diff --git a/policy/modules/services/prelude.fc b/policy/modules/services/prelude.fc
index e590273..3bd847a 100644
--- a/policy/modules/services/prelude.fc
+++ b/policy/modules/services/prelude.fc
@@ -1,11 +1,18 @@
+/etc/prelude-correlator(/.*)?		gen_context(system_u:object_r:prelude_correlator_config_t, s0)
+/etc/rc\.d/init\.d/prelude-correlator -- gen_context(system_u:object_r:prelude_initrc_exec_t, s0)
+/etc/rc\.d/init\.d/prelude-lml --	gen_context(system_u:object_r:prelude_initrc_exec_t,s0)
+/etc/rc\.d/init\.d/prelude-manager --	gen_context(system_u:object_r:prelude_initrc_exec_t,s0)
+
 /sbin/audisp-prelude		--	gen_context(system_u:object_r:prelude_audisp_exec_t,s0)
 
+/usr/bin/prelude-correlator	--	gen_context(system_u:object_r:prelude_correlator_exec_t, s0)
+/usr/bin/prelude-lml		--	gen_context(system_u:object_r:prelude_lml_exec_t,s0)
 /usr/bin/prelude-manager	--	gen_context(system_u:object_r:prelude_exec_t,s0)
 /usr/share/prewikka/cgi-bin(/.*)?	gen_context(system_u:object_r:httpd_prewikka_script_exec_t,s0)
 
 /var/lib/prelude-lml(/.*)?		gen_context(system_u:object_r:prelude_var_lib_t,s0)
-
+/var/log/prelude.*			gen_context(system_u:object_r:prelude_log_t,s0)
+/var/run/prelude-lml.pid	--	gen_context(system_u:object_r:prelude_lml_var_run_t,s0)
 /var/run/prelude-manager(/.*)?		gen_context(system_u:object_r:prelude_var_run_t,s0)
-
 /var/spool/prelude-manager(/.*)?	gen_context(system_u:object_r:prelude_spool_t,s0)
 /var/spool/prelude(/.*)?		gen_context(system_u:object_r:prelude_spool_t,s0)
diff --git a/policy/modules/services/prelude.if b/policy/modules/services/prelude.if
index f2f66b9..737be4f 100644
--- a/policy/modules/services/prelude.if
+++ b/policy/modules/services/prelude.if
@@ -56,6 +56,45 @@ interface(`prelude_signal_audisp',`
 
 ########################################
 ## <summary>
+##	Read the prelude spool files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`prelude_read_spool',`
+	gen_require(`
+		type prelude_spool_t;
+	')
+
+	files_search_spool($1)
+	read_files_pattern($1, prelude_spool_t, prelude_spool_t)
+')
+
+########################################
+## <summary>
+##	Manage to prelude-manager spool files.
+## </summary>
+## <param name="domain">
+## <summary>
+##	Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`prelude_manage_spool',`
+	gen_require(`
+		type prelude_spool_t;
+	')
+
+	files_search_spool($1)
+	manage_dirs_pattern($1, prelude_spool_t, prelude_spool_t)
+	manage_files_pattern($1, prelude_spool_t, prelude_spool_t)
+')
+
+########################################
+## <summary>
 ##	All of the rules required to administrate 
 ##	an prelude environment
 ## </summary>
@@ -64,6 +103,11 @@ interface(`prelude_signal_audisp',`
 ##	Domain allowed access.
 ##	</summary>
 ## </param>
+## <param name="role">
+##	<summary>
+##	Role allowed access.
+##	</summary>
+## </param>
 ## <rolecap/>
 #
 interface(`prelude_admin',`
@@ -71,6 +115,10 @@ interface(`prelude_admin',`
 		type prelude_t, prelude_spool_t;
 		type prelude_var_run_t, prelude_var_lib_t;
 		type prelude_audisp_t, prelude_audisp_var_run_t;
+		type prelude_initrc_exec_t;
+
+		type prelude_lml_t, prelude_lml_tmp_t;
+		type prelude_lml_var_run_t;
 	')
 
 	allow $1 prelude_t:process { ptrace signal_perms };
@@ -79,11 +127,18 @@ interface(`prelude_admin',`
 	allow $1 prelude_audisp_t:process { ptrace signal_perms };
 	ps_process_pattern($1, prelude_audisp_t)
 
