Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

24.2. Types

The main permission control method used in SELinux targeted policy to provide advanced process isolation is Type Enforcement. All files and processes are labeled with a type: types define a SELinux domain for processes and a SELinux type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
The following types are used with Postfix. Different types all you to configure flexible access:
postfix_etc_t
This type is used for configuration files for Postfix in the /etc/postfix/ directory.
postfix_data_t
This type is used for Postfix data files in the /var/lib/postfix/ directory.
postfix_var_run_t
This type is used for Postfix files stored in the /run/ directory.
postfix_initrc_exec_t
The Postfix executable files are labeled with the postfix_initrc_exec_t type. When executed, they transition to the postfix_initrc_t domain.
postfix_spool_t
This type is used for Postfix files stored in the /var/spool/ directory.

Note

To see the full list of files and their types for Postfix, enter the following command:
~]$ grep postfix /etc/selinux/targeted/contexts/files/file_contexts