diff --git a/policy-F12.patch b/policy-F12.patch
index 652aaf1..3766723 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -1657,8 +1657,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cpufreqselector.te serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te
 --- nsaserefpolicy/policy/modules/apps/cpufreqselector.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te	2009-06-20 06:49:47.000000000 -0400
-@@ -0,0 +1,42 @@
++++ serefpolicy-3.6.18/policy/modules/apps/cpufreqselector.te	2009-06-24 16:19:52.000000000 -0400
+@@ -0,0 +1,43 @@
 +policy_module(cpufreqselector,1.0.0)
 +
 +########################################
@@ -1695,6 +1695,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 +
 +optional_policy(`
++        polkit_dbus_chat(cpufreqselector_t)
 +	polkit_domtrans_auth(cpufreqselector_t)
 +	polkit_read_lib(cpufreqselector_t)
 +	polkit_read_reload(cpufreqselector_t)
@@ -2057,7 +2058,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te serefpolicy-3.6.18/policy/modules/apps/gnome.te
 --- nsaserefpolicy/policy/modules/apps/gnome.te	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/apps/gnome.te	2009-06-20 06:49:47.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/apps/gnome.te	2009-06-24 16:20:30.000000000 -0400
 @@ -9,16 +9,18 @@
  attribute gnomedomain;
  
@@ -2096,7 +2097,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ##############################
  #
  # Local Policy
-@@ -73,3 +84,87 @@
+@@ -73,3 +84,89 @@
  	xserver_use_xdm_fds(gconfd_t)
  	xserver_rw_xdm_pipes(gconfd_t)
  ')
@@ -2138,6 +2139,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 +optional_policy(`
 +        polkit_domtrans_auth(gconfdefaultsm_t)
++        polkit_dbus_chat(gconfdefaultsm_t)
 +        polkit_read_lib(gconfdefaultsm_t)
 +        polkit_read_reload(gconfdefaultsm_t)
 +')
@@ -2177,6 +2179,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 +
 +optional_policy(`
++        polkit_dbus_chat(gnomesystemmm_t)
 +        polkit_domtrans_auth(gnomesystemmm_t)
 +        polkit_read_lib(gnomesystemmm_t)
 +        polkit_read_reload(gnomesystemmm_t)
@@ -3915,8 +3918,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.te serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te
 --- nsaserefpolicy/policy/modules/apps/pulseaudio.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te	2009-06-20 06:49:47.000000000 -0400
-@@ -0,0 +1,111 @@
++++ serefpolicy-3.6.18/policy/modules/apps/pulseaudio.te	2009-06-24 16:20:06.000000000 -0400
+@@ -0,0 +1,112 @@
 +policy_module(pulseaudio,1.0.0)
 +
 +########################################
@@ -4004,6 +4007,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 +
 +optional_policy(`
++        polkit_dbus_chat(pulseaudio_t)
 +	polkit_domtrans_auth(pulseaudio_t)
 +	polkit_read_lib(pulseaudio_t)
 +	polkit_read_reload(pulseaudio_t)
@@ -10698,7 +10702,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.6.18/policy/modules/services/consolekit.te
 --- nsaserefpolicy/policy/modules/services/consolekit.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.18/policy/modules/services/consolekit.te	2009-06-20 06:49:47.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/consolekit.te	2009-06-24 16:21:56.000000000 -0400
 @@ -11,7 +11,7 @@
  init_daemon_domain(consolekit_t, consolekit_exec_t)
  
@@ -10748,10 +10752,11 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  		hal_dbus_chat(consolekit_t)
  	')
  
