diff --git a/policy-20071130.patch b/policy-20071130.patch
index a54e8fa..37f1595 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -1463,7 +1463,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if s
  #######################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreaper.te serefpolicy-3.2.5/policy/modules/admin/tmpreaper.te
 --- nsaserefpolicy/policy/modules/admin/tmpreaper.te	2007-10-02 09:54:52.000000000 -0400
-+++ serefpolicy-3.2.5/policy/modules/admin/tmpreaper.te	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/admin/tmpreaper.te	2008-01-21 13:29:12.000000000 -0500
 @@ -28,6 +28,7 @@
  files_purge_tmp(tmpreaper_t)
  # why does it need setattr?
@@ -1472,10 +1472,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreap
  
  mls_file_read_all_levels(tmpreaper_t)
  mls_file_write_all_levels(tmpreaper_t)
-@@ -43,5 +44,10 @@
+@@ -43,5 +44,14 @@
  cron_system_entry(tmpreaper_t,tmpreaper_exec_t)
  
  optional_policy(`
++	amavis_manage_spool_files(tmpreaper_t)
++')
++
++optional_policy(`
 +	kismet_manage_log(tmpreaper_t)
 +')
 +
@@ -3161,7 +3165,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
  # /bin
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.if serefpolicy-3.2.5/policy/modules/apps/mozilla.if
 --- nsaserefpolicy/policy/modules/apps/mozilla.if	2007-10-29 07:52:48.000000000 -0400
-+++ serefpolicy-3.2.5/policy/modules/apps/mozilla.if	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/apps/mozilla.if	2008-01-21 12:59:29.000000000 -0500
 @@ -35,7 +35,10 @@
  template(`mozilla_per_role_template',`
  	gen_require(`
@@ -3275,9 +3279,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
 +	tunable_policy(`browser_write_$1_data',`
 +		userdom_manage_user_home_content_dirs($1,$1_mozilla_t)
 +		userdom_manage_user_home_content_files($1,$1_mozilla_t)
-+		userdom_read_user_home_content_symlinks($1,$1_mozilla_t)
++		userdom_manage_user_home_content_symlinks($1,$1_mozilla_t)
 +		userdom_manage_user_home_content_pipes($1,$1_mozilla_t)
-+		userdom_user_home_dir_filetrans_user_home_content($1,$1_mozilla_t, { file dir })
++		userdom_user_home_dir_filetrans_user_home_content($1,$1_mozilla_t, { file dir lnk_file })
 +		', `
 +		# helper apps will try to create .files
 +		userdom_dontaudit_create_user_home_content_files($1,$1_mozilla_t)
@@ -3487,14 +3491,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
 -		dbus_user_bus_client_template($1,$1_mozilla,$1_mozilla_t)
 +#		dbus_user_bus_client_template($1,$1_mozilla,$1_mozilla_t)
 +#		dbus_connectto_user_bus($1,$1_mozilla_t)
-+	')
-+
-+	optional_policy(`
-+		gnome_exec_gconf($1_mozilla_t)
-+		gnome_manage_user_gnome_config($1,$1_mozilla_t)
  	')
  
  	optional_policy(`
++		gnome_exec_gconf($1_mozilla_t)
++		gnome_manage_user_gnome_config($1,$1_mozilla_t)
++	')
++
++	optional_policy(`
 +		gnome_domtrans_user_gconf($1,$1_mozilla_t)
  		gnome_stream_connect_gconf_template($1,$1_mozilla_t)
  	')
@@ -7559,7 +7563,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cann
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.fc serefpolicy-3.2.5/policy/modules/services/clamav.fc
 --- nsaserefpolicy/policy/modules/services/clamav.fc	2007-09-05 15:24:44.000000000 -0400
-+++ serefpolicy-3.2.5/policy/modules/services/clamav.fc	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/clamav.fc	2008-01-21 14:43:52.000000000 -0500
 @@ -5,16 +5,20 @@
  /usr/bin/freshclam		--	gen_context(system_u:object_r:freshclam_exec_t,s0)
  
