WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Zabbix/Postfix: Add postqueue exec_no_trans

Browse Source 
Signed-off-by: Greg Sutcliffe <fedora@emeraldreverie.org>
This commit is contained in:
Greg Sutcliffe
2025-09-26 11:53:03 +01:00
parent 0496e663ed
commit 4a97d2cbda
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/base/files/postfix/zabbix-selinux.te
View File

@@ -1,4 +1,4 @@
module zabbix_sendmail 1.5;
module zabbix_sendmail 1.6;
require {
type sendmail_exec_t;
@@ -14,7 +14,7 @@ require {
#============= zabbix_agent_t ==============
# For the executing binaries
allow zabbix_agent_t sendmail_exec_t:file { execute execute_no_trans };
allow zabbix_agent_t postfix_postqueue_exec_t:file execute;
allow zabbix_agent_t postfix_postqueue_exec_t:file { execute execute_no_trans };
# For symlinks in /usr/bin and /usr/bin/mailq.postfix
allow zabbix_agent_t bin_t:file { read execute execute_no_trans };