-@@ -97,11 +106,27 @@
+@@ -97,11 +106,28 @@
  ')
  
  optional_policy(`
++        polkit_dbus_chat(consolekit_t)
 +	polkit_domtrans_auth(consolekit_t)
 +	polkit_read_lib(consolekit_t)
 +	polkit_read_reload(consolekit_t)
@@ -12400,7 +12405,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.18/policy/modules/services/dbus.te
 --- nsaserefpolicy/policy/modules/services/dbus.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/services/dbus.te	2009-06-20 06:49:47.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/dbus.te	2009-06-24 16:21:42.000000000 -0400
 @@ -9,14 +9,15 @@
  #
  # Delcarations
@@ -12495,7 +12500,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  logging_send_audit_msgs(system_dbusd_t)
  logging_send_syslog_msg(system_dbusd_t)
-@@ -128,9 +149,38 @@
+@@ -128,9 +149,39 @@
  ')
  
  optional_policy(`
@@ -12507,6 +12512,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 +
 +optional_policy(`
++        polkit_dbus_chat(system_dbusd_t)
 +	polkit_domtrans_auth(system_dbusd_t)
 +	polkit_search_lib(system_dbusd_t)
 +')
@@ -14081,7 +14087,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.18/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/services/hal.te	2009-06-20 06:49:47.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/hal.te	2009-06-24 16:22:48.000000000 -0400
 @@ -49,6 +49,15 @@
  type hald_var_lib_t;
  files_type(hald_var_lib_t)
@@ -14127,7 +14133,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  userdom_dontaudit_use_unpriv_user_fds(hald_t)
  userdom_dontaudit_search_user_home_dirs(hald_t)
-@@ -277,6 +294,17 @@
+@@ -277,6 +294,18 @@
  ')
  
  optional_policy(`
@@ -14135,6 +14141,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 +
 +optional_policy(`
++        polkit_dbus_chat(hald_t)
 +	polkit_domtrans_auth(hald_t)
 +	polkit_domtrans_resolve(hald_t)
 +	polkit_read_lib(hald_t)
@@ -14145,7 +14152,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	rpc_search_nfs_state_data(hald_t)
  ')
  
-@@ -298,7 +326,11 @@
+@@ -298,7 +327,11 @@
  ')
  
  optional_policy(`
@@ -14158,7 +14165,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  ########################################
-@@ -306,7 +338,7 @@
+@@ -306,7 +339,7 @@
  # Hal acl local policy
  #
  
@@ -14167,7 +14174,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  allow hald_acl_t self:process { getattr signal };
  allow hald_acl_t self:fifo_file rw_fifo_file_perms;
  
-@@ -321,6 +353,7 @@
+@@ -321,6 +354,7 @@
  manage_dirs_pattern(hald_acl_t, hald_var_run_t, hald_var_run_t)
  manage_files_pattern(hald_acl_t, hald_var_run_t, hald_var_run_t)
  files_pid_filetrans(hald_acl_t, hald_var_run_t, { dir file })
@@ -14175,7 +14182,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  corecmd_exec_bin(hald_acl_t)
  
-@@ -339,6 +372,8 @@
+@@ -339,6 +373,8 @@
  
  storage_getattr_removable_dev(hald_acl_t)
  storage_setattr_removable_dev(hald_acl_t)
@@ -14184,11 +14191,12 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  auth_use_nsswitch(hald_acl_t)
  
-@@ -346,12 +381,18 @@
+@@ -346,12 +382,19 @@
  
  miscfiles_read_localization(hald_acl_t)
  
 +optional_policy(`
++        polkit_dbus_chat(hald_acl_t)
 +	polkit_domtrans_auth(hald_acl_t)
 +	polkit_read_lib(hald_acl_t)
 +	polkit_read_reload(hald_acl_t)
@@ -14204,7 +14212,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  domtrans_pattern(hald_t, hald_mac_exec_t, hald_mac_t)
  allow hald_t hald_mac_t:process signal;
-@@ -374,6 +415,8 @@
+@@ -374,6 +417,8 @@
  
  auth_use_nsswitch(hald_mac_t)
  
@@ -14213,7 +14221,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  miscfiles_read_localization(hald_mac_t)
  
  ########################################
-@@ -415,6 +458,55 @@
+@@ -415,6 +460,55 @@
  
  dev_rw_input_dev(hald_keymap_t)
  
