From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-729550-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id A979613877A
	for <garchives@archives.gentoo.org>; Sun, 31 Aug 2014 16:07:37 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 6A1CAE0C94;
	Sun, 31 Aug 2014 16:07:36 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id D45E7E0C94
	for <gentoo-commits@lists.gentoo.org>; Sun, 31 Aug 2014 16:07:35 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 5C7F733F8DC
	for <gentoo-commits@lists.gentoo.org>; Sun, 31 Aug 2014 16:07:34 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 039B745B1
	for <gentoo-commits@lists.gentoo.org>; Sun, 31 Aug 2014 16:07:33 +0000 (UTC)
From: "Sven Vermeulen" <swift@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <swift@gentoo.org>
Message-ID: <1409501074.b1e0a75ca9dd68264191b04214a4e18d4312b8fc.swift@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/contrib/courier.te
X-VCS-Directories: policy/modules/contrib/
X-VCS-Committer: swift
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: b1e0a75ca9dd68264191b04214a4e18d4312b8fc
X-VCS-Branch: master
Date: Sun, 31 Aug 2014 16:07:33 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 4213fa9a-2fb6-46e3-947a-be55318b67af
X-Archives-Hash: 861df414cca079f1412be555111c35e0

commit:     b1e0a75ca9dd68264191b04214a4e18d4312b8fc
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Aug 31 16:04:34 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Aug 31 16:04:34 2014 +0000
URL:        http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b1e0a75c

Move gentoo specifics downward

---
 policy/modules/contrib/courier.te | 53 ++++++++++++++++++++++++---------------
 1 file changed, 33 insertions(+), 20 deletions(-)

diff --git a/policy/modules/contrib/courier.te b/policy/modules/contrib/courier.te
index 9bd64f5..5660ef5 100644
--- a/policy/modules/contrib/courier.te
+++ b/policy/modules/contrib/courier.te
@@ -116,10 +116,6 @@ miscfiles_read_localization(courier_authdaemon_t)
 
 userdom_dontaudit_search_user_home_dirs(courier_authdaemon_t)
 
-ifdef(`distro_gentoo',`
-	read_lnk_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
-')
-
 ########################################
 #
 # Calendar (PCP) local policy
@@ -148,14 +144,6 @@ miscfiles_read_localization(courier_pop_t)
 userdom_manage_user_home_content_files(courier_pop_t)
 userdom_manage_user_home_content_dirs(courier_pop_t)
 
-ifdef(`distro_gentoo',`
-	files_search_var_lib(courier_pop_t)
-	search_dirs_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t)
-	read_lnk_files_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t)
-
-	courier_authdaemon_rw_inherited_stream_sockets(courier_pop_t)
-')
-
 ########################################
 #
 # TCPd local policy
@@ -186,11 +174,6 @@ dev_read_urand(courier_tcpd_t)
 
 miscfiles_read_localization(courier_tcpd_t)
 
-ifdef(`distro_gentoo',`
-	courier_authdaemon_stream_connect(courier_tcpd_t)
-	courier_domtrans_authdaemon(courier_tcpd_t)
-')
-
 ########################################
 #
 # Webmail local policy
@@ -198,12 +181,42 @@ ifdef(`distro_gentoo',`
 
 kernel_read_kernel_sysctls(courier_sqwebmail_t)
 
+optional_policy(`
+	cron_system_entry(courier_sqwebmail_t, courier_sqwebmail_exec_t)
+')
+
 ifdef(`distro_gentoo',`
+
+	########################################
+	#
+	# Courier authdaemon policy
+	#
+	read_lnk_files_pattern(courier_authdaemon_t, courier_var_lib_t, courier_var_lib_t)
+
 	optional_policy(`
 		mysql_stream_connect(courier_authdaemon_t)
 	')
-')
 
-optional_policy(`
-	cron_system_entry(courier_sqwebmail_t, courier_sqwebmail_exec_t)
+	########################################
+	#
+	# Courier imap daemon policy
+	#
+	
+
+	########################################
+	#
+	# Courier pop daemon policy
+	#
+	files_search_var_lib(courier_pop_t)
+	search_dirs_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t)
+	read_lnk_files_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t)
+	
+	courier_authdaemon_rw_inherited_stream_sockets(courier_pop_t)
+
+	########################################
+	#
+	# Courier tcpd daemon policy
+	#
+	courier_authdaemon_stream_connect(courier_tcpd_t)
+	courier_domtrans_authdaemon(courier_tcpd_t)
 ')