diff --git a/Changelog b/Changelog
index 749a17b..6a7d362 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,4 @@
+- Remove duplicate/redundant rules, from Russell Coker.
 - Increased default number of categories to 1024, from Russell Coker.
 - Added modules:
 	cgroup (Dominick Grift)
diff --git a/policy/modules/apps/ethereal.te b/policy/modules/apps/ethereal.te
index 6c3b760..c102195 100644
--- a/policy/modules/apps/ethereal.te
+++ b/policy/modules/apps/ethereal.te
@@ -78,8 +78,6 @@ kernel_read_kernel_sysctls(ethereal_t)
 kernel_read_system_state(ethereal_t)
 kernel_read_sysctl(ethereal_t)
 
-corecmd_search_bin(ethereal_t)
-
 corenet_tcp_connect_generic_port(ethereal_t)
 corenet_tcp_sendrecv_generic_if(ethereal_t)
 
diff --git a/policy/modules/apps/gift.te b/policy/modules/apps/gift.te
index 202d4b8..4204eec 100644
--- a/policy/modules/apps/gift.te
+++ b/policy/modules/apps/gift.te
@@ -53,7 +53,7 @@ userdom_user_home_dir_filetrans(gift_t, gift_home_t, dir)
 domtrans_pattern(gift_t, giftd_exec_t, giftd_t)
 
 # Read /proc/meminfo
-kernel_read_system_state(giftd_t)
+kernel_read_system_state(gift_t)
 
 # Connect to gift daemon
 corenet_all_recvfrom_unlabeled(gift_t)
diff --git a/policy/modules/apps/java.te b/policy/modules/apps/java.te
index aa8ace6..726e853 100644
--- a/policy/modules/apps/java.te
+++ b/policy/modules/apps/java.te
@@ -82,7 +82,6 @@ dev_read_urand(java_t)
 dev_read_rand(java_t)
 dev_dontaudit_append_rand(java_t)
 
-files_read_etc_files(java_t)
 files_read_usr_files(java_t)
 files_search_home(java_t)
 files_search_var_lib(java_t)
@@ -144,8 +143,6 @@ optional_policy(`
 	# execheap is needed for itanium/BEA jrocket
 	allow unconfined_java_t self:process { execstack execmem execheap };
 
-	init_dbus_chat_script(unconfined_java_t)
-
 	files_execmod_all_files(unconfined_java_t)
 
 	init_dbus_chat_script(unconfined_java_t)
diff --git a/policy/modules/apps/wireshark.te b/policy/modules/apps/wireshark.te
index 9b73284..3c43106 100644
--- a/policy/modules/apps/wireshark.te
+++ b/policy/modules/apps/wireshark.te
@@ -71,8 +71,6 @@ kernel_read_kernel_sysctls(wireshark_t)
 kernel_read_system_state(wireshark_t)
 kernel_read_sysctl(wireshark_t)
 
-corecmd_search_bin(wireshark_t)
-
 corenet_tcp_connect_generic_port(wireshark_t)
 corenet_tcp_sendrecv_generic_if(wireshark_t)
 
diff --git a/policy/modules/services/clamav.te b/policy/modules/services/clamav.te
index 8529043..33621bb 100644
--- a/policy/modules/services/clamav.te
+++ b/policy/modules/services/clamav.te
@@ -89,7 +89,6 @@ manage_files_pattern(clamd_t, clamd_var_log_t, clamd_var_log_t)
 logging_log_filetrans(clamd_t, clamd_var_log_t, { dir file })
 
 # pid file
-manage_dirs_pattern(clamd_t, clamd_var_log_t, clamd_var_log_t)
 manage_files_pattern(clamd_t, clamd_var_run_t, clamd_var_run_t)
 manage_sock_files_pattern(clamd_t, clamd_var_run_t, clamd_var_run_t)
 files_pid_filetrans(clamd_t, clamd_var_run_t, { file dir })
diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
index 72901d8..b96c242 100644
--- a/policy/modules/services/courier.te
+++ b/policy/modules/services/courier.te
@@ -48,7 +48,6 @@ allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_fifo_file_perms;
 allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
 allow courier_authdaemon_t courier_tcpd_t:unix_stream_socket rw_stream_socket_perms;
 allow courier_authdaemon_t courier_tcpd_t:process sigchld;
-allow courier_authdaemon_t courier_tcpd_t:fd use;
 allow courier_authdaemon_t courier_tcpd_t:tcp_socket rw_stream_socket_perms;
 allow courier_authdaemon_t courier_tcpd_t:fifo_file rw_file_perms;
 
diff --git a/policy/modules/services/djbdns.te b/policy/modules/services/djbdns.te
index bd97d09..22221ad 100644
--- a/policy/modules/services/djbdns.te
+++ b/policy/modules/services/djbdns.te
@@ -22,8 +22,6 @@ djbdns_daemontools_domain_template(tinydns)
 # Local policy for axfrdns component
 #
 