@@ -15502,7 +15510,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.6.18/policy/modules/services/networkmanager.te
 --- nsaserefpolicy/policy/modules/services/networkmanager.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/services/networkmanager.te	2009-06-20 06:49:47.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/networkmanager.te	2009-06-24 16:23:00.000000000 -0400
 @@ -19,6 +19,9 @@
  type NetworkManager_tmp_t;
  files_tmp_file(NetworkManager_tmp_t)
@@ -15664,7 +15672,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
-@@ -155,23 +204,50 @@
+@@ -155,23 +204,51 @@
  ')
  
  optional_policy(`
@@ -15694,6 +15702,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
++        polkit_dbus_chat(NetworkManager_t)
 +	polkit_domtrans_auth(NetworkManager_t)
 +	polkit_read_lib(NetworkManager_t)
 +	polkit_read_reload(NetworkManager_t)
@@ -15717,7 +15726,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
-@@ -179,12 +255,15 @@
+@@ -179,12 +256,15 @@
  ')
  
  optional_policy(`
@@ -19359,6 +19368,59 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
  	ccs_stream_connect(ricci_modstorage_t)
  	ccs_read_config(ricci_modstorage_t)
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcbind.if serefpolicy-3.6.18/policy/modules/services/rpcbind.if
+--- nsaserefpolicy/policy/modules/services/rpcbind.if	2008-11-11 16:13:46.000000000 -0500
++++ serefpolicy-3.6.18/policy/modules/services/rpcbind.if	2009-06-24 13:42:58.000000000 -0400
+@@ -97,6 +97,26 @@
+ 
+ ########################################
+ ## <summary>
++##	Connect to rpcbindd over an unix stream socket.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`rpcbind_stream_connect',`
++	gen_require(`
++		type rpcbind_t, rpcbind_var_run_t;
++	')
++
++	files_search_pids($1)
++	allow $1 rpcbind_var_run_t:sock_file write;
++	allow $1 rpcbind_t:unix_stream_socket connectto;
++')
++
++########################################
++## <summary>
+ ##	All of the rules required to administrate 
+ ##	an rpcbind environment
+ ## </summary>
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.if serefpolicy-3.6.18/policy/modules/services/rpc.if
+--- nsaserefpolicy/policy/modules/services/rpc.if	2009-03-20 12:39:39.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/rpc.if	2009-06-24 13:43:27.000000000 -0400
+@@ -54,7 +54,7 @@
+ 	allow $1_t self:unix_dgram_socket create_socket_perms;
+ 	allow $1_t self:unix_stream_socket create_stream_socket_perms;
+ 	allow $1_t self:tcp_socket create_stream_socket_perms;
+-	allow $1_t self:udp_socket create_socket_perms;
++	allow $1_t self:udp_socket create_stream_socket_perms;
+ 
+ 	manage_dirs_pattern($1_t, var_lib_nfs_t, var_lib_nfs_t)
+ 	manage_files_pattern($1_t, var_lib_nfs_t, var_lib_nfs_t)
+@@ -109,6 +109,10 @@
+ 	userdom_dontaudit_use_unpriv_user_fds($1_t)
+ 
+ 	optional_policy(`
++		rpcbind_stream_connect($1_t)
++	')
++
++	optional_policy(`
+ 		seutil_sigchld_newrole($1_t)
+ 	')
+ 
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.6.18/policy/modules/services/rpc.te
 --- nsaserefpolicy/policy/modules/services/rpc.te	2009-03-20 12:39:39.000000000 -0400
 +++ serefpolicy-3.6.18/policy/modules/services/rpc.te	2009-06-20 06:49:47.000000000 -0400
@@ -22985,7 +23047,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.te serefpolicy-3.6.18/policy/modules/services/virt.te
 --- nsaserefpolicy/policy/modules/services/virt.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/services/virt.te	2009-06-22 18:01:06.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/virt.te	2009-06-24 16:23:19.000000000 -0400
 @@ -8,19 +8,38 @@
  
