Hi,
this is a rather special use case, but I think it is valid. According to Pauls hints at http://marilyn.frields.org:8080/~paul/wordpress/?p=2616 I configured postfix to relay my local mail via some mail servers. But since I like a clean approach I did not want the sasl_password files in /etc/ so that the admin (me) has to handle plain text passwords there.
Postfix seems to support multiple db files at arbitrary positions. But SELinux does not. I guess the transition to postfix_smtp_t is a little too early (before chroot). So I changed the context of my sasl_passwd files to postfix_smtp_t, just to notice that:
1. I (as a user) cannot do this 2. After I did it nevertheless I cannot edit those files
So here is my proposal:
Introduce postfix_userconfig_t and let postfix_smtp_t read it, and allow transitions and read/write access from unconfined_t to it. I know that this is suboptimal because it effectively becomes unconfinded_t, but since the admin _must_ add those files to /etc/postfix/main.cf (and should allow only harmless files) I guess that this is ok.
any objections or shall I try to write a patch for the policy?