From Debian package 0.2.20100524-5

  * Allow cron jobs to write to crond_tmp_t

Index: policy/modules/services/cron.if
===================================================================
--- policy/modules/services/cron.if.orig
+++ policy/modules/services/cron.if
@@ -257,11 +257,12 @@
 #
 interface(`cron_system_entry',`
 	gen_require(`
-		type crond_t, system_cronjob_t;
+		type crond_t, system_cronjob_t, crond_tmp_t;
 	')
 
 	domtrans_pattern(system_cronjob_t, $2, $1)
 	domtrans_pattern(crond_t, $2, $1)
+	allow $1 crond_tmp_t:file { read write ioctl };
 
 	role system_r types $1;
 ')