diff --git a/strict/domains/program/NetworkManager.te b/strict/domains/program/NetworkManager.te
new file mode 100644
index 0000000..1ef8916
--- /dev/null
+++ b/strict/domains/program/NetworkManager.te
@@ -0,0 +1,108 @@
+#DESC NetworkManager - 
+#
+# Authors: Dan Walsh <dwalsh@redhat.com>
+#
+#
+
+#################################
+#
+# Rules for the NetworkManager_t domain.
+#
+# NetworkManager_t is the domain for the NetworkManager daemon. 
+# NetworkManager_exec_t is the type of the NetworkManager executable.
+#
+daemon_domain(NetworkManager, `, nscd_client_domain, privsysmod' )
+
+can_network(NetworkManager_t)
+allow NetworkManager_t port_type:tcp_socket name_connect;
+allow NetworkManager_t dhcpc_port_t:udp_socket name_bind;
+allow NetworkManager_t dhcpc_t:process signal;
+
+can_ypbind(NetworkManager_t)
+uses_shlib(NetworkManager_t)
+allow NetworkManager_t self:capability { kill setgid setuid sys_nice dac_override net_admin net_raw net_bind_service sys_module};
+
+allow NetworkManager_t { random_device_t urandom_device_t }:chr_file { getattr read };
+
+allow NetworkManager_t self:process { setcap getsched };
+allow NetworkManager_t self:fifo_file rw_file_perms;
+allow NetworkManager_t self:unix_dgram_socket create_socket_perms;
+allow NetworkManager_t self:file { getattr read };
+allow NetworkManager_t self:packet_socket create_socket_perms;
+allow NetworkManager_t self:unix_stream_socket create_stream_socket_perms;
+
+
+#
+# Communicate with Caching Name Server
+#
+ifdef(`named.te', `
+allow NetworkManager_t named_zone_t:dir search;
+rw_dir_create_file(NetworkManager_t, named_cache_t)
+domain_auto_trans(NetworkManager_t, named_exec_t, named_t)
+allow named_t NetworkManager_t:udp_socket { read write };
+allow named_t NetworkManager_t:netlink_route_socket { read write };
+allow NetworkManager_t named_t:process signal;
+allow named_t NetworkManager_t:packet_socket { read write };
+')
+
+allow NetworkManager_t selinux_config_t:dir search;
+allow NetworkManager_t selinux_config_t:file { getattr read };
+
+ifdef(`dbusd.te', `
+dbusd_client(system, NetworkManager)
+allow NetworkManager_t system_dbusd_t:dbus { acquire_svc send_msg };
+allow NetworkManager_t self:dbus send_msg;
+ifdef(`hald.te', `
+allow NetworkManager_t hald_t:dbus send_msg;
+allow hald_t NetworkManager_t:dbus send_msg;
+')
+allow NetworkManager_t initrc_t:dbus send_msg;
+allow initrc_t NetworkManager_t:dbus send_msg;
+ifdef(`targeted_policy', `
+allow NetworkManager_t unconfined_t:dbus send_msg;
+allow unconfined_t NetworkManager_t:dbus send_msg;
+')
+allow NetworkManager_t userdomain:dbus send_msg;
+allow userdomain NetworkManager_t:dbus send_msg;
+')
+
+allow NetworkManager_t usr_t:file { getattr read };
+
+ifdef(`ifconfig.te', `
+domain_auto_trans(NetworkManager_t, ifconfig_exec_t, ifconfig_t)
+')dnl end if def ifconfig
+
+allow NetworkManager_t { sbin_t bin_t }:dir search;
+allow NetworkManager_t bin_t:lnk_file read;
+can_exec(NetworkManager_t, { ls_exec_t sbin_t bin_t shell_exec_t })
+
+# in /etc created by NetworkManager will be labelled net_conf_t.
