diff --git a/modules-targeted.conf b/modules-targeted.conf
index 683fec4..33de0d0 100644
--- a/modules-targeted.conf
+++ b/modules-targeted.conf
@@ -888,6 +888,13 @@ portmap = base
postfix = base
# Layer: services
+# Module: postgrey
+#
+# email scanner
+#
+postgrey = base
+
+# Layer: services
# Module: ppp
#
# Point to Point Protocol daemon creates links in ppp networks
diff --git a/policy-20070703.patch b/policy-20070703.patch
index e87ef57..daa5ef9 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -13806,7 +13806,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
+/var/cache/coolkey(/.*)? gen_context(system_u:object_r:auth_cache_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.0.8/policy/modules/system/authlogin.if
--- nsaserefpolicy/policy/modules/system/authlogin.if 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.if 2007-11-10 07:11:24.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.if 2007-11-10 09:11:11.000000000 -0500
@@ -26,7 +26,8 @@
type $1_chkpwd_t, can_read_shadow_passwords;
application_domain($1_chkpwd_t,chkpwd_exec_t)
@@ -13870,7 +13870,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
selinux_get_fs_mount($1)
selinux_validate_context($1)
selinux_compute_access_vector($1)
-@@ -196,20 +218,41 @@
+@@ -196,20 +218,42 @@
mls_fd_share_all_levels($1)
auth_domtrans_chk_passwd($1)
@@ -13905,6 +13905,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
+
+ optional_policy(`
+ nis_authenticate($1)
++ ')
+
+ optional_policy(`
+ unconfined_set_rlimitnh($1)
@@ -13913,7 +13914,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
tunable_policy(`allow_polyinstantiation',`
files_polyinstantiate_all($1)
')
-@@ -309,9 +352,6 @@
+@@ -309,9 +353,6 @@
type system_chkpwd_t, chkpwd_exec_t, shadow_t;
')
@@ -13923,7 +13924,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
corecmd_search_bin($1)
domtrans_pattern($1,chkpwd_exec_t,system_chkpwd_t)
-@@ -329,6 +369,8 @@
+@@ -329,6 +370,8 @@
optional_policy(`
kerberos_use($1)
@@ -13932,7 +13933,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
')
optional_policy(`
-@@ -347,6 +389,37 @@
+@@ -347,6 +390,37 @@
########################################
##
@@ -13970,7 +13971,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
## Get the attributes of the shadow passwords file.
##
##
-@@ -695,6 +768,24 @@
+@@ -695,6 +769,24 @@
########################################
##
@@ -13995,7 +13996,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
## Execute pam programs in the PAM domain.
##
##
-@@ -1318,16 +1409,14 @@
+@@ -1318,16 +1410,14 @@
##
#
interface(`auth_use_nsswitch',`
@@ -14015,7 +14016,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
miscfiles_read_certs($1)
sysnet_dns_name_resolve($1)
-@@ -1347,6 +1436,8 @@
+@@ -1347,6 +1437,8 @@
optional_policy(`
samba_stream_connect_winbind($1)
@@ -14024,7 +14025,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
')
')
-@@ -1381,3 +1472,181 @@
+@@ -1381,3 +1473,181 @@
typeattribute $1 can_write_shadow_passwords;
typeattribute $1 can_relabelto_shadow_passwords;
')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index b8e7c76..ab3712d 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.0.8
-Release: 50%{?dist}
+Release: 51%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -380,6 +380,14 @@ exit 0
%endif
%changelog
+* Sat Nov 10 2007 Dan Walsh 3.0.8-51
+- Allow login programs to run mount
+- Dontaudit writes to user_home_t for semanage
+- Allow sendmail to write to cyrus_stream
+- Define /dev/dmmidi1 as a sound_device_t
+- Allow saslauthd to use nis_authentication
+
+
* Fri Nov 9 2007 Dan Walsh 3.0.8-50
- Allow login programs to delete user temp files