File: //proc/self/root/proc/thread-self/root/usr/share/apparmor/extra-profiles/postfix-master
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
# Copyright (C) 2018 Canonical, Ltd.
# Copyright (C) 2019 Christian Boltz
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
abi <abi/3.0>,
include <tunables/global>
profile postfix-master /usr/lib/postfix/{bin/,sbin/,}master {
include <abstractions/base>
include <abstractions/nameservice>
include <abstractions/postfix-common>
capability net_bind_service,
capability kill,
capability dac_override,
capability dac_read_search,
signal send peer=postfix-*,
signal peer=@{profile_name},
unix (send receive) type=stream peer=(label=postfix-*),
/etc/postfix/master.cf r,
/{var/spool/postfix/,}pid/master.pid rwk,
/{var/spool/postfix/,}pid/unix.lmtp wk,
/{var/spool/postfix/,}private/* wl,
/{var/spool/postfix/,}private/tlsmgr rwl,
/{var/spool/postfix/,}public/{cleanup,flush,pickup,postlog,qmgr,showq,tlsmgr} rwl,
/usr/lib/postfix/{bin/,sbin/,}anvil Px,
/usr/lib/postfix/{bin/,sbin/,}bounce Px,
/usr/lib/postfix/{bin/,sbin/,}cleanup Px,
/usr/lib/postfix/{bin/,sbin/,}error Px,
/usr/lib/postfix/{bin/,sbin/,}flush Px,
/usr/lib/postfix/{bin/,sbin/,}local Px,
/usr/lib/postfix/{bin/,sbin/,}lmtp mrPx,
/usr/lib/postfix/{bin/,sbin/,}master mrix,
/usr/lib/postfix/{bin/,sbin/,}nqmgr Px,
/usr/lib/postfix/{bin/,sbin/,}proxymap Px,
/usr/lib/postfix/{bin/,sbin/,}pickup Px,
/usr/lib/postfix/{bin/,sbin/,}pipe Px,
/usr/lib/postfix/{bin/,sbin/,}qmgr Px,
/usr/lib/postfix/{bin/,sbin/,}scache Px,
/usr/lib/postfix/{bin/,sbin/,}showq Px,
/usr/lib/postfix/{bin/,sbin/,}smtp Px,
/usr/lib/postfix/{bin/,sbin/,}smtpd Px,
/usr/lib/postfix/{bin/,sbin/,}tlsmgr Px,
/usr/lib/postfix/{bin/,sbin/,}trivial-rewrite Px,
owner /var/lib/postfix/master.lock rwk,
}