  ## <desc>
@@ -23178,7 +23240,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  tunable_policy(`virt_use_nfs',`
  	fs_manage_nfs_dirs(virtd_t)
-@@ -167,22 +247,34 @@
+@@ -167,22 +247,35 @@
  	dnsmasq_domtrans(virtd_t)
  	dnsmasq_signal(virtd_t)
  	dnsmasq_kill(virtd_t)
@@ -23203,6 +23265,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 +
 +optional_policy(`
++        polkit_dbus_chat(virtd_t)
 +	polkit_domtrans_auth(virtd_t)
 +	polkit_domtrans_resolve(virtd_t)
 +	polkit_read_lib(virtd_t)
@@ -23218,7 +23281,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
-@@ -195,8 +287,94 @@
+@@ -195,8 +288,94 @@
  
  	xen_stream_connect(virtd_t)
  	xen_stream_connect_xenstore(virtd_t)
@@ -24085,7 +24148,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.18/policy/modules/services/xserver.te
 --- nsaserefpolicy/policy/modules/services/xserver.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.18/policy/modules/services/xserver.te	2009-06-20 06:49:47.000000000 -0400
++++ serefpolicy-3.6.18/policy/modules/services/xserver.te	2009-06-24 16:23:32.000000000 -0400
 @@ -34,6 +34,13 @@
  
  ## <desc>
@@ -24510,10 +24573,11 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	hostname_exec(xdm_t)
  ')
  
-@@ -542,6 +648,23 @@
+@@ -542,6 +648,24 @@
  ')
  
  optional_policy(`
++        polkit_dbus_chat(xdm_t)
 +	polkit_domtrans_auth(xdm_t)
 +	polkit_read_lib(xdm_t)
 +	polkit_read_reload(xdm_t)
@@ -24534,7 +24598,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	seutil_sigchld_newrole(xdm_t)
  ')
  
-@@ -550,8 +673,9 @@
+@@ -550,8 +674,9 @@
  ')
  
  optional_policy(`
@@ -24546,7 +24610,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  	ifndef(`distro_redhat',`
  		allow xdm_t self:process { execheap execmem };
-@@ -560,7 +684,6 @@
+@@ -560,7 +685,6 @@
  	ifdef(`distro_rhel4',`
  		allow xdm_t self:process { execheap execmem };
  	')
@@ -24554,7 +24618,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  optional_policy(`
  	userhelper_dontaudit_search_config(xdm_t)
-@@ -571,6 +694,10 @@
+@@ -571,6 +695,10 @@
  ')
  
  optional_policy(`
@@ -24565,7 +24629,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	xfs_stream_connect(xdm_t)
  ')
  
-@@ -587,7 +714,7 @@
+@@ -587,7 +715,7 @@
  # execheap needed until the X module loader is fixed.
  # NVIDIA Needs execstack
  
@@ -24574,7 +24638,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  dontaudit xserver_t self:capability chown;
  allow xserver_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
  allow xserver_t self:memprotect mmap_zero;
-@@ -602,9 +729,11 @@
+@@ -602,9 +730,11 @@
  allow xserver_t self:unix_stream_socket { create_stream_socket_perms connectto };
  allow xserver_t self:tcp_socket create_stream_socket_perms;
  allow xserver_t self:udp_socket create_socket_perms;
@@ -24586,7 +24650,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  allow xserver_t { input_xevent_t input_xevent_type }:x_event send;
  
-@@ -616,13 +745,14 @@
+@@ -616,13 +746,14 @@
  type_transition xserver_t xserver_t:{ x_drawable x_colormap } rootwindow_t;
  
  allow xserver_t { rootwindow_t x_domain }:x_drawable send;
@@ -24602,7 +24666,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  manage_dirs_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
  manage_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
-@@ -635,9 +765,19 @@
+@@ -635,9 +766,19 @@
  manage_lnk_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
  files_search_var_lib(xserver_t)
  
