Description of problem:
Wjen the thinkfinger package is used to support fingerprint readers several
programs need additional permissions.  So far I encountered pam_console_apply
and gdm.  Here are the AVCs:

avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0
exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0
path=/dev/input/uinput pid=5439
scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 sgid=500
subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=chr_file
tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 

and

avc: denied { write } for comm=gdm-binary dev=tmpfs name=uinput pid=2425
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=chr_file
tcontext=system_u:object_r:device_t:s0 

/dev/input/uinput is the device of the fingerprint reader, or at least the
device to read the data from.  Maybe this means /dev/input/uinput should get a
new label.  Allowing these programs to access all device_t objects seems to be
to relaxed.  Maybe create uintput_device_t.

Version-Release number of selected component (if applicable):
selinux-policy-3.0.8-8.fc8.noarch

How reproducible:
always

Steps to Reproduce:
1.install F8t2
2.install thinkfinger on appropriate laptop
3.boot and login
  
Actual results:
above AVCs

Expected results:
No AVCs and working check-in via the fingerprint reader.

Additional info: