mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-09-05 16:55:32 +00:00
02dce59d29
several postfix-* binaries on openSUSE Tumbleweed need to read
/usr/share/icu/[0-9]*.[0-9]*/*.dat.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/615
(cherry picked from commit 39ef7c508f)
Signed-off-by: John Johansen <john.johansen@canonical.com>
40 lines
1.3 KiB
Plaintext
40 lines
1.3 KiB
Plaintext
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2002-2005 Novell/SUSE
|
|
# Copyright (C) 2015-2018 Canonical, Ltd.
|
|
# Copyright (C) 2020 Christian Boltz
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
# used with postfix/*
|
|
|
|
|
|
capability setuid,
|
|
capability setgid,
|
|
capability sys_chroot,
|
|
|
|
# postfix's master can send us signals
|
|
signal receive peer=/usr/lib/postfix/master,
|
|
signal receive peer=postfix-master,
|
|
|
|
unix (send, receive) peer=(label=/usr/lib/postfix/master),
|
|
unix (send, receive) peer=(label=postfix-master),
|
|
|
|
/etc/mailname r,
|
|
/etc/postfix/*.cf r,
|
|
/etc/postfix/*.db rk,
|
|
@{PROC}/net/if_inet6 r,
|
|
/usr/lib/postfix/*.so mr,
|
|
/usr/lib{,32,64}/sasl2/* mr,
|
|
/usr/lib{,32,64}/sasl2/ r,
|
|
/usr/lib/@{multiarch}/sasl2/* mr,
|
|
/usr/lib/@{multiarch}/sasl2/ r,
|
|
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
|
|
|
/var/spool/postfix/etc/* r,
|
|
/var/spool/postfix/lib/lib*.so* mr,
|
|
/var/spool/postfix/lib/@{multiarch}/lib*.so* mr,
|