From 25b6b0ff1f2cbcd852374aebc4abbf58926bd4f8 Mon Sep 17 00:00:00 2001
From: Paul Howarth <paul@city-fan.org>
Date: Sep 14 2011 13:53:56 +0000
Subject: Add support for opendkim, a fork of dkim-milter


OpenDKIM is a fork of dkim-milter, for which policy already exists in
refpolicy. This patch adds support for OpenDKIM under the same policy.

An opendkim package has recently been introduced into Fedora and has
been used as the basis of this patch.

Paul.

---

diff --git a/dkim.fc b/dkim.fc
index dc1056c..bf4321a 100644
--- a/dkim.fc
+++ b/dkim.fc
@@ -1,9 +1,14 @@
 /etc/mail/dkim-milter/keys(/.*)?	gen_context(system_u:object_r:dkim_milter_private_key_t,s0)
+/etc/opendkim/keys(/.*)?		gen_context(system_u:object_r:dkim_milter_private_key_t,s0)
 
 /usr/sbin/dkim-filter		--	gen_context(system_u:object_r:dkim_milter_exec_t,s0)
+/usr/sbin/opendkim		--	gen_context(system_u:object_r:dkim_milter_exec_t,s0)
 
 /var/db/dkim(/.*)?			gen_context(system_u:object_r:dkim_milter_private_key_t,s0)
 
 /var/run/dkim-filter(/.*)?		gen_context(system_u:object_r:dkim_milter_data_t,s0)
 /var/run/dkim-milter(/.*)?		gen_context(system_u:object_r:dkim_milter_data_t,s0)
 /var/run/dkim-milter\.pid	--	gen_context(system_u:object_r:dkim_milter_data_t,s0)
+/var/run/opendkim(/.*)?			gen_context(system_u:object_r:dkim_milter_data_t,s0)
+
+/var/spool/opendkim(/.*)?		gen_context(system_u:object_r:dkim_milter_data_t,s0)
diff --git a/dkim.te b/dkim.te
index 1b4983d..5daa6bf 100644
--- a/dkim.te
+++ b/dkim.te
@@ -25,6 +25,7 @@ kernel_read_kernel_sysctls(dkim_milter_t)
 dev_read_urand(dkim_milter_t)
 
 files_read_etc_files(dkim_milter_t)
+files_search_spool(dkim_milter_t)
 
 sysnet_dns_name_resolve(dkim_milter_t)