From 0fd9290bad1af43729a0a7339117c995be291198 Mon Sep 17 00:00:00 2001
From: rhatdan <dwalsh@redhat.com>
Date: Sep 21 2012 14:21:02 +0000
Subject: Rules discovered by Bill Shirley


---

diff --git a/mta.te b/mta.te
index d0d924a..15738c9 100644
--- a/mta.te
+++ b/mta.te
@@ -122,11 +122,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	clamav_stream_connect(system_mail_t)
-	clamav_append_log(system_mail_t)
-')
-
-optional_policy(`
 	courier_stream_connect_authdaemon(system_mail_t)
 ')
 
@@ -439,3 +434,8 @@ optional_policy(`
 optional_policy(`
 	uucp_manage_spool(user_mail_domain)
 ')
+
+optional_policy(`
+	clamav_stream_connect(user_mail_domain)
+	clamav_stream_connect(mta_user_agent)
+')
diff --git a/postfix.te b/postfix.te
index 3bf042f..f94e74f 100644
--- a/postfix.te
+++ b/postfix.te
@@ -333,6 +333,7 @@ tunable_policy(`postfix_local_write_mail_spool',`
 optional_policy(`
 	clamav_search_lib(postfix_local_t)
 	clamav_exec_clamscan(postfix_local_t)
+	clamav_stream_connect(postfix_domain)
 ')
 
 optional_policy(`
@@ -798,6 +799,7 @@ userdom_dontaudit_use_unpriv_user_fds(postfix_domain)
 
 optional_policy(`
 	spamd_stream_connect(postfix_domain)
+	spamassassin_domtrans_client(postfix_domain)
 ')
 
 optional_policy(`
diff --git a/samba.te b/samba.te
index e042b3c..d93d8ce 100644
--- a/samba.te
+++ b/samba.te
@@ -254,6 +254,7 @@ allow smbd_t self:msg { send receive };
 allow smbd_t self:msgq create_msgq_perms;
 allow smbd_t self:sem create_sem_perms;
 allow smbd_t self:shm create_shm_perms;
+allow smbd_t self:key manage_key_perms;
 allow smbd_t self:sock_file read_sock_file_perms;
 allow smbd_t self:tcp_socket create_stream_socket_perms;
 allow smbd_t self:udp_socket create_socket_perms;