-	manage_files_pattern($1, prelude_spool_t, prelude_spool_t)
-
-	manage_files_pattern($1, prelude_var_lib_t, prelude_var_lib_t)
+	allow $1 prelude_lml_t:process { ptrace signal_perms };
+	ps_process_pattern($1, prelude_lml_t)
 
-	manage_files_pattern($1, prelude_var_run_t, prelude_var_run_t)
+	init_labeled_script_domtrans($1, prelude_initrc_exec_t)
+	domain_system_change_exemption($1)
+	role_transition $2 prelude_initrc_exec_t system_r;
+	allow $2 system_r;
 
-	manage_files_pattern($1, prelude_audisp_var_run_t, prelude_audisp_var_run_t)
+	admin_pattern($1, prelude_spool_t)
+	admin_pattern($1, prelude_var_lib_t)
+	admin_pattern($1, prelude_var_run_t)
+	admin_pattern($1, prelude_audisp_var_run_t)
+	admin_pattern($1, prelude_lml_tmp_t)
+	admin_pattern($1, prelude_lml_var_run_t)
 ')
diff --git a/policy/modules/services/prelude.te b/policy/modules/services/prelude.te
index aa31eca..cc4a00e 100644
--- a/policy/modules/services/prelude.te
+++ b/policy/modules/services/prelude.te
@@ -1,5 +1,5 @@
 
-policy_module(prelude, 1.0.2)
+policy_module(prelude, 1.0.3)
 
 ########################################
 #
@@ -10,9 +10,15 @@ type prelude_t;
 type prelude_exec_t;
 init_daemon_domain(prelude_t, prelude_exec_t)
 
+type prelude_initrc_exec_t;
+init_script_file(prelude_initrc_exec_t)
+
 type prelude_spool_t;
 files_type(prelude_spool_t)
 
+type prelude_log_t;
+logging_log_file(prelude_log_t)
+
 type prelude_var_run_t;
 files_pid_file(prelude_var_run_t)
 
@@ -22,21 +28,43 @@ files_type(prelude_var_lib_t)
 type prelude_audisp_t;
 type prelude_audisp_exec_t;
 init_daemon_domain(prelude_audisp_t, prelude_audisp_exec_t)
+logging_dispatcher_domain(prelude_audisp_t, prelude_audisp_exec_t)
 
 type prelude_audisp_var_run_t;
 files_pid_file(prelude_audisp_var_run_t)
 
+type prelude_correlator_t;
+type prelude_correlator_exec_t;
+init_daemon_domain(prelude_correlator_t, prelude_correlator_exec_t)
+role system_r types prelude_correlator_t;
+
+type prelude_correlator_config_t;
+files_config_file(prelude_correlator_config_t)
+
+type prelude_lml_t;
+type prelude_lml_exec_t;
+init_daemon_domain(prelude_lml_t, prelude_lml_exec_t)
+
+type prelude_lml_tmp_t;
+files_tmp_file(prelude_lml_tmp_t)
+
+type prelude_lml_var_run_t;
+files_pid_file(prelude_lml_var_run_t)
+
 ########################################
 #
 # prelude local policy
 #
 
-allow prelude_t self:capability sys_tty_config;
+allow prelude_t self:capability { dac_override sys_tty_config };
 allow prelude_t self:fifo_file rw_file_perms;
 allow prelude_t self:unix_stream_socket create_stream_socket_perms;
 allow prelude_t self:netlink_route_socket r_netlink_socket_perms;
 allow prelude_t self:tcp_socket create_stream_socket_perms;
 
+manage_files_pattern(prelude_t, prelude_log_t, prelude_log_t)
+logging_log_filetrans(prelude_t, prelude_log_t, file)
+
 manage_dirs_pattern(prelude_t, prelude_spool_t, prelude_spool_t)
 manage_files_pattern(prelude_t, prelude_spool_t, prelude_spool_t)
 files_search_spool(prelude_t)
@@ -49,6 +77,9 @@ manage_files_pattern(prelude_t, prelude_var_run_t, prelude_var_run_t)
 manage_sock_files_pattern(prelude_t, prelude_var_run_t, prelude_var_run_t)
 files_pid_filetrans(prelude_t, prelude_var_run_t, file)
 
