diff --git a/Changelog b/Changelog
index 56a2833..32d2a27 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,4 @@
+- Patch for misc fixes to kerberos from Dan Walsh.
 - Patch to start deprecating usercanread attribute from Ryan Bradetich.
 - Add dccp_socket object class which was added in kernel 2.6.20.
 - Patch for prelink relabefrom it's temp files from Dan Walsh.
diff --git a/policy/modules/services/kerberos.if b/policy/modules/services/kerberos.if
index 14d3719..bc17c52 100644
--- a/policy/modules/services/kerberos.if
+++ b/policy/modules/services/kerberos.if
@@ -41,7 +41,7 @@ interface(`kerberos_use',`
 	allow $1 krb5_conf_t:file { getattr read };
 	dontaudit $1 krb5_conf_t:file write;
 	dontaudit $1 krb5kdc_conf_t:dir list_dir_perms;
-	dontaudit $1 krb5kdc_conf_t:file read_file_perms;
+	dontaudit $1 krb5kdc_conf_t:file rw_file_perms;
 
 	tunable_policy(`allow_kerberos',`
 		allow $1 self:tcp_socket create_socket_perms;
diff --git a/policy/modules/services/kerberos.te b/policy/modules/services/kerberos.te
index e5d8f46..e9c0acf 100644
--- a/policy/modules/services/kerberos.te
+++ b/policy/modules/services/kerberos.te
@@ -1,5 +1,5 @@
 
-policy_module(kerberos,1.3.1)
+policy_module(kerberos,1.3.2)
 
 ########################################
 #
@@ -154,10 +154,11 @@ optional_policy(`
 # Use capabilities. Surplus capabilities may be allowed.
 allow krb5kdc_t self:capability { setuid setgid net_admin chown fowner dac_override sys_nice };
 dontaudit krb5kdc_t self:capability sys_tty_config;
-allow krb5kdc_t self:process { getsched signal_perms };
+allow krb5kdc_t self:process { setsched getsched signal_perms };
 allow krb5kdc_t self:netlink_route_socket r_netlink_socket_perms;
 allow krb5kdc_t self:tcp_socket create_stream_socket_perms;
 allow krb5kdc_t self:udp_socket create_socket_perms;
+allow krb5kdc_t self:fifo_file rw_fifo_file_perms;
 
 allow krb5kdc_t krb5_conf_t:file read_file_perms;
 dontaudit krb5kdc_t krb5_conf_t:file write;
@@ -185,6 +186,7 @@ kernel_read_kernel_sysctls(krb5kdc_t)
 kernel_list_proc(krb5kdc_t)
 kernel_read_proc_symlinks(krb5kdc_t)
 kernel_read_network_state(krb5kdc_t)
+kernel_search_network_sysctl(krb5kdc_t)
 
 corecmd_exec_sbin(krb5kdc_t)
 corecmd_exec_bin(krb5kdc_t)