+file_type_auto_trans(NetworkManager_t, etc_t, net_conf_t, file)
+
+allow NetworkManager_t { etc_t etc_runtime_t }:file { getattr read };
+allow NetworkManager_t proc_t:file { getattr read };
+r_dir_file(NetworkManager_t, proc_net_t)
+
+allow NetworkManager_t { domain -unrestricted }:dir search;
+allow NetworkManager_t { domain -unrestricted }:file { getattr read };
+dontaudit NetworkManager_t unrestricted:dir search;
+dontaudit NetworkManager_t unrestricted:file { getattr read };
+
+allow NetworkManager_t howl_t:process signal;
+allow NetworkManager_t initrc_var_run_t:file { getattr read };
+
+domain_auto_trans(NetworkManager_t, insmod_exec_t, insmod_t)
+allow NetworkManager_t self:netlink_route_socket r_netlink_socket_perms;
+
+domain_auto_trans(NetworkManager_t, initrc_exec_t, initrc_t)
+domain_auto_trans(NetworkManager_t, dhcpc_exec_t, dhcpc_t)
+ifdef(`vpnc.te', `
+domain_auto_trans(NetworkManager_t, vpnc_exec_t, vpnc_t)
+')
+
+ifdef(`dhcpc.te', `
+allow NetworkManager_t dhcp_state_t:dir search;
+allow NetworkManager_t dhcpc_var_run_t:file { getattr read unlink };
+')
+allow NetworkManager_t var_lib_t:dir search;
+dontaudit NetworkManager_t user_tty_type:chr_file { read write };
diff --git a/strict/domains/program/alsa.te b/strict/domains/program/alsa.te
new file mode 100644
index 0000000..5717244
--- /dev/null
+++ b/strict/domains/program/alsa.te
@@ -0,0 +1,17 @@
+#DESC       ainit - configuration tool for ALSA
+#
+# Author:  Dan Walsh <dwalsh@redhat.com>
+#
+#
+type alsa_t, domain, privlog, daemon;
+type alsa_exec_t, file_type, sysadmfile, exec_type;
+uses_shlib(alsa_t)
+allow alsa_t self:sem  create_sem_perms;
+allow alsa_t self:shm  create_shm_perms;
+allow alsa_t self:unix_stream_socket create_stream_socket_perms;
+type alsa_etc_rw_t, file_type, sysadmfile, usercanread;
+rw_dir_create_file(alsa_t,alsa_etc_rw_t)
+allow alsa_t self:capability { setgid setuid ipc_owner };
+allow alsa_t devpts_t:chr_file { read write };
+allow alsa_t etc_t:file { getattr read };
+domain_auto_trans(pam_console_t, alsa_exec_t, alsa_t)
diff --git a/strict/domains/program/dmidecode.te b/strict/domains/program/dmidecode.te
new file mode 100644
index 0000000..05b93f7
--- /dev/null
+++ b/strict/domains/program/dmidecode.te
@@ -0,0 +1,22 @@
+#DESC dmidecode - decodes DMI data for x86/ia64 bioses 
+#
+# Author: Ivan Gyurdiev <ivg2@cornell.edu>
+#
+
+type dmidecode_t, domain, privmem;
+type dmidecode_exec_t, file_type, exec_type, sysadmfile;
+
+# Allow execution by the sysadm
+role sysadm_r types dmidecode_t;
+role system_r types dmidecode_t;
+domain_auto_trans(sysadm_t, dmidecode_exec_t, dmidecode_t)
+
+uses_shlib(dmidecode_t)
+
+# Allow terminal access
+access_terminal(dmidecode_t, sysadm)
+
+# Allow dmidecode to read /dev/mem
+allow dmidecode_t memory_device_t:chr_file read;
+
+allow dmidecode_t self:capability sys_rawio;
diff --git a/strict/domains/program/unused/NetworkManager.te b/strict/domains/program/unused/NetworkManager.te
deleted file mode 100644
index 1ef8916..0000000
--- a/strict/domains/program/unused/NetworkManager.te
+++ /dev/null
@@ -1,108 +0,0 @@
-#DESC NetworkManager - 
-#
-# Authors: Dan Walsh <dwalsh@redhat.com>
-#
-#
-
-#################################
-#
-# Rules for the NetworkManager_t domain.
-#
-# NetworkManager_t is the domain for the NetworkManager daemon. 
-# NetworkManager_exec_t is the type of the NetworkManager executable.
-#
-daemon_domain(NetworkManager, `, nscd_client_domain, privsysmod' )
-
-can_network(NetworkManager_t)
-allow NetworkManager_t port_type:tcp_socket name_connect;
-allow NetworkManager_t dhcpc_port_t:udp_socket name_bind;
-allow NetworkManager_t dhcpc_t:process signal;
-
-can_ypbind(NetworkManager_t)
-uses_shlib(NetworkManager_t)
-allow NetworkManager_t self:capability { kill setgid setuid sys_nice dac_override net_admin net_raw net_bind_service sys_module};
-
-allow NetworkManager_t { random_device_t urandom_device_t }:chr_file { getattr read };
-
-allow NetworkManager_t self:process { setcap getsched };
-allow NetworkManager_t self:fifo_file rw_file_perms;
-allow NetworkManager_t self:unix_dgram_socket create_socket_perms;
-allow NetworkManager_t self:file { getattr read };
-allow NetworkManager_t self:packet_socket create_socket_perms;
-allow NetworkManager_t self:unix_stream_socket create_stream_socket_perms;
-
-
-#
-# Communicate with Caching Name Server
-#
-ifdef(`named.te', `
-allow NetworkManager_t named_zone_t:dir search;
-rw_dir_create_file(NetworkManager_t, named_cache_t)
-domain_auto_trans(NetworkManager_t, named_exec_t, named_t)
-allow named_t NetworkManager_t:udp_socket { read write };
-allow named_t NetworkManager_t:netlink_route_socket { read write };
-allow NetworkManager_t named_t:process signal;
-allow named_t NetworkManager_t:packet_socket { read write };
-')
-
-allow NetworkManager_t selinux_config_t:dir search;
-allow NetworkManager_t selinux_config_t:file { getattr read };
-
-ifdef(`dbusd.te', `
-dbusd_client(system, NetworkManager)
-allow NetworkManager_t system_dbusd_t:dbus { acquire_svc send_msg };
-allow NetworkManager_t self:dbus send_msg;
-ifdef(`hald.te', `
-allow NetworkManager_t hald_t:dbus send_msg;
-allow hald_t NetworkManager_t:dbus send_msg;
-')
-allow NetworkManager_t initrc_t:dbus send_msg;
-allow initrc_t NetworkManager_t:dbus send_msg;
-ifdef(`targeted_policy', `
-allow NetworkManager_t unconfined_t:dbus send_msg;
-allow unconfined_t NetworkManager_t:dbus send_msg;
-')
-allow NetworkManager_t userdomain:dbus send_msg;
-allow userdomain NetworkManager_t:dbus send_msg;
-')
-
-allow NetworkManager_t usr_t:file { getattr read };
-
-ifdef(`ifconfig.te', `
-domain_auto_trans(NetworkManager_t, ifconfig_exec_t, ifconfig_t)
-')dnl end if def ifconfig
-
-allow NetworkManager_t { sbin_t bin_t }:dir search;
-allow NetworkManager_t bin_t:lnk_file read;
-can_exec(NetworkManager_t, { ls_exec_t sbin_t bin_t shell_exec_t })
-
-# in /etc created by NetworkManager will be labelled net_conf_t.
