From dc1bbfd42d8e80a588be318145686f34d934f56c Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Mon, 28 Nov 2011 16:47:36 -0500
Subject: [PATCH] Allow clamd to read spamd_var_run_t files

---
 policy/modules/services/clamav.te       |  1 +
 policy/modules/services/spamassassin.if | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/policy/modules/services/clamav.te b/policy/modules/services/clamav.te
index 4bc077f5..9f2a3582 100644
--- a/policy/modules/services/clamav.te
+++ b/policy/modules/services/clamav.te
@@ -163,6 +163,7 @@ optional_policy(`
 
 optional_policy(`
 	spamd_stream_connect(clamd_t)
+	spamassassin_read_pid_files(clamd_t)
 ')
 
 tunable_policy(`clamd_use_jit',`
diff --git a/policy/modules/services/spamassassin.if b/policy/modules/services/spamassassin.if
index 85e8212d..a313f4bc 100644
--- a/policy/modules/services/spamassassin.if
+++ b/policy/modules/services/spamassassin.if
@@ -313,6 +313,24 @@ interface(`spamd_stream_connect',`
 	stream_connect_pattern($1, spamd_var_run_t, spamd_var_run_t, spamd_t)
 ')
 
+########################################
+## <summary>
+##	Read spamd pid files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`spamassassin_read_pid_files',`
+	gen_require(`
+		type spamd_var_run_t;
+	')
+
+	read_files_pattern($1, spamd_var_run_t, spamd_var_run_t)
+')
+
 ########################################
 ## <summary>
 ##	All of the rules required to administrate
-- 
2.47.3