diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index 463d1ab..85402f9 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,4 +1,8 @@
+- Fix corenetwork gen_context()'s to expand during the policy
+  build phase instead of during the generation phase.  
 - DISTRO=redhat now implies DIRECT_INITRC=y.
+- Added policies:
+	distcc
 
 * Wed Oct 19 2005 Chris PeBenito <selinux@tresys.com> - 20051019
 - Many fixes to make loadable modules build.
diff --git a/refpolicy/Makefile b/refpolicy/Makefile
index bd60810..967dac2 100644
--- a/refpolicy/Makefile
+++ b/refpolicy/Makefile
@@ -224,7 +224,7 @@ $(MODDIR)/kernel/corenetwork.if: $(MODDIR)/kernel/corenetwork.if.m4 $(MODDIR)/ke
 	@echo "#" >> $@
 	$(QUIET) cat $(MODDIR)/kernel/corenetwork.if.in >> $@
 	$(QUIET) egrep "^[[:blank:]]*network_(interface|node|port)\(.*\)" $(@:.if=.te).in \
-		| m4 -D self_contained_policy $(M4PARAM) $(M4SUPPORT) $(MODDIR)/kernel/corenetwork.if.m4 - \
+		| m4 -D self_contained_policy $(M4PARAM) $(MODDIR)/kernel/corenetwork.if.m4 - \
 		| sed -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
 
 $(MODDIR)/kernel/corenetwork.te: $(MODDIR)/kernel/corenetwork.te.m4 $(MODDIR)/kernel/corenetwork.te.in
@@ -232,7 +232,7 @@ $(MODDIR)/kernel/corenetwork.te: $(MODDIR)/kernel/corenetwork.te.m4 $(MODDIR)/ke
 	@echo "# This is a generated file!  Instead of modifying this file, the" >> $@
 	@echo "# $(notdir $@).in or $(notdir $@).m4 file should be modified." >> $@
 	@echo "#" >> $@
-	$(QUIET) m4 -D self_contained_policy $(M4PARAM) $(M4SUPPORT) $^ \
+	$(QUIET) m4 -D self_contained_policy $(M4PARAM) $^ \
 		| sed -e 's/dollarsone/\$$1/g' -e 's/dollarszero/\$$0/g' >> $@
 