@@ -7582,7 +7586,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
  
  /var/spool/amavisd/clamd\.sock	-s	gen_context(system_u:object_r:clamd_var_run_t,s0)
 +
-+/etc/rc.d/init.d/clamd-wrapper	--	gen_context(system_u:object_r:clamav_script_exec_t,s0)
++/etc/rc.d/init.d/clamd-wrapper	--	gen_context(system_u:object_r:clamd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.if serefpolicy-3.2.5/policy/modules/services/clamav.if
 --- nsaserefpolicy/policy/modules/services/clamav.if	2007-01-02 12:57:43.000000000 -0500
 +++ serefpolicy-3.2.5/policy/modules/services/clamav.if	2008-01-18 17:11:50.000000000 -0500
@@ -9072,7 +9076,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyru
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.2.5/policy/modules/services/dbus.if
 --- nsaserefpolicy/policy/modules/services/dbus.if	2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/services/dbus.if	2008-01-18 14:09:48.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/dbus.if	2008-01-21 14:38:27.000000000 -0500
 @@ -53,6 +53,7 @@
  	gen_require(`
  		type system_dbusd_exec_t, system_dbusd_t, dbusd_etc_t;
@@ -10453,7 +10457,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.te serefpolicy-3.2.5/policy/modules/services/fail2ban.te
 --- nsaserefpolicy/policy/modules/services/fail2ban.te	2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/services/fail2ban.te	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/fail2ban.te	2008-01-21 13:50:35.000000000 -0500
 @@ -18,6 +18,9 @@
  type fail2ban_var_run_t;
  files_pid_file(fail2ban_var_run_t)
@@ -10464,6 +10468,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail
  ########################################
  #
  # fail2ban local policy
+@@ -55,6 +58,8 @@
+ 
+ miscfiles_read_localization(fail2ban_t)
+ 
++mta_send_mail(fail2ban_t)
++
+ optional_policy(`
+ 	apache_read_log(fail2ban_t)
+ ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetchmail.fc serefpolicy-3.2.5/policy/modules/services/fetchmail.fc
 --- nsaserefpolicy/policy/modules/services/fetchmail.fc	2006-11-16 17:15:21.000000000 -0500
 +++ serefpolicy-3.2.5/policy/modules/services/fetchmail.fc	2008-01-18 12:40:46.000000000 -0500
@@ -10788,7 +10801,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.2.5/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/services/hal.te	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/hal.te	2008-01-21 13:37:54.000000000 -0500
 @@ -49,6 +49,9 @@
  type hald_var_lib_t;
  files_type(hald_var_lib_t)
@@ -10825,7 +10838,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  storage_raw_read_removable_device(hald_t)
  storage_raw_write_removable_device(hald_t)
  storage_raw_read_fixed_disk(hald_t)
-@@ -265,6 +271,11 @@
+@@ -172,6 +178,8 @@
+ init_rw_utmp(hald_t)
+ init_telinit(hald_t)
+ 
++fstools_getattr_swap_files(hald_t)
++
+ libs_use_ld_so(hald_t)
+ libs_use_shared_libs(hald_t)
+ libs_exec_ld_so(hald_t)
+@@ -265,6 +273,11 @@
  ')
  
  optional_policy(`
@@ -10837,7 +10859,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  	rpc_search_nfs_state_data(hald_t)
  ')
  
-@@ -291,7 +302,8 @@
+@@ -291,7 +304,8 @@
  #
  
  allow hald_acl_t self:capability { dac_override fowner };
@@ -10847,7 +10869,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  
  domtrans_pattern(hald_t, hald_acl_exec_t, hald_acl_t)
  allow hald_t hald_acl_t:process signal;
-@@ -325,6 +337,11 @@
+@@ -325,6 +339,11 @@
  
  miscfiles_read_localization(hald_acl_t)
  
@@ -10859,7 +10881,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  ########################################
  #
  # Local hald mac policy
-@@ -338,10 +355,14 @@
+@@ -338,10 +357,14 @@
  manage_files_pattern(hald_mac_t,hald_var_lib_t,hald_var_lib_t)
  files_search_var_lib(hald_mac_t)
  
@@ -10874,7 +10896,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  libs_use_ld_so(hald_mac_t)
  libs_use_shared_libs(hald_mac_t)
  
-@@ -391,3 +412,7 @@
+@@ -391,3 +414,7 @@
  libs_use_shared_libs(hald_keymap_t)
  
  miscfiles_read_localization(hald_keymap_t)
@@ -20209,7 +20231,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +/var/cache/coolkey(/.*)?	gen_context(system_u:object_r:auth_cache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.2.5/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2007-11-29 13:29:35.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/system/authlogin.if	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/system/authlogin.if	2008-01-21 14:40:46.000000000 -0500
 @@ -99,7 +99,7 @@
  template(`authlogin_per_role_template',`
  