+kernel_read_system_state(prelude_t)
+kernel_read_sysctl(prelude_t)
+
 corecmd_search_bin(prelude_t)
 
 corenet_all_recvfrom_unlabeled(prelude_t)
@@ -56,15 +87,20 @@ corenet_all_recvfrom_netlabel(prelude_t)
 corenet_tcp_sendrecv_generic_if(prelude_t)
 corenet_tcp_sendrecv_generic_node(prelude_t)
 corenet_tcp_bind_generic_node(prelude_t)
+corenet_tcp_bind_prelude_port(prelude_t)
+corenet_tcp_connect_prelude_port(prelude_t)
+corenet_tcp_connect_postgresql_port(prelude_t)
 
 dev_read_rand(prelude_t)
 dev_read_urand(prelude_t)
 
-# Init script handling
-domain_use_interactive_fds(prelude_t)
-
 files_read_etc_files(prelude_t)
+files_read_etc_runtime_files(prelude_t)
 files_read_usr_files(prelude_t)
+files_search_tmp(prelude_t)
+files_search_tmp(prelude_t)
+
+fs_rw_anon_inodefs_files(prelude_t)
 
 auth_use_nsswitch(prelude_t)
 
@@ -86,7 +122,7 @@ optional_policy(`
 #
 # prelude_audisp local policy
 #
-
+allow prelude_audisp_t self:capability dac_override;
 allow prelude_audisp_t self:fifo_file rw_file_perms;
 allow prelude_audisp_t self:unix_stream_socket create_stream_socket_perms;
 allow prelude_audisp_t self:unix_dgram_socket create_socket_perms;
@@ -100,6 +136,9 @@ files_search_spool(prelude_audisp_t)
 manage_sock_files_pattern(prelude_audisp_t, prelude_audisp_var_run_t, prelude_audisp_var_run_t)
 files_pid_filetrans(prelude_audisp_t, prelude_audisp_var_run_t, sock_file)
 
+kernel_read_sysctl(prelude_audisp_t)
+kernel_read_system_state(prelude_audisp_t)
+
 corecmd_search_bin(prelude_audisp_t)
 
 corenet_all_recvfrom_unlabeled(prelude_audisp_t)
@@ -107,6 +146,7 @@ corenet_all_recvfrom_netlabel(prelude_audisp_t)
 corenet_tcp_sendrecv_generic_if(prelude_audisp_t)
 corenet_tcp_sendrecv_generic_node(prelude_audisp_t)
 corenet_tcp_bind_generic_node(prelude_audisp_t)
+corenet_tcp_connect_prelude_port(prelude_audisp_t)
 
 dev_read_rand(prelude_audisp_t)
 dev_read_urand(prelude_audisp_t)
@@ -115,11 +155,120 @@ dev_read_urand(prelude_audisp_t)
 domain_use_interactive_fds(prelude_audisp_t)
 
 files_read_etc_files(prelude_audisp_t)
+files_read_etc_runtime_files(prelude_audisp_t)
+files_search_tmp(prelude_audisp_t)
 
 logging_send_syslog_msg(prelude_audisp_t)
 
 miscfiles_read_localization(prelude_audisp_t)
 
