From Debian package 0.0.20080702-6

Dontaudit logrotate writing to utmp

Index: policy/modules/admin/logrotate.te
===================================================================
--- policy/modules/admin/logrotate.te.orig
+++ policy/modules/admin/logrotate.te
@@ -103,9 +103,12 @@
 files_manage_generic_spool_dirs(logrotate_t)
 files_getattr_generic_locks(logrotate_t)
 
-# cjp: why is this needed?
+# logrotate has to restart some daemons
 init_domtrans_script(logrotate_t)
 
+# for runlevel
+init_dontaudit_write_utmp(logrotate_t)
+
 logging_manage_all_logs(logrotate_t)
 logging_send_syslog_msg(logrotate_t)
 logging_send_audit_msgs(logrotate_t)