-file_type_auto_trans(NetworkManager_t, etc_t, net_conf_t, file)
-
-allow NetworkManager_t { etc_t etc_runtime_t }:file { getattr read };
-allow NetworkManager_t proc_t:file { getattr read };
-r_dir_file(NetworkManager_t, proc_net_t)
-
-allow NetworkManager_t { domain -unrestricted }:dir search;
-allow NetworkManager_t { domain -unrestricted }:file { getattr read };
-dontaudit NetworkManager_t unrestricted:dir search;
-dontaudit NetworkManager_t unrestricted:file { getattr read };
-
-allow NetworkManager_t howl_t:process signal;
-allow NetworkManager_t initrc_var_run_t:file { getattr read };
-
-domain_auto_trans(NetworkManager_t, insmod_exec_t, insmod_t)
-allow NetworkManager_t self:netlink_route_socket r_netlink_socket_perms;
-
-domain_auto_trans(NetworkManager_t, initrc_exec_t, initrc_t)
-domain_auto_trans(NetworkManager_t, dhcpc_exec_t, dhcpc_t)
-ifdef(`vpnc.te', `
-domain_auto_trans(NetworkManager_t, vpnc_exec_t, vpnc_t)
-')
-
-ifdef(`dhcpc.te', `
-allow NetworkManager_t dhcp_state_t:dir search;
-allow NetworkManager_t dhcpc_var_run_t:file { getattr read unlink };
-')
-allow NetworkManager_t var_lib_t:dir search;
-dontaudit NetworkManager_t user_tty_type:chr_file { read write };
diff --git a/strict/domains/program/unused/alsa.te b/strict/domains/program/unused/alsa.te
deleted file mode 100644
index 5717244..0000000
--- a/strict/domains/program/unused/alsa.te
+++ /dev/null
@@ -1,17 +0,0 @@
-#DESC       ainit - configuration tool for ALSA
-#
-# Author:  Dan Walsh <dwalsh@redhat.com>
-#
-#
-type alsa_t, domain, privlog, daemon;
-type alsa_exec_t, file_type, sysadmfile, exec_type;
-uses_shlib(alsa_t)
-allow alsa_t self:sem  create_sem_perms;
-allow alsa_t self:shm  create_shm_perms;
-allow alsa_t self:unix_stream_socket create_stream_socket_perms;
-type alsa_etc_rw_t, file_type, sysadmfile, usercanread;
-rw_dir_create_file(alsa_t,alsa_etc_rw_t)
-allow alsa_t self:capability { setgid setuid ipc_owner };
-allow alsa_t devpts_t:chr_file { read write };
-allow alsa_t etc_t:file { getattr read };
-domain_auto_trans(pam_console_t, alsa_exec_t, alsa_t)
diff --git a/strict/domains/program/unused/dmidecode.te b/strict/domains/program/unused/dmidecode.te
deleted file mode 100644
index 05b93f7..0000000
--- a/strict/domains/program/unused/dmidecode.te
+++ /dev/null
@@ -1,22 +0,0 @@
-#DESC dmidecode - decodes DMI data for x86/ia64 bioses 
-#
-# Author: Ivan Gyurdiev <ivg2@cornell.edu>
-#
-
-type dmidecode_t, domain, privmem;
-type dmidecode_exec_t, file_type, exec_type, sysadmfile;
-
-# Allow execution by the sysadm
-role sysadm_r types dmidecode_t;
-role system_r types dmidecode_t;
-domain_auto_trans(sysadm_t, dmidecode_exec_t, dmidecode_t)
-
-uses_shlib(dmidecode_t)
-
-# Allow terminal access
-access_terminal(dmidecode_t, sysadm)
-
-# Allow dmidecode to read /dev/mem
-allow dmidecode_t memory_device_t:chr_file read;
-
-allow dmidecode_t self:capability sys_rawio;