 ########################################
diff --git a/refpolicy/policy/modules/kernel/corenetwork.if.m4 b/refpolicy/policy/modules/kernel/corenetwork.if.m4
index a8d9e9e..e5c6f84 100644
--- a/refpolicy/policy/modules/kernel/corenetwork.if.m4
+++ b/refpolicy/policy/modules/kernel/corenetwork.if.m4
@@ -1,3 +1,10 @@
+#
+# shiftn(num,list...)
+#
+# shift the list num times
+#
+define(`shiftn',`ifelse($1,0,`shift($*)',`shiftn(decr($1),shift(shift($*)))')')
+
 ########################################
 #
 # Network Interface generated macros 
diff --git a/refpolicy/policy/modules/kernel/corenetwork.te.in b/refpolicy/policy/modules/kernel/corenetwork.te.in
index 6e37fb1..4bbbca6 100644
--- a/refpolicy/policy/modules/kernel/corenetwork.te.in
+++ b/refpolicy/policy/modules/kernel/corenetwork.te.in
@@ -55,6 +55,7 @@ network_port(dbskkd, tcp,1178,s0)
 network_port(dhcpc, udp,68,s0)
 network_port(dhcpd, udp,67,s0, tcp,647,s0, udp,647,s0, tcp,847,s0, udp,847,s0)
 network_port(dict, tcp,2628,s0)
+network_port(distcc, tcp,3632,s0)
 network_port(dns, udp,53,s0, tcp,53,s0)
 network_port(fingerd, tcp,79,s0)
 network_port(ftp_data, tcp,20,s0)
diff --git a/refpolicy/policy/modules/kernel/corenetwork.te.m4 b/refpolicy/policy/modules/kernel/corenetwork.te.m4
index 0931c05..1f53e62 100644
--- a/refpolicy/policy/modules/kernel/corenetwork.te.m4
+++ b/refpolicy/policy/modules/kernel/corenetwork.te.m4
@@ -1,3 +1,10 @@
+#
+# shiftn(num,list...)
+#
+# shift the list num times
+#
+define(`shiftn',`ifelse($1,0,`shift($*)',`shiftn(decr($1),shift(shift($*)))')')
+
 define(`declare_netifs',`dnl
 netifcon $2 gen_context(system_u:object_r:$1,$3) gen_context(system_u:object_r:unlabeled_t,$3)
 ifelse(`$4',`',`',`declare_netifs($1,shiftn(3,$*))')dnl
diff --git a/refpolicy/policy/modules/services/distcc.fc b/refpolicy/policy/modules/services/distcc.fc
new file mode 100644
index 0000000..6ce6b00
--- /dev/null
+++ b/refpolicy/policy/modules/services/distcc.fc
@@ -0,0 +1,2 @@
+
+/usr/bin/distccd	--	gen_context(system_u:object_r:distccd_exec_t,s0)
diff --git a/refpolicy/policy/modules/services/distcc.if b/refpolicy/policy/modules/services/distcc.if
new file mode 100644
index 0000000..926e959
--- /dev/null
+++ b/refpolicy/policy/modules/services/distcc.if
@@ -0,0 +1 @@
+## <summary>Distributed compiler daemon</summary>
diff --git a/refpolicy/policy/modules/services/distcc.te b/refpolicy/policy/modules/services/distcc.te
new file mode 100644
index 0000000..6e8c316
--- /dev/null
+++ b/refpolicy/policy/modules/services/distcc.te
@@ -0,0 +1,115 @@
+
+policy_module(distcc,1.0)
+
+########################################
+#
+# Declarations
+#
+
+type distccd_t;
+type distccd_exec_t;
+init_daemon_domain(distccd_t,distccd_exec_t)
+
+type distccd_log_t;
+logging_log_file(distccd_log_t)
+
+type distccd_tmp_t;
+files_tmp_file(distccd_tmp_t)
+
+type distccd_var_run_t;
+files_pid_file(distccd_var_run_t)
+
+########################################
+#
+# Local policy
+#
+
+allow distccd_t self:capability { setgid setuid };
+dontaudit distccd_t self:capability sys_tty_config;
+allow distccd_t self:process { signal_perms setsched };
+allow distccd_t self:fifo_file { read write getattr };
+allow distccd_t self:tcp_socket create_stream_socket_perms;
+allow distccd_t self:udp_socket create_socket_perms;
+
+allow distccd_t distccd_log_t:file create_file_perms;
+logging_create_log(distccd_t,distccd_log_t)
+
+allow distccd_t distccd_tmp_t:dir create_dir_perms;
+allow distccd_t distccd_tmp_t:file create_file_perms;
+files_create_tmp_files(distccd_t, distccd_tmp_t, { file dir })
+
+allow distccd_t distccd_var_run_t:file create_file_perms;
+allow distccd_t distccd_var_run_t:dir rw_dir_perms;
+files_create_pid(distccd_t,distccd_var_run_t)
+
+kernel_read_system_state(distccd_t)
+kernel_read_kernel_sysctl(distccd_t)
+
+allow distccd_t self:tcp_socket create_stream_socket_perms;
+allow distccd_t self:udp_socket create_socket_perms;
+corenet_tcp_sendrecv_all_if(distccd_t)
+corenet_udp_sendrecv_all_if(distccd_t)
+corenet_raw_sendrecv_all_if(distccd_t)
+corenet_tcp_sendrecv_all_nodes(distccd_t)
+corenet_udp_sendrecv_all_nodes(distccd_t)
+corenet_raw_sendrecv_all_nodes(distccd_t)
+corenet_tcp_sendrecv_all_ports(distccd_t)
+corenet_udp_sendrecv_all_ports(distccd_t)
+corenet_tcp_bind_all_nodes(distccd_t)
+corenet_udp_bind_all_nodes(distccd_t)
+corenet_tcp_bind_distcc_port(distccd_t)
+
+dev_read_sysfs(distccd_t)
+
+fs_getattr_all_fs(distccd_t)
+fs_search_auto_mountpoints(distccd_t)
+
+term_dontaudit_use_console(distccd_t)
+
+corecmd_exec_bin(distccd_t)
+corecmd_read_sbin_symlink(distccd_t)
+
+domain_use_wide_inherit_fd(distccd_t)
+
+files_read_etc_files(distccd_t)
+files_read_etc_runtime_files(distccd_t)
+
+init_use_fd(distccd_t)
+init_use_script_pty(distccd_t)
+
+libs_use_ld_so(distccd_t)
+libs_use_shared_libs(distccd_t)
+libs_exec_lib_files(distccd_t)
+
+logging_send_syslog_msg(distccd_t)
+
+miscfiles_read_localization(distccd_t)
+
+sysnet_read_config(distccd_t)
+
+userdom_dontaudit_use_unpriv_user_fd(distccd_t)
+userdom_dontaudit_search_sysadm_home_dir(distccd_t)
+
+ifdef(`targeted_policy',`
+	term_dontaudit_use_unallocated_tty(distccd_t)
+	term_dontaudit_use_generic_pty(distccd_t)
+	files_dontaudit_read_root_file(distccd_t)
+')
+
+optional_policy(`nis.te',`
+	nis_use_ypbind(distccd_t)
+')
+
+optional_policy(`selinuxutil.te',`
+	seutil_sigchld_newrole(distccd_t)
+')
+
+optional_policy(`udev.te',`
+	udev_read_db(distccd_t)
+')
+
+ifdef(`TODO',`
+optional_policy(`rhgb.te',`
+	rhgb_domain(distccd_t)
+')
+') dnl end TODO