diff --git a/policy-20090105.patch b/policy-20090105.patch
index a67025e..7ae5851 100644
--- a/policy-20090105.patch
+++ b/policy-20090105.patch
@@ -3430,12 +3430,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  dbus_system_bus_client(podsleuth_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.fc serefpolicy-3.6.4/policy/modules/apps/qemu.fc
 --- nsaserefpolicy/policy/modules/apps/qemu.fc	2008-08-07 11:15:02.000000000 -0400
-+++ serefpolicy-3.6.4/policy/modules/apps/qemu.fc	2009-02-03 22:57:29.000000000 -0500
-@@ -1,2 +1,4 @@
++++ serefpolicy-3.6.4/policy/modules/apps/qemu.fc	2009-02-09 09:21:47.000000000 -0500
+@@ -1,2 +1,6 @@
  /usr/bin/qemu	--	gen_context(system_u:object_r:qemu_exec_t,s0)
  /usr/bin/qemu-kvm --	gen_context(system_u:object_r:qemu_exec_t,s0)
 +
 +/var/cache/libvirt(/.*)? -- gen_context(system_u:object_r:qemu_cache_t,s0)
++
++/var/run/libvirt/qemu(/.*)? -- gen_context(system_u:object_r:qemu_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.if serefpolicy-3.6.4/policy/modules/apps/qemu.if
 --- nsaserefpolicy/policy/modules/apps/qemu.if	2009-01-19 11:03:28.000000000 -0500
 +++ serefpolicy-3.6.4/policy/modules/apps/qemu.if	2009-02-03 22:57:29.000000000 -0500
@@ -3764,7 +3766,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.te serefpolicy-3.6.4/policy/modules/apps/qemu.te
 --- nsaserefpolicy/policy/modules/apps/qemu.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.4/policy/modules/apps/qemu.te	2009-02-03 22:57:29.000000000 -0500
++++ serefpolicy-3.6.4/policy/modules/apps/qemu.te	2009-02-09 09:22:15.000000000 -0500
 @@ -6,6 +6,8 @@
  # Declarations
  #
@@ -3774,7 +3776,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <desc>
  ## <p>
  ## Allow qemu to connect fully to the network
-@@ -13,28 +15,154 @@
+@@ -13,28 +15,160 @@
  ## </desc>
  gen_tunable(qemu_full_network, false)
  
@@ -3807,6 +3809,9 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +type qemu_cache_t;
 +files_type(qemu_cache_t)
 +
++type qemu_var_run_t;
++files_pid_file(qemu_var_run_t)
++
 +########################################
 +#
 +# qemu common policy
@@ -3823,6 +3828,9 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +manage_files_pattern(qemu_t, qemu_cache_t, qemu_cache_t)
 +files_var_filetrans(qemu_t, qemu_cache_t, { file dir })
 +
++manage_files_pattern(qemu_t, qemu_var_run_t, qemu_var_run_t)
++files_pid_filetrans(qemu_t, qemu_var_run_t, file)
++
 +kernel_read_system_state(qemutype)
 +
 +corenet_all_recvfrom_unlabeled(qemutype)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 2e7040c..28a1e73 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.6.4
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -444,6 +444,9 @@ exit 0
 %endif
 
 %changelog
+* Sun Feb 8 2009 Dan Walsh <dwalsh@redhat.com> 3.6.4-5
+- Allow xdm to create user_tmp_t sockets for switch user to work
+
 * Thu Feb 5 2009 Dan Walsh <dwalsh@redhat.com> 3.6.4-4
 - Fix staff_t domain