Just FYI, I found that I needed the following additional bits in order
to get exim and spamassassin working without spewing AVCs on F9:
module local 1.0;
require {
type exim_spool_t;
type spamd_t;
type exim_t;
class dir { write search read remove_name create getattr add_name };
class file { rename setattr read create ioctl write getattr link unlink append };
}
#============= spamd_t ==============
allow spamd_t exim_spool_t:dir { write search read remove_name create getattr add_name };
allow spamd_t exim_spool_t:file { rename setattr read create getattr write ioctl link
unlink append };
- J<