diff --git a/policy/modules/services/procmail.te b/policy/modules/services/procmail.te
index bf1e99c..15bc32c 100644
--- a/policy/modules/services/procmail.te
+++ b/policy/modules/services/procmail.te
@@ -1,5 +1,5 @@
 
-policy_module(procmail,1.2.5)
+policy_module(procmail,1.2.6)
 
 ########################################
 #
@@ -38,6 +38,7 @@ corenet_udp_sendrecv_all_ports(procmail_t)
 corenet_udp_bind_all_nodes(procmail_t)
 corenet_tcp_connect_spamd_port(procmail_t)
 corenet_sendrecv_spamd_client_packets(procmail_t)
+corenet_sendrecv_comsat_client_packets(procmail_t)
 
 dev_read_urand(procmail_t)
 
diff --git a/policy/modules/services/rpc.if b/policy/modules/services/rpc.if
index 52dd231..32b5371 100644
--- a/policy/modules/services/rpc.if
+++ b/policy/modules/services/rpc.if
@@ -1,5 +1,21 @@
 ## <summary>Remote Procedure Call Daemon for managment of network based process communication</summary>
 
+########################################
+## <summary>
+##	RPC stub interface.  No access allowed.
+## </summary>
+## <param name="domain" optional="true">
+##	<summary>
+##	N/A
+##	</summary>
+## </param>
+#
+interface(`rpc_stub',`
+	gen_require(`
+		type exports_t;
+	')
+')
+
 #######################################
 ## <summary>
 ##	The template to define a rpc domain.
@@ -95,6 +111,7 @@ template(`rpc_domain_template', `
 
 	miscfiles_read_localization($1_t)
 
+	sysnet_dns_name_resolve($1_t)
 	sysnet_read_config($1_t)
 
 	userdom_dontaudit_use_unpriv_user_fds($1_t)
diff --git a/policy/modules/services/rpc.te b/policy/modules/services/rpc.te
index 318ec0a..955933c 100644
--- a/policy/modules/services/rpc.te
+++ b/policy/modules/services/rpc.te
@@ -1,5 +1,5 @@
 
-policy_module(rpc,1.2.13)
+policy_module(rpc,1.2.14)
 
 ########################################
 #
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
index 3920f15..5d5bd5a 100644
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@@ -1,5 +1,5 @@
 
-policy_module(mount,1.3.10)
+policy_module(mount,1.3.11)
 
 ########################################
 #
@@ -148,6 +148,10 @@ optional_policy(`
 
 	fs_search_rpc(mount_t)
 
+	sysnet_dns_name_resolve(mount_t)
+
+	rpc_stub(mount_t)
+
 	optional_policy(`
 		nis_use_ypbind(mount_t)
 	')
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 407b2c3..1bc0ac8 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -952,6 +952,7 @@ template(`userdom_unpriv_user_template', `
 	# the same domain and outside users)  disabling this forces FTP passive mode
 	# and may change other protocols
 	tunable_policy(`user_tcp_server',`
+		corenet_tcp_bind_all_nodes($1_t)
 		corenet_tcp_bind_generic_port($1_t)
 	')
 
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
index ba8819b..f292eca 100644
--- a/policy/modules/system/userdomain.te
+++ b/policy/modules/system/userdomain.te
@@ -1,5 +1,5 @@
 
-policy_module(userdomain,1.3.31)
+policy_module(userdomain,1.3.32)
 
 gen_require(`
 	role sysadm_r, staff_r, user_r;