diff --git a/policy/modules/admin/vpn.te b/policy/modules/admin/vpn.te
index 6542902..6067b85 100644
--- a/policy/modules/admin/vpn.te
+++ b/policy/modules/admin/vpn.te
@@ -106,8 +106,8 @@ sysnet_etc_filetrans_config(vpnc_t)
 sysnet_manage_config(vpnc_t)
 
 userdom_use_all_users_fds(vpnc_t)
-userdom_dontaudit_search_user_home_content(vpnc_t)
 userdom_read_home_certs(vpnc_t)
+userdom_search_admin_dir(vpnc_t)
 
 optional_policy(`
 	dbus_system_bus_client(vpnc_t)
diff --git a/policy/modules/apps/mediawiki.fc b/policy/modules/apps/mediawiki.fc
new file mode 100644
index 0000000..bf872ef
--- /dev/null
+++ b/policy/modules/apps/mediawiki.fc
@@ -0,0 +1,10 @@
+
+/usr/lib(64)?/mediawiki/math/texvc	--	gen_context(system_u:object_r:httpd_mediawiki_script_exec_t,s0)	
+/usr/lib(64)?/mediawiki/math/texvc_tex --      gen_context(system_u:object_r:httpd_mediawiki_script_exec_t,s0)
+/usr/lib(64)?/mediawiki/math/texvc_tes --      gen_context(system_u:object_r:httpd_mediawiki_script_exec_t,s0)
+
+/var/www/wiki(/.*)?		  gen_context(system_u:object_r:httpd_mediawiki_rw_content_t,s0)
+
+/var/www/wiki/.*\.php    --           gen_context(system_u:object_r:httpd_mediawiki_content_t,s0)
+
+/usr/share/mediawiki(/.*)?	  gen_context(system_u:object_r:httpd_mediawiki_content_t,s0)
diff --git a/policy/modules/apps/mediawiki.if b/policy/modules/apps/mediawiki.if
new file mode 100644
index 0000000..1c1d012
--- /dev/null
+++ b/policy/modules/apps/mediawiki.if
@@ -0,0 +1,40 @@
+## <summary>Mediawiki policy</summary>
+
+#######################################
+## <summary>
+##      Allow the specified domain to read
+##      mediawiki tmp files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`mediawiki_read_tmp_files',`
+        gen_require(`
+                type httpd_mediawiki_tmp_t;
+        ')
+
+        files_search_tmp($1)
+        read_files_pattern($1, httpd_mediawiki_tmp_t, httpd_mediawiki_tmp_t)
+	read_lnk_files_pattern($1, httpd_mediawiki_tmp_t, httpd_mediawiki_tmp_t)
+')
+
+#######################################
+## <summary>
+##      Delete mediawiki tmp files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`mediawiki_delete_tmp_files',`
+        gen_require(`
+                type httpd_mediawiki_tmp_t;
+        ')
+
+        delete_files_pattern($1, httpd_mediawiki_tmp_t, httpd_mediawiki_tmp_t)
+')
diff --git a/policy/modules/apps/mediawiki.te b/policy/modules/apps/mediawiki.te
new file mode 100644
index 0000000..b7f569d
--- /dev/null
+++ b/policy/modules/apps/mediawiki.te
@@ -0,0 +1,35 @@
+
+policy_module(mediawiki, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+apache_content_template(mediawiki)
+
+type httpd_mediawiki_tmp_t;
+files_tmp_file(httpd_mediawiki_tmp_t)
+
+permissive httpd_mediawiki_script_t;
+
+########################################
+#
+# mediawiki local policy
+#
+
+manage_dirs_pattern(httpd_mediawiki_script_t, httpd_mediawiki_tmp_t, httpd_mediawiki_tmp_t)
+manage_files_pattern(httpd_mediawiki_script_t, httpd_mediawiki_tmp_t, httpd_mediawiki_tmp_t)
+manage_lnk_files_pattern(httpd_mediawiki_script_t, httpd_mediawiki_tmp_t, httpd_mediawiki_tmp_t)
+files_tmp_filetrans(httpd_mediawiki_script_t, httpd_mediawiki_tmp_t, { file dir lnk_file })
+
+files_search_var_lib(httpd_mediawiki_script_t)
+
+userdom_read_user_tmp_files(httpd_mediawiki_script_t)
+
+miscfiles_read_tetex_data(httpd_mediawiki_script_t)
+
+optional_policy(`
+	apache_dontaudit_rw_tmp_files(httpd_mediawiki_script_t)
+')
+
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 46af2a4..217bd0d 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -273,6 +273,7 @@ ifdef(`distro_gentoo',`
 /usr/share/shorewall-lite(/.*)? 	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/shorewall6-lite(/.*)?	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/spamassassin/sa-update\.cron gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texmf/texconfig/tcfmgr --	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/turboprint/lib(/.*)?	--	gen_context(system_u:object_r:bin_t,s0)
 /usr/share/vhostmd/scripts(/.*)?	gen_context(system_u:object_r:bin_t,s0)
 
diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
index 1a47bdc..410ff39 100644
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@@ -719,6 +719,11 @@ optional_policy(`
 ')
 
 optional_policy(`
+	mediawiki_read_tmp_files(httpd_t)
+	mediawiki_delete_tmp_files(httpd_t)
+')
+
+optional_policy(`
 	# Allow httpd to work with mysql
 	mysql_read_config(httpd_t)
 	mysql_stream_connect(httpd_t)