@@ -20251,7 +20273,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	# for SSP/ProPolice
  	dev_read_urand($1)
  	# for fingerprint readers
-@@ -221,11 +233,28 @@
+@@ -221,11 +233,35 @@
  
  	logging_send_audit_msgs($1)
  	logging_send_syslog_msg($1)
@@ -20266,6 +20288,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +	userdom_unpriv_users_stream_connect($1)
 +
 +	optional_policy(`
++		dbus_system_bus_client_template(notused, $1)
++		optional_policy(`
++			oddjob_dbus_chat($1)
++		')
++	')
++
++	optional_policy(`
 +		mount_domtrans($1)
 +	')
 +
@@ -20281,7 +20310,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	tunable_policy(`allow_polyinstantiation',`
  		files_polyinstantiate_all($1)
  	')
-@@ -342,6 +371,8 @@
+@@ -342,6 +378,8 @@
  
  	optional_policy(`
  		kerberos_use($1)
@@ -20290,7 +20319,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	')
  
  	optional_policy(`
-@@ -356,6 +387,7 @@
+@@ -356,6 +394,7 @@
  	optional_policy(`
  		samba_stream_connect_winbind($1)
  	')
@@ -20298,7 +20327,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ')
  
  ########################################
-@@ -369,12 +401,12 @@
+@@ -369,12 +408,12 @@
  ## </param>
  ## <param name="role">
  ##	<summary>
@@ -20313,7 +20342,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ##	</summary>
  ## </param>
  #
-@@ -386,6 +418,7 @@
+@@ -386,6 +425,7 @@
  	auth_domtrans_chk_passwd($1)
  	role $2 types system_chkpwd_t;
  	allow system_chkpwd_t $3:chr_file rw_file_perms;
@@ -20321,7 +20350,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ')
  
  ########################################
-@@ -1457,6 +1490,7 @@
+@@ -1457,6 +1497,7 @@
  	optional_policy(`
  		samba_stream_connect_winbind($1)
  		samba_read_var_files($1)
@@ -20329,7 +20358,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	')
  ')
  
-@@ -1491,3 +1525,23 @@
+@@ -1491,3 +1532,23 @@
  	typeattribute $1 can_write_shadow_passwords;
  	typeattribute $1 can_relabelto_shadow_passwords;
  ')
@@ -22092,7 +22121,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-3.2.5/policy/modules/system/selinuxutil.te
 --- nsaserefpolicy/policy/modules/system/selinuxutil.te	2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/system/selinuxutil.te	2008-01-18 12:40:46.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/system/selinuxutil.te	2008-01-21 15:06:00.000000000 -0500
 @@ -75,7 +75,6 @@
  type restorecond_exec_t;
  init_daemon_domain(restorecond_t,restorecond_exec_t)
@@ -22336,7 +22365,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
  ifdef(`distro_redhat', `
  	fs_rw_tmpfs_chr_files(setfiles_t)
  	fs_rw_tmpfs_blk_files(setfiles_t)
-@@ -574,18 +550,6 @@
+@@ -574,16 +550,8 @@
  	fs_relabel_tmpfs_chr_file(setfiles_t)
  ')
  
@@ -22350,11 +22379,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
 -		unconfined_dontaudit_read_pipes(setfiles_t)
 -		unconfined_dontaudit_rw_tcp_sockets(setfiles_t)
 -	')
--')
--
- optional_policy(`
- 	hotplug_use_fds(setfiles_t)
++optional_policy(`
++	cron_rw_pipes(setfiles_t)
  ')
+ 
+ optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.2.5/policy/modules/system/sysnetwork.if
 --- nsaserefpolicy/policy/modules/system/sysnetwork.if	2007-07-16 14:09:49.000000000 -0400
 +++ serefpolicy-3.2.5/policy/modules/system/sysnetwork.if	2008-01-18 12:40:46.000000000 -0500
diff --git a/selinux-policy.spec b/selinux-policy.spec
index f00db01..01defaf 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.2.5
-Release: 14%{?dist}
+Release: 15%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -387,6 +387,9 @@ exit 0
 %endif
 
 %changelog
+* Mon Jan 21 2008 Dan Walsh <dwalsh@redhat.com> 3.2.5-15
+- Allow login programs to talk dbus to oddjob
+
 * Thu Jan 17 2008 Dan Walsh <dwalsh@redhat.com> 3.2.5-14
 - Add procmail_log support
 - Lots of fixes for munin