On 13/10/10 1:44 AM, Ben McGinnes wrote:
Hello, Does anyone have a sample SELinux policy for dkim-milter?
I'm using the configuration from this page:
http://www.howtoforge.com/set-up-dkim-for-multiple-domains-on-postfix-with-d...
Along with the latest RPM from the link on that page.
Okay, my solution was this:
module dkimlocal 1.0;
require { type postfix_smtpd_t; type postfix_cleanup_t; class tcp_socket { read write }; }
#============= postfix_cleanup_t ============== allow postfix_cleanup_t postfix_smtpd_t:tcp_socket { read write }; #EOF
Which was generated from the audit.log. Simply trying to load it with "semodule -i dkimlocal.te" failed (magic number error), but doing the following fixed it:
make -f /usr/share/selinux/devel/Makefile semodule -i dkimlocal.pp
Special thanks go to Dan Walsh at Red Hat for lending a hand here.
Regards, Ben