Index: /selinux/build/afsd.if
===================================================================
--- /selinux/build/afsd.if	(revision 80)
+++ /selinux/build/afsd.if	(revision 81)
@@ -33,7 +33,12 @@
 	allow $1 afsd_etc_t:file r_file_perms;
 	allow $1 afsd_etc_t:lnk_file r_file_perms;
-	allow $1 autofs_t:dir r_dir_perms;
-	allow $1 autofs_t:lnk_file r_file_perms;
-	allow $1 nfs_t:dir manage_dir_perms;
-	allow $1 nfs_t:file_class_set manage_file_perms;
+	allow $1 autofs_t:dir all_dir_perms;
+	allow $1 autofs_t:lnk_file all_lnk_file_perms;
+	allow $1 nfs_t:dir all_dir_perms;
+	allow $1 nfs_t:file all_file_perms;
+	allow $1 nfs_t:lnk_file all_lnk_file_perms;
+	allow $1 nfs_t:sock_file all_sock_file_perms;
+	allow $1 nfs_t:fifo_file all_fifo_file_perms;
+	allow $1 nfs_t:chr_file all_chr_file_perms;
+	allow $1 nfs_t:blk_file all_blk_file_perms;
 ')
Index: /selinux/build/misc.te
===================================================================
--- /selinux/build/misc.te	(revision 80)
+++ /selinux/build/misc.te	(revision 81)
@@ -5,4 +5,5 @@
 require {
 	type crond_t, kernel_t, sshd_t, user_t, httpd_t;
+	type postfix_local_t, procmail_t;
 	type proc_t;
 }
@@ -11,4 +12,6 @@
 afs_access(httpd_t);
 afs_access(kernel_t);
+afs_access(postfix_local_t);
+afs_access(procmail_t);
 afs_access(sshd_t);
 afs_access(user_t);
@@ -43,5 +46,5 @@
 
 require {
-	type sshd_t;
+	type sendmail_t, sshd_t;
 };
 
@@ -53,5 +56,8 @@
 mta_sendmail_exec(user_t)
 can_exec(user_t, sendmail_exec_t)
-
+allow sendmail_t postfix_local_t:fd use;
+allow sendmail_t postfix_local_t:fifo_file { getattr write };
+corecmd_exec_bin(procmail_t)
+corecmd_exec_sbin(procmail_t)
 
 ### HTTPD ###