Policy common to all email tranfer agents.
Create, read, and write the mail spool.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Delete from the mail spool.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Do not audit attempts to get the attributes of mail spool files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to not audit. | No |
Do not audit attempts to read a symlink in the mail spool.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Do not audit attempts to read and write TCP sockets of mail delivery domains.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Mail server domain. | No |
Do not audit attempts to read and write the mail queue.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to not audit. | No |
Type transition files created in /etc to the mail address aliases type.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Get the attributes of mail spool files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Make the specified type usable for a mta_send_mail.
Parameter: | Description: | Optional: |
---|---|---|
type |
Type to be used as a mail client. | No |
Make the specified type readable for a system_mail_t
Parameter: | Description: | Optional: |
---|---|---|
type |
Type to be used as a mail client. | No |
Make the specified domain usable for a mail server.
Parameter: | Description: | Optional: |
---|---|---|
type |
Type to be used as a mail server domain. | No |
Make a type a mailserver type used for delivering mail to local users.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Mail server domain type used for delivering mail. | No |
Make a type a mailserver type used for sending mail.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Mail server domain type used for sending mail. | No |
Make a type a mailserver type used for sending mail on behalf of local users to the local mail spool.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Mail server domain type used for sending local mail. | No |
Create, read, write, and delete mail queue files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Create, read, write, and delete mail spool files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read mail address aliases.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read mail server configuration.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
read mail queue files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read sendmail binary.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read and write mail aliases.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read and write the mail spool.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read and write unix domain stream sockets of user mail domains.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
search mail queue dirs.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send mail from the system.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Execute send mail in a specified domain.
Execute send mail in a specified domain.
No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.
Parameter: | Description: | Optional: |
---|---|---|
source_domain |
Domain to transition from. | No |
target_domain |
Domain to transition to. | No |
Execute sendmail in the caller domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Modified mailserver interface for sendmail daemon use.
A modified MTA mail server interface for the sendmail program. It's design does not fit well with policy, and using the regular interface causes a type_transition conflict if direct running of init scripts is enabled.
This interface should most likely only be used by the sendmail policy.
Parameter: | Description: | Optional: |
---|---|---|
domain |
The type to be used for the mail server. | No |
entry_point |
The type to be used for the domain entry point program. | No |
Create private objects in the mail spool directory.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
private type |
The type of the object to be created. | No |
object |
The object class of the object being created. | No |
MTA stub interface. No access allowed.
Parameter: | Description: | Optional: |
---|---|---|
domain |
N/A | Yes |
Connect to all mail servers over TCP. (Deprecated)
Parameter: | Description: | Optional: |
---|---|---|
domain |
Mail server domain. | No |
Provide extra permissions for admin users mail domain.
Parameter: | Description: | Optional: |
---|---|---|
userdomain_prefix |
The prefix of the user domain (e.g., user is the prefix for user_t). | No |
user_domain |
The type of the user domain. | No |
Basic mail transfer agent domain template.
This template creates a derived domain which is a email transfer agent, which sends mail on behalf of the user.
This is the basic types and rules, common to the system agent and user agents.
Parameter: | Description: | Optional: |
---|---|---|
domain_prefix |
The prefix of the domain (e.g., user is the prefix for user_t). | No |
The per role template for the mta module.
This template creates a derived domain which is a email transfer agent, which sends mail on behalf of the user.
This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.
Parameter: | Description: | Optional: |
---|---|---|
userdomain_prefix |
The prefix of the user domain (e.g., user is the prefix for user_t). | No |
user_domain |
The type of the user domain. | No |
user_role |
The role associated with the user domain. | No |