Locate authdaemon socket and communicate with authdaemon

Without this, authentication fails. The following is shown in the logs:

Dec 30 19:36:54 localhost imapd: Connection, ip=[::ffff:192.168.100.152]
Dec 30 19:36:54 localhost imapd: authdaemon: s_connect() failed: Permission denied
Dec 30 19:36:54 localhost imapd: LOGIN FAILED, user=root, ip=[::ffff:192.168.100.152]
Dec 30 19:36:54 localhost imapd: authentication error: Permission denied

Through logon, the daemon (courier_pop_t) wants to locate the socket in
/var/lib/courier to initiate communication with the authdaemon.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>

1 files changed, 2 insertions, 0 deletions

diff --git a/policy/modules/contrib/courier.te b/policy/modules/contrib/courier.te
index d59f878c2..e2b0c0d5f 100644
--- a/policy/modules/contrib/courier.te
+++ b/policy/modules/contrib/courier.te
@@ -137,6 +137,8 @@ allow courier_pop_t courier_tcpd_t:{ unix_stream_socket tcp_socket } rw_stream_s
 
 allow courier_pop_t courier_var_lib_t:file { read write };
 
+stream_connect_pattern(courier_pop_t, courier_var_lib_t, courier_var_lib_t, courier_authdaemon_t)
+
 domtrans_pattern(courier_pop_t, courier_authdaemon_exec_t, courier_authdaemon_t)
 
 miscfiles_read_localization(courier_pop_t)