/{bin/,sbin/,}local { /{usr/,}bin/date mixr, /dev/tty rw, - /etc/aliases.db rk, + /etc/aliases.{lm,}db rk, # mailman on SuSE is configured to have its own alias file - /var/lib/mailman/data/aliases.db rk, + /var/lib/mailman/data/aliases.{lm,}db rk, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/* rw, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/ rw, /{var/spool/postfix/,}active/[0-9A-F]/ rw, diff --git a/profiles/apparmor/profiles/extras/postfix-smtpd b/profiles/apparmor/profiles/extras/postfix-smtpd index 9ca860868..1676d2ab9 100644 --- a/profiles/apparmor/profiles/extras/postfix-smtpd +++ b/profiles/apparmor/profiles/extras/postfix-smtpd @@ -2,7 +2,7 @@ # # Copyright (C) 2002-2006 Novell/SUSE # Copyright (C) 2018 Canonical, Ltd. -# Copyright (C) 2019 Christian Boltz +# Copyright (C) 2019-2021 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -29,9 +29,9 @@ profile postfix-smtpd /usr/lib/postfix/{bin/,sbin/,}smtpd { /usr/sbin/postdrop rPx, /dev/urandom r, - /etc/aliases.db rk, + /etc/aliases.{lm,}db rk, # mailman on SuSE is configured to have its own alias db - /var/lib/mailman/data/aliases.db rk, + /var/lib/mailman/data/aliases.{lm,}db rk, /etc/mtab r, /etc/fstab r, /etc/postfix/*.regexp r, diff --git a/profiles/apparmor/profiles/extras/usr.sbin.postalias b/profiles/apparmor/profiles/extras/usr.sbin.postalias index 6b5f3ccdd..832a7a5fe 100644 --- a/profiles/apparmor/profiles/extras/usr.sbin.postalias +++ b/profiles/apparmor/profiles/extras/usr.sbin.postalias @@ -1,6 +1,7 @@ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE +# Copyright (C) 2021 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -19,11 +20,11 @@ include include include /etc/aliases r, - /etc/aliases.db rwlk, + /etc/aliases.{lm,}db rwlk, /etc/postfix r, /etc/postfix/main.cf r, /etc/postfix/aliases r, - /etc/postfix/aliases.db rwl, + /etc/postfix/aliases.{lm,}db rwl, /etc/postfix/__db.aliases.db lrw, /etc/__db.aliases.db rwl, /usr/sbin/postalias rmix, @@ -31,7 +32,7 @@ include # On SuSE, mailman is configured to use its own alias db /var/lib/mailman/data/aliases r, /var/lib/mailman/data/__db.aliases.db rwl, - /var/lib/mailman/data/aliases.db rwl, + /var/lib/mailman/data/aliases.{lm,}db rwl, /var/spool/postfix r, /var/spool/postfix/pid r, } diff --git a/profiles/apparmor/profiles/extras/usr.sbin.postmap b/profiles/apparmor/profiles/extras/usr.sbin.postmap index b946eff96..11bc606e0 100644 --- a/profiles/apparmor/profiles/extras/usr.sbin.postmap +++ b/profiles/apparmor/profiles/extras/usr.sbin.postmap @@ -1,6 +1,7 @@ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE +# Copyright (C) 2021 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -22,6 +23,7 @@ include /etc/mtab r, /etc/postfix/* r, /etc/postfix/*.db rwlk, + /etc/postfix/*.lmdb rwlk, @{PROC}/net/if_inet6 r, /usr/share/icu/[0-9]*.[0-9]*/*.dat r, /usr/sbin/postmap rmix,