--- selinux/dirsrv-admin.if	2010-01-20 10:39:35.765329723 -0800
+++ selinux/dirsrv-admin.if	2010-01-20 11:15:09.351304364 -0800
@@ -25,7 +25,6 @@
 
 	files_exec_usr_files(httpd_t)
 	files_manage_generic_tmp_files(httpd_t)
-	userdom_rw_user_tmp_files(httpd_t)
 	corenet_tcp_connect_generic_port(httpd_t)
 
 	# Strict policy
@@ -81,7 +80,7 @@
 
 	# Allow dirsrv to interact with CGIs
 	allow dirsrv_t httpd_dirsrvadmin_script_t:unix_stream_socket { read write };
-	allow dirsrv_t dirsrvadmin_tmp_t:file write;
+	allow dirsrv_t httpd_dirsrvadmin_script_rw_t:file write;
 
 	# Allow dirsrv domain to interact with httpd
 	allow dirsrv_t httpd_t:fifo_file { write read };
--- selinux/dirsrv-admin.te	2009-10-22 14:27:21.228545844 -0700
+++ selinux/dirsrv-admin.te	2009-10-22 14:27:36.348546152 -0700
@@ -113,9 +113,6 @@
 # The CGI scripts must be able to manage dirsrv-admin
 dirsrvadmin_run_exec(httpd_dirsrvadmin_script_t)
 dirsrvadmin_manage_config(httpd_dirsrvadmin_script_t)
-manage_files_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t)
-manage_dirs_pattern(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, dirsrvadmin_tmp_t)
-files_tmp_filetrans(httpd_dirsrvadmin_script_t, dirsrvadmin_tmp_t, { file dir })
 
 # The CGI scripts must be able to manage the dirsrv
 dirsrv_domtrans(httpd_dirsrvadmin_script_t)