From 5c942ceb83ce7b8a3d88618a8d588580afb4036d Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Thu, 10 Jun 2010 08:08:23 -0400
Subject: [PATCH] AFS patch from Dan Walsh.

---
 policy/modules/services/afs.te | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/policy/modules/services/afs.te b/policy/modules/services/afs.te
index 81af7b52..3a11a46f 100644
--- a/policy/modules/services/afs.te
+++ b/policy/modules/services/afs.te
@@ -1,5 +1,5 @@
 
-policy_module(afs, 1.6.0)
+policy_module(afs, 1.6.1)
 
 ########################################
 #
@@ -81,14 +81,6 @@ manage_files_pattern(afs_t, afs_cache_t, afs_cache_t)
 manage_dirs_pattern(afs_t, afs_cache_t, afs_cache_t)
 files_var_filetrans(afs_t, afs_cache_t, { file dir })
 
-files_mounton_mnt(afs_t)
-files_read_etc_files(afs_t)
-files_read_usr_files(afs_t)
-files_rw_etc_runtime_files(afs_t)
-
-fs_getattr_xattr_fs(afs_t)
-fs_mount_nfs(afs_t)
-
 kernel_rw_afs_state(afs_t)
 
 corenet_all_recvfrom_unlabeled(afs_t)
@@ -101,6 +93,15 @@ corenet_tcp_sendrecv_all_ports(afs_t)
 corenet_udp_sendrecv_all_ports(afs_t)
 corenet_udp_bind_generic_node(afs_t)
 
+files_mounton_mnt(afs_t)
+files_read_etc_files(afs_t)
+files_read_usr_files(afs_t)
+files_rw_etc_runtime_files(afs_t)
+
+fs_getattr_xattr_fs(afs_t)
+fs_mount_nfs(afs_t)
+fs_read_nfs_symlinks(afs_t)
+
 logging_send_syslog_msg(afs_t)
 
 miscfiles_read_localization(afs_t)