From dcabb11eb5df48c840e8766f26bb705068c26ce1 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Thu, 7 Jan 2010 11:50:20 -0500
Subject: [PATCH] DCC patch from Dan Walsh.

---
 policy/modules/services/dcc.te | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/policy/modules/services/dcc.te b/policy/modules/services/dcc.te
index 0e9f8151..21c8230b 100644
--- a/policy/modules/services/dcc.te
+++ b/policy/modules/services/dcc.te
@@ -1,5 +1,5 @@
 
-policy_module(dcc, 1.8.0)
+policy_module(dcc, 1.8.1)
 
 ########################################
 #
@@ -130,7 +130,7 @@ files_tmp_filetrans(dcc_client_t, dcc_client_tmp_t, { file dir })
 
 # Access files in /var/dcc. The map file can be updated
 allow dcc_client_t dcc_var_t:dir list_dir_perms;
-read_files_pattern(dcc_client_t, dcc_var_t, dcc_var_t)
+manage_files_pattern(dcc_client_t, dcc_var_t, dcc_var_t)
 read_lnk_files_pattern(dcc_client_t, dcc_var_t, dcc_var_t)
 
 kernel_read_system_state(dcc_client_t)
@@ -145,6 +145,8 @@ corenet_udp_bind_generic_node(dcc_client_t)
 files_read_etc_files(dcc_client_t)
 files_read_etc_runtime_files(dcc_client_t)
 
+fs_getattr_all_fs(dcc_client_t)
+
 auth_use_nsswitch(dcc_client_t)
 
 logging_send_syslog_msg(dcc_client_t)
@@ -153,6 +155,10 @@ miscfiles_read_localization(dcc_client_t)
 
 userdom_use_user_terminals(dcc_client_t)
 
+optional_policy(`
+	amavis_read_spool_files(dcc_client_t)
+')
+
 optional_policy(`
 	spamassassin_read_spamd_tmp_files(dcc_client_t)
 ')