Layer: services

Module: mta

Description:

Common e-mail transfer agent policy.

Interfaces:

mta_agent_executable(
	
		type
		
	)

Summary

Make the specified type a MTA executable file.

Parameters

Parameter:	Description:
type	Type to be used as a mail client.

mta_append_spool(
	
		domain
		
	)

Summary

Create, read, and write mail spool files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_delete_spool(
	
		domain
		
	)

Summary

Delete mail spool files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_dontaudit_getattr_spool_files(
	
		domain
		
	)

Summary

Do not audit attempts to get attributes of mail spool files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mta_dontaudit_read_spool_symlinks(
	
		domain
		
	)

Summary

Do not audit attempts to read mail spool symlinks.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mta_dontaudit_rw_delivery_tcp_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to read and write TCP sockets of mail delivery domains.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mta_dontaudit_rw_queue(
	
		domain
		
	)

Summary

Do not audit attempts to read and write mail queue content.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mta_etc_filetrans_aliases(
	
		domain
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create specified object in generic etc directories with the mail address alias type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object	The object class of the object being created.
name	The name of the object being created.

mta_getattr_spool(
	
		domain
		
	)

Summary

Get attributes of mail spool content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_home_filetrans_mail_home(
	
		domain
		
			,
		
		object_class
		
			,
		
		name
		
	)

Summary

Create specified objects in user home directories with the generic mail home type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object_class	Class of the object being created.
name	The name of the object being created.

mta_home_filetrans_mail_home_rw(
	
		domain
		
			,
		
		object_class
		
			,
		
		name
		
	)

Summary

Create specified objects in user home directories with the generic mail home rw type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object_class	Class of the object being created.
name	The name of the object being created.

mta_kill_system_mail(
	
		domain
		
	)

Summary

Send kill signals to system mail.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_list_queue(
	
		domain
		
	)

Summary

List mail queue directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_list_spool(
	
		domain
		
	)

Summary

Allow listing the mail spool.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mta_mailserver(
	
		type
		
			,
		
		entry_point
		
	)

Summary

Make the specified domain usable for a mail server.

Parameters

Parameter:	Description:
type	Type to be used as a mail server domain.
entry_point	Type of the program to be used as an entry point to this domain.

mta_mailserver_delivery(
	
		domain
		
	)

Summary

Make a type a mailserver type used for delivering mail to local users.

Parameters

Parameter:	Description:
domain	Mail server domain type used for delivering mail.

mta_mailserver_sender(
	
		domain
		
	)

Summary

Make a type a mailserver type used for sending mail.

Parameters

Parameter:	Description:
domain	Mail server domain type used for sending mail.

mta_mailserver_user_agent(
	
		domain
		
	)

Summary

Make a type a mailserver type used for sending mail on behalf of local users to the local mail spool.

Parameters

Parameter:	Description:
domain	Mail server domain type used for sending local mail.

mta_manage_aliases(
	
		domain
		
	)

Summary

Create, read, write, and delete mail address alias content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_manage_config(
	
		domain
		
	)

Summary

Create, read, write, and delete mail server configuration content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_manage_mail_home_files(
	
		domain
		
	)

Summary

Create, read, write, and delete mta mail home files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_manage_mail_home_rw_content(
	
		domain
		
	)

Summary

Create, read, write, and delete mta mail home rw content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_manage_queue(
	
		domain
		
	)

Summary

Create, read, write, and delete mail queue content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_manage_spool(
	
		domain
		
	)

Summary

Create, read, write, and delete mail spool content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_map_aliases(
	
		domain
		
	)

Summary

Read mail address alias files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_queue_filetrans(
	
		domain
		
			,
		
		private type
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create specified objects in the mail queue spool directory with a private type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
private type	The type of the object to be created.
object	The object class of the object being created.
name	The name of the object being created.

mta_read_aliases(
	
		domain
		
	)

Summary

Read mail address alias files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_read_config(
	
		domain
		
	)

Summary

Read mail server configuration content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_read_mail_home_files(
	
		domain
		
	)

Summary

Read mta mail home files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_read_queue(
	
		domain
		
	)

Summary

Read mail queue files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_read_sendmail_bin(
	
		domain
		
	)

Summary

Read sendmail binary.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_read_spool_files(
	
		domain
		
	)

Summary

Read mail spool files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_read_spool_symlinks(
	
		domain
		
	)

Summary

Allow reading mail spool symlinks.

Parameters

Parameter:	Description:
domain	Domain to not audit.

mta_rw_aliases(
	
		domain
		
	)

Summary

Read and write mail alias files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_rw_inherited_delivery_pipes(
	
		domain
		
	)

Summary

read and write fifo files inherited from delivery domains

Parameters

Parameter:	Description:
domain	Domain to use fifo files

mta_rw_spool(
	
		domain
		
	)

Summary

Read and write mail spool files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_rw_user_mail_stream_sockets(
	
		domain
		
	)

Summary

Read and write unix domain stream sockets of all base mail domains.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_search_queue(
	
		domain
		
	)

Summary

Search mail queue directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_send_mail(
	
		domain
		
	)

Summary

Send mail from the system.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

mta_sendmail_domtrans(
	
		source_domain
		
			,
		
		target_domain
		
	)

Summary

Execute send mail in a specified domain.

Description

Execute send mail in a specified domain.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Parameters

Parameter:	Description:
source_domain	Domain allowed to transition.
target_domain	Domain to transition to.

mta_sendmail_entry_point(
	
		domain
		
	)

Summary

Make sendmail usable as an entry point for the domain.

Parameters

Parameter:	Description:
domain	Domain to be entered.

mta_sendmail_exec(
	
		domain
		
	)

Summary

Execute sendmail in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_sendmail_mailserver(
	
		domain
		
	)

Summary

Modified mailserver interface for sendmail daemon use.

Description

A modified MTA mail server interface for the sendmail program. It's design does not fit well with policy, and using the regular interface causes a type_transition conflict if direct running of init scripts is enabled.

This interface should most likely only be used by the sendmail policy.

Parameters

Parameter:	Description:
domain	The type to be used for the mail server.

mta_signal_system_mail(
	
		domain
		
	)

Summary

Send signals to system mail.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_spec_filetrans_aliases(
	
		domain
		
			,
		
		file_type
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create specified objects in specified directories with a type transition to the mail address alias type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
file_type	Directory to transition on.
object	The object class of the object being created.
name	The name of the object being created.

mta_spool_filetrans(
	
		domain
		
			,
		
		private type
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create specified objects in the mail spool directory with a private type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
private type	The type of the object to be created.
object	The object class of the object being created.
name	The name of the object being created.

mta_stub(
	
		domain
		
	)

Summary

MTA stub interface. No access allowed.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_system_content(
	
		type
		
	)

Summary

Make the specified type by a system MTA.

Parameters

Parameter:	Description:
type	Type to be used as a mail client.

mta_system_mail_role(
	
		domain
		
	)

Summary

Allow system_mail_t to run in a role

Parameters

Parameter:	Description:
domain	Role allowed access.

mta_use_mailserver_fds(
	
		type
		
	)

Summary

Inherit FDs from mailserver_domain domains

Parameters

Parameter:	Description:
type	Type for a list server or delivery agent that inherits fds

mta_watch_spool(
	
		domain
		
	)

Summary

Watch mail spool content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

mta_write_config(
	
		domain
		
	)

Summary

Write mail server configuration files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return

Templates:

mta_base_mail_template(
	
		domain_prefix
		
	)

Summary

The template to define a mail domain.

Parameters

Parameter:	Description:
domain_prefix	Domain prefix to be used.

mta_role(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

Role access for mta.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

Return