diff --git a/refpolicy/policy/modules/admin/rpm.te b/refpolicy/policy/modules/admin/rpm.te
index 0b65622..246c73f 100644
--- a/refpolicy/policy/modules/admin/rpm.te
+++ b/refpolicy/policy/modules/admin/rpm.te
@@ -201,9 +201,6 @@ optional_policy(`nis',`
 ')
 
 ifdef(`TODO',`
-# cjp: this seems way out of place
-role sysadm_r types initrc_t;
-
 # read/write/create any files in the system
 dontaudit rpm_t domain:{ socket unix_dgram_socket udp_socket unix_stream_socket tcp_socket fifo_file rawip_socket packet_socket } getattr;
 allow rpm_t ttyfile:chr_file unlink;
diff --git a/refpolicy/policy/modules/services/dbus.te b/refpolicy/policy/modules/services/dbus.te
index e54be52..ff68da7 100644
--- a/refpolicy/policy/modules/services/dbus.te
+++ b/refpolicy/policy/modules/services/dbus.te
@@ -1,5 +1,5 @@
 
-policy_module(dbus,1.0)
+policy_module(dbus,1.0.1)
 
 gen_require(`
 	class dbus { send_msg acquire_svc };
@@ -30,7 +30,7 @@ files_pid_file(system_dbusd_var_run_t)
 
 # dac_override: /var/run/dbus is owned by messagebus on Debian
 # cjp: dac_override should probably go in a distro_debian
-allow system_dbusd_t self:capability { dac_override setgid setuid };
+allow system_dbusd_t self:capability { dac_override setgid setpcap setuid };
 dontaudit system_dbusd_t self:capability sys_tty_config;
 allow system_dbusd_t self:process { getattr signal_perms };
 allow system_dbusd_t self:fifo_file { read write };
diff --git a/refpolicy/policy/modules/system/authlogin.te b/refpolicy/policy/modules/system/authlogin.te
index eea835a..157b8d4 100644
--- a/refpolicy/policy/modules/system/authlogin.te
+++ b/refpolicy/policy/modules/system/authlogin.te
@@ -1,5 +1,5 @@
 
-policy_module(authlogin,1.0.1)
+policy_module(authlogin,1.0.2)
 
 ########################################
 #
@@ -278,6 +278,7 @@ dev_read_urand(system_chkpwd_t)
 fs_dontaudit_getattr_xattr_fs(system_chkpwd_t)
 
 term_dontaudit_use_unallocated_tty(system_chkpwd_t)
+term_dontaudit_use_generic_pty(system_chkpwd_t)
 
 corecmd_search_sbin(system_chkpwd_t)
 
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index 309379c..2951995 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -1,5 +1,5 @@
 
-policy_module(logging,1.0.1)
+policy_module(logging,1.0.2)
 
 ########################################
 #
@@ -69,7 +69,9 @@ allow auditctl_t etc_t:file { getattr read };
 allow auditctl_t auditd_etc_t:file r_file_perms;
 
 kernel_read_kernel_sysctl(auditctl_t)
+kernel_read_proc_symlinks(auditctl_t)
 
+domain_read_all_domains_state(auditctl_t)
 domain_use_wide_inherit_fd(auditctl_t)
 
 init_use_script_pty(auditctl_t)