@@ -24622,7 +24686,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  kernel_read_system_state(xserver_t)
  kernel_read_device_sysctls(xserver_t)
-@@ -680,9 +820,14 @@
+@@ -680,9 +821,14 @@
  dev_rw_xserver_misc(xserver_t)
  # read events - the synaptics touchpad driver reads raw events
  dev_rw_input_dev(xserver_t)
@@ -24637,7 +24701,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  files_read_etc_files(xserver_t)
  files_read_etc_runtime_files(xserver_t)
-@@ -697,8 +842,12 @@
+@@ -697,8 +843,12 @@
  fs_search_nfs(xserver_t)
  fs_search_auto_mountpoints(xserver_t)
  fs_search_ramfs(xserver_t)
@@ -24650,7 +24714,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  selinux_validate_context(xserver_t)
  selinux_compute_access_vector(xserver_t)
-@@ -720,6 +869,7 @@
+@@ -720,6 +870,7 @@
  
  miscfiles_read_localization(xserver_t)
  miscfiles_read_fonts(xserver_t)
@@ -24658,7 +24722,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  modutils_domtrans_insmod(xserver_t)
  
-@@ -742,7 +892,7 @@
+@@ -742,7 +893,7 @@
  ')
  
  ifdef(`enable_mls',`
@@ -24667,7 +24731,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	range_transition xserver_t xserver_t:x_drawable s0 - mls_systemhigh;
  ')
  
-@@ -774,12 +924,20 @@
+@@ -774,12 +925,20 @@
  ')
  
  optional_policy(`
@@ -24689,7 +24753,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	unconfined_domtrans(xserver_t)
  ')
  
-@@ -806,7 +964,7 @@
+@@ -806,7 +965,7 @@
  allow xserver_t xdm_var_lib_t:file { getattr read };
  dontaudit xserver_t xdm_var_lib_t:dir search;
  
@@ -24698,7 +24762,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  # Label pid and temporary files with derived types.
  manage_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
-@@ -827,9 +985,14 @@
+@@ -827,9 +986,14 @@
  # to read ROLE_home_t - examine this in more detail
  # (xauth?)
  userdom_read_user_home_content_files(xserver_t)
@@ -24713,7 +24777,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  tunable_policy(`use_nfs_home_dirs',`
  	fs_manage_nfs_dirs(xserver_t)
  	fs_manage_nfs_files(xserver_t)
-@@ -844,11 +1007,14 @@
+@@ -844,11 +1008,14 @@
  
  optional_policy(`
  	dbus_system_bus_client(xserver_t)
@@ -24729,7 +24793,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
-@@ -856,6 +1022,11 @@
+@@ -856,6 +1023,11 @@
  	rhgb_rw_tmpfs_files(xserver_t)
  ')
  
@@ -24741,7 +24805,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
  #
  # Rules common to all X window domains
-@@ -881,6 +1052,8 @@
+@@ -881,6 +1053,8 @@
  # X Server
  # can read server-owned resources
  allow x_domain xserver_t:x_resource read;
@@ -24750,7 +24814,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # can mess with own clients
  allow x_domain self:x_client { manage destroy };
  
-@@ -905,6 +1078,8 @@
+@@ -905,6 +1079,8 @@
  # operations allowed on my windows
  allow x_domain self:x_drawable { create destroy getattr setattr read write show hide list_child add_child remove_child manage send receive };
  
@@ -24759,7 +24823,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # X Colormaps
  # can use the default colormap
  allow x_domain rootwindow_t:x_colormap { read use add_color };
-@@ -972,17 +1147,49 @@
+@@ -972,17 +1148,49 @@
  allow xserver_unconfined_type { x_domain xserver_t }:x_resource *;
  allow xserver_unconfined_type xevent_type:{ x_event x_synthetic_event } *;
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index bd8a784..7a3cdd9 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.6.19
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -473,6 +473,9 @@ exit 0
 %endif
 
 %changelog
+* Wed Jun 24 2009 Dan Walsh <dwalsh@redhat.com> 3.6.19-4
+- Allow rpcd_t to stream connect to rpcbind
+
 * Tue Jun 23 2009 Dan Walsh <dwalsh@redhat.com> 3.6.19-3
 - Allow kpropd to create tmp files