+sysnet_dns_name_resolve(prelude_audisp_t)
+
+########################################
+#
+# prelude_correlator local policy
+#
+
+allow prelude_correlator_t self:capability dac_override;
+allow prelude_correlator_t self:netlink_route_socket r_netlink_socket_perms;
+allow prelude_correlator_t self:tcp_socket create_stream_socket_perms;
+allow prelude_correlator_t self:unix_dgram_socket create_socket_perms;
+
+allow prelude_correlator_t prelude_correlator_config_t:dir list_dir_perms;
+read_files_pattern(prelude_correlator_t, prelude_correlator_config_t, prelude_correlator_config_t)
+
+kernel_read_sysctl(prelude_correlator_t)
+
+corecmd_search_bin(prelude_correlator_t)
+
+corenet_all_recvfrom_unlabeled(prelude_correlator_t)
+corenet_all_recvfrom_netlabel(prelude_correlator_t)
+corenet_tcp_sendrecv_generic_if(prelude_correlator_t)
+corenet_tcp_sendrecv_generic_node(prelude_correlator_t)
+corenet_tcp_connect_prelude_port(prelude_correlator_t)
+
+dev_read_rand(prelude_correlator_t)
+dev_read_urand(prelude_correlator_t)
+
+files_read_etc_files(prelude_correlator_t)
+files_read_usr_files(prelude_correlator_t)
+files_search_spool(prelude_correlator_t)
+
+logging_send_syslog_msg(prelude_correlator_t)
+
+miscfiles_read_localization(prelude_correlator_t)
+
+sysnet_dns_name_resolve(prelude_correlator_t)
+
+prelude_manage_spool(prelude_correlator_t)
+
+########################################
+#
+# prelude_lml local declarations
+#
+
+allow prelude_lml_t self:capability dac_override;
+allow prelude_lml_t self:tcp_socket { write getattr setopt read create connect };
+allow prelude_lml_t self:unix_dgram_socket { write create connect };
+allow prelude_lml_t self:fifo_file rw_fifo_file_perms;
+allow prelude_lml_t self:unix_stream_socket connectto;
+
+manage_dirs_pattern(prelude_lml_t, prelude_lml_tmp_t, prelude_lml_tmp_t)
+manage_files_pattern(prelude_lml_t, prelude_lml_tmp_t, prelude_lml_tmp_t)
+files_tmp_filetrans(prelude_lml_t, prelude_lml_tmp_t, { file dir })
+files_list_tmp(prelude_lml_t)
+
+manage_dirs_pattern(prelude_lml_t, prelude_spool_t, prelude_spool_t)
+manage_files_pattern(prelude_lml_t, prelude_spool_t, prelude_spool_t)
+files_search_spool(prelude_lml_t)
+
+manage_dirs_pattern(prelude_lml_t, prelude_var_lib_t, prelude_var_lib_t)
+manage_files_pattern(prelude_lml_t, prelude_var_lib_t, prelude_var_lib_t)
+files_search_var_lib(prelude_lml_t)
+
+manage_files_pattern(prelude_lml_t, prelude_lml_var_run_t, prelude_lml_var_run_t)
+files_pid_filetrans(prelude_lml_t, prelude_lml_var_run_t, file)
+
+kernel_read_system_state(prelude_lml_t)
+kernel_read_sysctl(prelude_lml_t)
+
+corecmd_exec_bin(prelude_lml_t)
+
+corenet_tcp_sendrecv_generic_if(prelude_lml_t)
+corenet_tcp_sendrecv_generic_node(prelude_lml_t)
+corenet_tcp_recvfrom_netlabel(prelude_lml_t)
+corenet_tcp_recvfrom_unlabeled(prelude_lml_t)
+corenet_sendrecv_unlabeled_packets(prelude_lml_t)
+corenet_tcp_connect_prelude_port(prelude_lml_t)
+
+dev_read_rand(prelude_lml_t)
+dev_read_urand(prelude_lml_t)
+
+files_list_etc(prelude_lml_t)
+files_read_etc_files(prelude_lml_t)
+files_read_etc_runtime_files(prelude_lml_t)
+
+fs_rw_anon_inodefs_files(prelude_lml_t)
+
+auth_use_nsswitch(prelude_lml_t)
+
+libs_exec_lib_files(prelude_lml_t)
+libs_read_lib_files(prelude_lml_t)
+
+logging_send_syslog_msg(prelude_lml_t)
+logging_read_generic_logs(prelude_lml_t)
+
+miscfiles_read_localization(prelude_lml_t)
+
+sysnet_dns_name_resolve(prelude_lml_t)
+
+userdom_read_all_users_state(prelude_lml_t)
+
+optional_policy(`
+	apache_search_sys_content(prelude_lml_t)
+	apache_read_log(prelude_lml_t)
+')
+
 ########################################
 #
 # prewikka_cgi Declarations
@@ -127,7 +276,22 @@ miscfiles_read_localization(prelude_audisp_t)
 
 optional_policy(`
 	apache_content_template(prewikka)
+
+	can_exec(httpd_prewikka_script_t, httpd_prewikka_script_exec_t)
+
 	files_read_etc_files(httpd_prewikka_script_t)
+	files_search_tmp(httpd_prewikka_script_t)
+
+	kernel_read_sysctl(httpd_prewikka_script_t)
+	kernel_search_network_sysctl(httpd_prewikka_script_t)
+
+	corenet_tcp_connect_postgresql_port(httpd_prewikka_script_t)
+
+	auth_use_nsswitch(httpd_prewikka_script_t)
+
+	logging_send_syslog_msg(httpd_prewikka_script_t)
+
+	apache_search_sys_content(httpd_prewikka_script_t)
 
 	optional_policy(`
 		mysql_search_db(httpd_prewikka_script_t)