diff --git a/policy-20071130.patch b/policy-20071130.patch
index 880f710..a806e2a 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -23099,8 +23099,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.if serefpolicy-3.3.1/policy/modules/services/sendmail.if
--- nsaserefpolicy/policy/modules/services/sendmail.if 2008-02-26 08:23:10.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/sendmail.if 2008-05-08 11:06:32.000000000 -0400
-@@ -149,3 +149,85 @@
++++ serefpolicy-3.3.1/policy/modules/services/sendmail.if 2008-05-20 16:49:39.433100000 -0400
+@@ -149,3 +149,104 @@
logging_log_filetrans($1,sendmail_log_t,file)
')
@@ -23186,6 +23186,25 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
+ role $2 types unconfined_sendmail_t;
+ allow unconfined_sendmail_t $3:chr_file rw_file_perms;
+')
++
++########################################
++##
++## Allow attempts to read and write to
++## sendmail unnamed pipes.
++##
++##
++##
++## Domain to not audit.
++##
++##
++#
++interface(`sendmail_rw_pipes',`
++ gen_require(`
++ type sendmail_t;
++ ')
++
++ allow $1 sendmail_t:fifo_file rw_fifo_file_perms;
++')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.te serefpolicy-3.3.1/policy/modules/services/sendmail.te
--- nsaserefpolicy/policy/modules/services/sendmail.te 2008-02-26 08:23:10.000000000 -0500
+++ serefpolicy-3.3.1/policy/modules/services/sendmail.te 2008-05-08 11:06:32.000000000 -0400
@@ -23912,7 +23931,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soun
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.fc serefpolicy-3.3.1/policy/modules/services/spamassassin.fc
--- nsaserefpolicy/policy/modules/services/spamassassin.fc 2008-02-26 08:23:10.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/spamassassin.fc 2008-05-08 11:06:32.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/spamassassin.fc 2008-05-20 16:49:22.009675000 -0400
@@ -1,4 +1,4 @@
-HOME_DIR/\.spamassassin(/.*)? gen_context(system_u:object_r:ROLE_spamassassin_home_t,s0)
+HOME_DIR/\.spamassassin(/.*)? gen_context(system_u:object_r:user_spamassassin_home_t,s0)
@@ -23930,7 +23949,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
+/var/log/spamd\.log -- gen_context(system_u:object_r:spamd_log_t,s0)
+
/var/run/spamassassin(/.*)? gen_context(system_u:object_r:spamd_var_run_t,s0)
- /var/run/spamass-milter(/.*)? gen_context(system_u:object_r:spamd_var_run_t,s0)
+-/var/run/spamass-milter(/.*)? gen_context(system_u:object_r:spamd_var_run_t,s0)
++/var/run/spamass-milter.* gen_context(system_u:object_r:spamd_var_run_t,s0)
+/var/spool/milter-regex(/.*)? gen_context(system_u:object_r:spamd_var_run_t,s0)
/var/spool/spamassassin(/.*)? gen_context(system_u:object_r:spamd_spool_t,s0)
@@ -24508,7 +24528,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.3.1/policy/modules/services/spamassassin.te
--- nsaserefpolicy/policy/modules/services/spamassassin.te 2008-02-26 08:23:10.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/spamassassin.te 2008-05-20 15:17:39.975695000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/spamassassin.te 2008-05-20 17:09:45.819685000 -0400
@@ -21,8 +21,10 @@
gen_tunable(spamd_enable_home_dirs,true)
@@ -24638,7 +24658,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
')
optional_policy(`
-@@ -212,3 +260,206 @@
+@@ -212,3 +260,214 @@
optional_policy(`
udev_read_db(spamd_t)
')
@@ -24673,9 +24693,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
+files_tmp_filetrans(spamassassin_t, user_spamassassin_tmp_t, { file dir })
+
+kernel_read_kernel_sysctls(spamassassin_t)
++kernel_read_system_state(spamassassin_t)
+
+dev_read_urand(spamassassin_t)
+
++files_list_var_lib(spamassassin_t)
++read_files_pattern(spamassassin_t,spamd_var_lib_t,spamd_var_lib_t)
++
+fs_search_auto_mountpoints(spamassassin_t)
+
+# this should probably be removed
@@ -24693,6 +24717,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
+files_read_usr_files(spamassassin_t)
+files_dontaudit_search_var(spamassassin_t)
+
++auth_use_nsswitch(spamassassin_t)
++
+libs_use_ld_so(spamassassin_t)
+libs_use_shared_libs(spamassassin_t)
+
@@ -24707,6 +24733,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
+
+userdom_use_unpriv_users_fds(spamassassin_t)
+userdom_search_user_home_dirs(user,spamassassin_t)
++userdom_list_user_files(user, spamassassin_t)
+# cjp: this really should just be the
+# terminal specific to the role
+userdom_use_unpriv_users_ptys(spamassassin_t)
@@ -24755,6 +24782,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
+optional_policy(`
+ mta_read_config(spamassassin_t)
+ sendmail_stub(spamassassin_t)
++ sendmail_rw_pipes(spamassassin_t)
+')
+
+##############################
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 5dcb867..78a370e 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.3.1
-Release: 54%{?dist}
+Release: 55%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -385,6 +385,9 @@ exit 0
%endif
%changelog
+* Tue May 20 2008 Dan Walsh 3.3.1-55
+- More fixes for spamassassin
+
* Tue May 20 2008 Dan Walsh 3.3.1-54
- Allow spamassassin_t to be run by system_r