# ------------------------------------------------------------------
#
#    Copyright (C) 2006 Novell/SUSE
#    Copyright (C) 2017 Christian Boltz
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------

#include <tunables/global>

profile postfix-pipe /usr/lib/postfix/{bin/,sbin/}pipe {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/postfix-common>

  /usr/lib/postfix/{bin/,sbin/}pipe              mr,

  /usr/bin/doveconf                              mr,
  /usr/lib/dovecot/dovecot-lda                   Px,

  /etc/dovecot/dovecot.conf                      r,
  /etc/dovecot/conf.d/                           r,
  /etc/dovecot/conf.d/*                          r,

  owner /srv/maildirs/**                         rwk,

  owner /var/spool/postfix/active/*              rwk,
  owner /var/spool/postfix/private/bounce        w,
  owner /var/spool/postfix/private/defer         w,
  owner /var/spool/postfix/private/rewrite       w,
  owner /var/spool/postfix/private/trace         w,

  /var/spool/postfix/pid/unix.dovecot            rwk,

  # Site-specific additions and overrides. See local/README for details.
  #include <local/postfix-pipe>
}
