GPG patch from Dan Walsh.

policy/modules/apps/gpg.te

@@ -1,5 +1,5 @@
 
-policy_module(gpg, 2.2.0)
+policy_module(gpg, 2.2.1)
 
 ########################################
 #
@@ -104,11 +104,36 @@ files_dontaudit_search_var(gpg_t)
 
 auth_use_nsswitch(gpg_t)
 
-miscfiles_read_localization(gpg_t)
-
 logging_send_syslog_msg(gpg_t)
 
+miscfiles_read_localization(gpg_t)
+
 userdom_use_user_terminals(gpg_t)
+# sign/encrypt user files
+userdom_manage_user_tmp_files(gpg_t)
+userdom_manage_user_home_content_files(gpg_t)
+
+mta_write_config(gpg_t)
+
+tunable_policy(`use_nfs_home_dirs',`
+	fs_manage_nfs_dirs(gpg_t)
+	fs_manage_nfs_files(gpg_t)
+')
+
+tunable_policy(`use_samba_home_dirs',`
+	fs_manage_cifs_dirs(gpg_t)
+	fs_manage_cifs_files(gpg_t)
+')
+
+optional_policy(`
+	xserver_use_xdm_fds(gpg_t)
+	xserver_rw_xdm_pipes(gpg_t)
+')
+
+optional_policy(`
+	cron_system_entry(gpg_t, gpg_exec_t)
+	cron_read_system_job_tmp_files(gpg_t)
+')
 
 ########################################
 #
@@ -146,23 +171,13 @@ files_read_etc_files(gpg_helper_t)
 auth_use_nsswitch(gpg_helper_t)
 
 userdom_use_user_terminals(gpg_helper_t)
-# sign/encrypt user files
-userdom_manage_user_tmp_files(gpg_t)
-userdom_manage_user_home_content_files(gpg_t)
 
 tunable_policy(`use_nfs_home_dirs',`
-	fs_manage_nfs_dirs(gpg_t)
-	fs_manage_nfs_files(gpg_t)
+	fs_dontaudit_rw_nfs_files(gpg_helper_t)
 ')
 
 tunable_policy(`use_samba_home_dirs',`
-	fs_manage_cifs_dirs(gpg_t)
-	fs_manage_cifs_files(gpg_t)
-')
-
-optional_policy(`
-	xserver_use_xdm_fds(gpg_t)
-	xserver_rw_xdm_pipes(gpg_t)
+	fs_dontaudit_rw_cifs_files(gpg_helper_t)
 ')
 
 ########################################