-files_config_file(djbdns_axfrdns_conf_t)
-
 daemontools_ipc_domain(djbdns_axfrdns_t)
 daemontools_read_svc(djbdns_axfrdns_t)
 
diff --git a/policy/modules/services/lpd.te b/policy/modules/services/lpd.te
index 230b076..93c14ca 100644
--- a/policy/modules/services/lpd.te
+++ b/policy/modules/services/lpd.te
@@ -308,14 +308,12 @@ tunable_policy(`use_lpd_server',`
 ')
 
 tunable_policy(`use_nfs_home_dirs',`
-	files_list_home(lpr_t)
 	fs_list_auto_mountpoints(lpr_t)
 	fs_read_nfs_files(lpr_t)
 	fs_read_nfs_symlinks(lpr_t)
 ')
 
 tunable_policy(`use_samba_home_dirs',`
-	files_list_home(lpr_t)
 	fs_list_auto_mountpoints(lpr_t)
 	fs_read_cifs_files(lpr_t)
 	fs_read_cifs_symlinks(lpr_t)
diff --git a/policy/modules/services/prelude.te b/policy/modules/services/prelude.te
index 1adbca2..4d66b76 100644
--- a/policy/modules/services/prelude.te
+++ b/policy/modules/services/prelude.te
@@ -98,7 +98,6 @@ files_read_etc_files(prelude_t)
 files_read_etc_runtime_files(prelude_t)
 files_read_usr_files(prelude_t)
 files_search_tmp(prelude_t)
-files_search_tmp(prelude_t)
 
 fs_rw_anon_inodefs_files(prelude_t)
 
diff --git a/policy/modules/services/ricci.te b/policy/modules/services/ricci.te
index 29d8607..33e72e8 100644
--- a/policy/modules/services/ricci.te
+++ b/policy/modules/services/ricci.te
@@ -241,10 +241,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	rgmanager_stream_connect(ricci_modclusterd_t)
-')
-
-optional_policy(`
 	# XXX This has got to go.
 	unconfined_domain(ricci_modcluster_t)
 ')
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index eca9400..2dad3c8 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -200,54 +200,6 @@ optional_policy(`
 	xserver_domtrans_xauth(ssh_t)
 ')
 
-########################################
-#
-# ssh_keygen local policy
-#
-
-# ssh_keygen_t is the type of the ssh-keygen program when run at install time
-# and by sysadm_t
-
-dontaudit ssh_keygen_t self:capability sys_tty_config;
-allow ssh_keygen_t self:process { sigchld sigkill sigstop signull signal };
-
-allow ssh_keygen_t self:unix_stream_socket create_stream_socket_perms;
-
-allow ssh_keygen_t sshd_key_t:file manage_file_perms;
-files_etc_filetrans(ssh_keygen_t, sshd_key_t, file)
-
-kernel_read_kernel_sysctls(ssh_keygen_t)
-
-fs_search_auto_mountpoints(ssh_keygen_t)
-
-dev_read_sysfs(ssh_keygen_t)
-dev_read_urand(ssh_keygen_t)
-
-term_dontaudit_use_console(ssh_keygen_t)
-
-domain_use_interactive_fds(ssh_keygen_t)
-
-files_read_etc_files(ssh_keygen_t)
-
-init_use_fds(ssh_keygen_t)
-init_use_script_ptys(ssh_keygen_t)
-
-logging_send_syslog_msg(ssh_keygen_t)
-
-userdom_dontaudit_use_unpriv_user_fds(ssh_keygen_t)
-
-optional_policy(`
-	nscd_socket_use(ssh_keygen_t)
-')
-
-optional_policy(`
-	seutil_sigchld_newrole(ssh_keygen_t)
-')
-
-optional_policy(`
-	udev_read_db(ssh_keygen_t)
-')
-
 ##############################
 #
 # ssh_keysign_t local policy
@@ -401,6 +353,10 @@ logging_send_syslog_msg(ssh_keygen_t)
 userdom_dontaudit_use_unpriv_user_fds(ssh_keygen_t)
 
 optional_policy(`
+	nscd_socket_use(ssh_keygen_t)
+')
+
+optional_policy(`
 	seutil_sigchld_newrole(ssh_keygen_t)
 ')
 
diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te
index 3151f51..3cce663 100644
--- a/policy/modules/services/virt.te
+++ b/policy/modules/services/virt.te
@@ -168,10 +168,6 @@ optional_policy(`
 	xen_rw_image_files(svirt_t)
 ')
 
