From ff8208479940acc6b4f1062524562e7533d3d417 Mon Sep 17 00:00:00 2001
From: Shawn Iverson <shawniverson@efa-project.org>
Date: Sun, 23 Aug 2020 11:15:48 -0400
Subject: [PATCH] SELinux update CentOS 8

Former-commit-id: 2b855b911274d9dfe86225ad0de0cf0896c2a14b
---
 rpmbuild/SOURCES/eFa-4.0.2/eFa/eFa8.te | 7 +++++--
 rpmbuild/SPECS/eFa4.spec               | 5 ++++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/rpmbuild/SOURCES/eFa-4.0.2/eFa/eFa8.te b/rpmbuild/SOURCES/eFa-4.0.2/eFa/eFa8.te
index e9821144..7ec7fa65 100644
--- a/rpmbuild/SOURCES/eFa-4.0.2/eFa/eFa8.te
+++ b/rpmbuild/SOURCES/eFa-4.0.2/eFa/eFa8.te
@@ -1,5 +1,5 @@
 
-module eFa 1.0.23;
+module eFa 1.0.24;
 
 type mailwatchsql_etc_t;
 type sqlgreysql_etc_t;
@@ -115,6 +115,7 @@ require {
     type mysqld_var_run_t;
     type rsync_t;
     type gssproxy_t;
+    type setroubleshootd_t;
     class file { getattr open read ioctl execute create lock append write unlink setattr execute_no_trans rename map };
     class dir { getattr read open search write add_name setattr create remove_name ioctl rmdir };
     class sock_file { getattr write };
@@ -303,7 +304,6 @@ dontaudit httpd_sys_script_t ntpd_t:dir { getattr search };
 dontaudit httpd_sys_script_t ntpd_t:file { read open };
 dontaudit httpd_sys_script_t dhcpc_t:dir { getattr search };
 dontaudit httpd_sys_script_t dhcpc_t:file { read open };
-# CentOS 8
 dontaudit httpd_sys_script_t sssd_t:dir { getattr search };
 dontaudit httpd_sys_script_t sssd_t:file { read open };
 dontaudit httpd_sys_script_t systemd_resolved_t:dir { getattr search };
@@ -314,6 +314,8 @@ dontaudit httpd_sys_script_t gpg_agent_t:dir { getattr search };
 dontaudit httpd_sys_script_t gpg_agent_t:file { read open };
 dontaudit httpd_sys_script_t gssproxy_t:dir { getattr search };
 dontaudit httpd_sys_script_t gssproxy_t:file { read open };
+dontaudit httpd_sys_script_t setroubleshootd_t:dir { getattr search };
+dontaudit httpd_sys_script_t setroubleshootd_t:file { read open };
 
 # allow spamassassin and mailscanner lint
 allow httpd_sys_script_t etc_mail_t:dir search;
@@ -416,6 +418,7 @@ allow mscan_t httpd_sys_content_t:file getattr;
 allow mscan_t self:capability dac_override;
 allow mscan_t mysqld_var_run_t:sock_file { write };
 allow mscan_t mscan_t:process { setsched };
+allow mscan_t antivirus_var_run_t:sock_file { getattr write };
 
 #============= greylist_milter_t ==============
 allow greylist_milter_t self:capability { kill dac_override };
diff --git a/rpmbuild/SPECS/eFa4.spec b/rpmbuild/SPECS/eFa4.spec
index bef59dba..68368cba 100644
--- a/rpmbuild/SPECS/eFa4.spec
+++ b/rpmbuild/SPECS/eFa4.spec
@@ -26,7 +26,7 @@
 Name:      eFa
 Summary:   eFa Maintenance rpm
 Version:   4.0.2
-Release:   26.eFa%{?dist}
+Release:   27.eFa%{?dist}
 Epoch:     1
 Group:     Applications/System
 URL:       https://efa-project.org
@@ -468,6 +468,9 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0644, root, root) %{_sysconfdir}/logrotate.d/eFa-logrotate
 
 %changelog
+* Sun Aug 23 2020 eFa Project <shawniverson@efa-project.org> - 4.0.2-27
+- SELinux update
+
 * Sat Aug 22 2020 eFa Project <shawniverson@efa-project.org> - 4.0.2-26
 - SELinux update