diff --git a/docs/macro_conversion_guide b/docs/macro_conversion_guide
index cebb782..37e2e30 100644
--- a/docs/macro_conversion_guide
+++ b/docs/macro_conversion_guide
@@ -976,6 +976,7 @@ kernel_read_all_sysctl($1)
 #
 # rhgb_domain():
 #
+#
 
 #
 # rw_dir_create_file(): complete
diff --git a/refpolicy/policy/modules/admin/updfstab.if b/refpolicy/policy/modules/admin/updfstab.if
index ec216aa..753454f 100644
--- a/refpolicy/policy/modules/admin/updfstab.if
+++ b/refpolicy/policy/modules/admin/updfstab.if
@@ -11,9 +11,6 @@
 interface(`updfstab_domtrans',`
 	gen_require(`
 		type updfstab_t, updfstab_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
 	')
 
 	files_search_usr($1)
diff --git a/refpolicy/policy/modules/admin/updfstab.te b/refpolicy/policy/modules/admin/updfstab.te
index f429e86..9550ee0 100644
--- a/refpolicy/policy/modules/admin/updfstab.te
+++ b/refpolicy/policy/modules/admin/updfstab.te
@@ -8,7 +8,7 @@ policy_module(updfstab,1.0)
 
 type updfstab_t;
 type updfstab_exec_t;
-init_daemon_domain(updfstab_t,updfstab_exec_t)
+init_system_domain(updfstab_t,updfstab_exec_t)
 
 ########################################
 #
@@ -43,8 +43,8 @@ selinux_compute_user_contexts(updfstab_t)
 
 storage_raw_read_fixed_disk(updfstab_t)
 storage_raw_write_fixed_disk(updfstab_t)
-storage_raw_read_fixed_disk(updfstab_t)
-storage_raw_write_fixed_disk(updfstab_t)
+storage_raw_read_removable_device(updfstab_t)
+storage_raw_write_removable_device(updfstab_t)
 storage_read_scsi_generic(updfstab_t)
 storage_write_scsi_generic(updfstab_t)
 
@@ -104,6 +104,10 @@ optional_policy(`modutils.te',`
 	modutils_read_mods_deps(updfstab_t)
 ')
 
+optional_policy(`nscd.te',`
+	nscd_use_socket(updfstab_t)
+')
+
 optional_policy(`selinuxutil.te',`
 	seutil_sigchld_newrole(updfstab_t)
 ')
diff --git a/refpolicy/policy/modules/apps/webalizer.te b/refpolicy/policy/modules/apps/webalizer.te
index 529fa63..e39a9d2 100644
--- a/refpolicy/policy/modules/apps/webalizer.te
+++ b/refpolicy/policy/modules/apps/webalizer.te
@@ -34,6 +34,7 @@ allow webalizer_t self:capability dac_override;
 allow webalizer_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
 allow webalizer_t self:fd use;
 allow webalizer_t self:fifo_file rw_file_perms;
+allow webalizer_t self:sock_file r_file_perms;
 allow webalizer_t self:shm create_shm_perms;
 allow webalizer_t self:sem create_sem_perms;
 allow webalizer_t self:msgq create_msgq_perms;
diff --git a/refpolicy/policy/modules/services/samba.te b/refpolicy/policy/modules/services/samba.te
index ae2542d..87cb644 100644
--- a/refpolicy/policy/modules/services/samba.te
+++ b/refpolicy/policy/modules/services/samba.te
@@ -671,6 +671,11 @@ logging_send_syslog_msg(winbind_helper_t)
 
 miscfiles_read_localization(winbind_helper_t) 
 
+ifdef(`targeted_policy',`
+	term_use_generic_pty(winbind_helper_t)
+	term_use_unallocated_tty(winbind_helper_t)
+')
+
 optional_policy(`nscd.te',`
 	nscd_use_socket(winbind_helper_t)
 ')
diff --git a/refpolicy/policy/modules/system/modutils.te b/refpolicy/policy/modules/system/modutils.te
index dc40fc9..5f68f1b 100644
--- a/refpolicy/policy/modules/system/modutils.te
+++ b/refpolicy/policy/modules/system/modutils.te
@@ -259,3 +259,8 @@ logging_send_syslog_msg(update_modules_t)
 miscfiles_read_localization(update_modules_t)
 
 userdom_dontaudit_search_sysadm_home_dir(update_modules_t)
+
+ifdef(`targeted_policy',`
+	term_use_generic_pty(update_modules_t)
+	term_use_unallocated_tty(update_modules_t)
+')
diff --git a/refpolicy/policy/modules/system/selinuxutil.if b/refpolicy/policy/modules/system/selinuxutil.if
index 925a055..fa906c6 100644
--- a/refpolicy/policy/modules/system/selinuxutil.if
+++ b/refpolicy/policy/modules/system/selinuxutil.if
@@ -549,14 +549,13 @@ interface(`seutil_read_default_contexts',`
 interface(`seutil_read_file_contexts',`
 	gen_require(`
 		type selinux_config_t, file_context_t;
-		class dir r_dir_perms;
-		class file r_file_perms;
 	')
 
 	files_search_etc($1)
 	allow $1 selinux_config_t:dir search;
 	allow $1 file_context_t:dir r_dir_perms;
 	allow $1 file_context_t:file r_file_perms;
+	allow $1 file_context_t:lnk_file { getattr read };
 ')
 
 ########################################
diff --git a/refpolicy/policy/modules/system/unconfined.te b/refpolicy/policy/modules/system/unconfined.te
index 748bb7a..c9a5d38 100644
--- a/refpolicy/policy/modules/system/unconfined.te
+++ b/refpolicy/policy/modules/system/unconfined.te
@@ -66,6 +66,10 @@ ifdef(`targeted_policy',`
 		su_per_userdomain_template(sysadm,unconfined_t,system_r)
 	')
 
+	optional_policy(`webalizer.te',`
+		webalizer_domtrans(unconfined_t)
+	')
+
 	ifdef(`TODO',`
 	ifdef(`use_mcs',`
 	rw_dir_create_file(sysadm_su_t, home_dir_type)