-optional_policy(`
-	xen_rw_image_files(svirt_t)
-')
-
 ########################################
 #
 # virtd local policy
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index d19c42b..4566008 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -166,7 +166,6 @@ init_domain(xdm_t, xdm_exec_t)
 init_daemon_domain(xdm_t, xdm_exec_t)
 xserver_object_types_template(xdm)
 xserver_common_x_domain_template(xdm, xdm_t)
-xserver_unconfined(xdm_t)
 
 type xdm_lock_t;
 files_lock_file(xdm_lock_t)
@@ -832,8 +831,6 @@ init_use_fds(xserver_t)
 # (xauth?)
 userdom_read_user_home_content_files(xserver_t)
 
-xserver_use_user_fonts(xserver_t)
-
 tunable_policy(`use_nfs_home_dirs',`
 	fs_manage_nfs_dirs(xserver_t)
 	fs_manage_nfs_files(xserver_t)
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index d9d2789..29f9757 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -126,7 +126,6 @@ domain_kill_all_domains(init_t)
 domain_signal_all_domains(init_t)
 domain_signull_all_domains(init_t)
 domain_sigstop_all_domains(init_t)
-domain_sigstop_all_domains(init_t)
 domain_sigchld_all_domains(init_t)
 
 files_read_etc_files(init_t)
@@ -299,13 +298,10 @@ dev_delete_generic_symlinks(initrc_t)
 dev_getattr_all_blk_files(initrc_t)
 dev_getattr_all_chr_files(initrc_t)
 
-corecmd_exec_all_executables(initrc_t)
-
 domain_kill_all_domains(initrc_t)
 domain_signal_all_domains(initrc_t)
 domain_signull_all_domains(initrc_t)
 domain_sigstop_all_domains(initrc_t)
-domain_sigstop_all_domains(initrc_t)
 domain_sigchld_all_domains(initrc_t)
 domain_read_all_domains_state(initrc_t)
 domain_getattr_all_domains(initrc_t)
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 3da53c1..828156a 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -372,9 +372,6 @@ files_tmp_filetrans(syslogd_t, syslogd_tmp_t, { dir file })
 manage_files_pattern(syslogd_t, syslogd_var_lib_t, syslogd_var_lib_t)
 files_search_var_lib(syslogd_t)
 
-allow syslogd_t syslogd_var_run_t:file manage_file_perms;
-files_pid_filetrans(syslogd_t, syslogd_var_run_t, file)
-
 # manage pid file
 manage_files_pattern(syslogd_t, syslogd_var_run_t, syslogd_var_run_t)
 files_pid_filetrans(syslogd_t, syslogd_var_run_t, file)
diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
index 0860841..86ef2da 100644
--- a/policy/modules/system/lvm.te
+++ b/policy/modules/system/lvm.te
@@ -211,7 +211,6 @@ files_etc_filetrans(lvm_t, lvm_metadata_t, file)
 files_search_mnt(lvm_t)
 
 kernel_read_system_state(lvm_t)
-kernel_read_kernel_sysctls(lvm_t)
 # Read system variables in /proc/sys
 kernel_read_kernel_sysctls(lvm_t)
 # it has no reason to need this
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index 7d565ea..dfbe736 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -334,10 +334,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	netutils_domtrans(dhcpc_t)
-')
-
-optional_policy(`
 	nis_use_ypbind(ifconfig_t)
 ')
 
diff --git a/policy/modules/system/xen.te b/policy/modules/system/xen.te
index f0a4fde..f661f5a 100644
--- a/policy/modules/system/xen.te
+++ b/policy/modules/system/xen.te
@@ -353,7 +353,6 @@ storage_raw_write_fixed_disk(xenstored_t)
 storage_raw_read_removable_device(xenstored_t)
 
 term_use_generic_ptys(xenstored_t)
-term_use_console(xenconsoled_t)
 
 init_use_fds(xenstored_t)
 init_use_script_ptys(xenstored_t)