# $Id: postfix-smtp 5268 2005-09-08 22:44:11Z sarnold $
# ----------------------------------------------------------------------
#    PROPRIETARY DATA of NOVELL INC.
#    Copyright (c) 2004-2005, NOVELL (All rights reserved)
#
#    This document contains trade secret data which is the property
#    of NOVELL Inc.  This document is submitted to recipient in
#    confidence. Information contained herein may not be used, copied
#    or disclosed in whole or in part except as permitted by written
#    agreement signed by an officer of NOVELL, Inc.
# ----------------------------------------------------------------------
# used with postfix/smtp
#
# dac caps needed to take in email that root can't read via normal
# perms.
  capability dac_override,
  capability dac_read_search,

  /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/*                 rwl,
  /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]*                  rwl,
  /{var/spool/postfix/,}active/[0-9A-F]*                           rwl,
  /{var/spool/postfix/,}private/bounce                             w,
  /{var/spool/postfix/,}private/defer                              w,
  /{var/spool/postfix/,}private/scache                             w,
  /{var/spool/postfix/,}private/tlsmgr                             w,
  /{var/spool/postfix/,}private/trace                              w,
  /{var/spool/postfix/,}public/flush                               w,
  /etc/postfix/{ssl/,}*.pem                   r,
  /etc/postfix/prng_exch                      rw,
  /proc/sys/kernel/ngroups_max                r,
  /usr/share/ssl/certs/ca-bundle.crt          r,
  /usr/share/ssl/openssl.cnf                  r,
  /var/spool/postfix/pid/unix.smtp            rw,
  /var/spool/postfix/pid/unix.relay           rw,
  /etc/postfix/virtual.db                     r,
  /etc/mtab                                   r,
  /proc/stat                                  r,
  /proc/meminfo                               r,
