diff --git a/.cvsignore b/.cvsignore
index 724a8a9..8252a82 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -168,3 +168,4 @@ serefpolicy-3.6.10.tgz
 serefpolicy-3.6.11.tgz
 serefpolicy-3.6.12.tgz
 serefpolicy-3.6.13.tgz
+serefpolicy-3.6.14.tgz
diff --git a/nsadiff b/nsadiff
index d968a16..a234622 100755
--- a/nsadiff
+++ b/nsadiff
@@ -1 +1 @@
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.13 > /tmp/diff
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.6.14 > /tmp/diff
diff --git a/policy-F12.patch b/policy-F12.patch
index 4f435c0..df0fbcd 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -1,6 +1,6 @@
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/default_contexts serefpolicy-3.6.14/config/appconfig-mcs/default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,15 +1,6 @@
 -system_r:crond_t:s0		user_r:cronjob_t:s0 staff_r:cronjob_t:s0 sysadm_r:cronjob_t:s0 system_r:cronjob_t:s0 unconfined_r:unconfined_cronjob_t:s0
 -system_r:local_login_t:s0	user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0
@@ -24,13 +24,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +system_r:xdm_t:s0		user_r:user_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.6.14/config/appconfig-mcs/failsafe_context
 --- nsaserefpolicy/config/appconfig-mcs/failsafe_context	2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.14/config/appconfig-mcs/failsafe_context	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/failsafe_context	2009-06-08 21:43:15.000000000 -0400
 @@ -1 +1 @@
 -sysadm_r:sysadm_t:s0
 +system_r:unconfined_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.6.14/config/appconfig-mcs/root_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/root_default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/root_default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/root_default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,11 +1,7 @@
 -system_r:crond_t:s0		unconfined_r:unconfined_t:s0 sysadm_r:cronjob_t:s0 staff_r:cronjob_t:s0 user_r:cronjob_t:s0
 +system_r:crond_t:s0		unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -47,7 +47,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +system_r:sshd_t:s0		unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/securetty_types serefpolicy-3.6.14/config/appconfig-mcs/securetty_types
 --- nsaserefpolicy/config/appconfig-mcs/securetty_types	2009-06-08 15:22:18.000000000 -0400
-+++ serefpolicy-3.6.14/config/appconfig-mcs/securetty_types	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/securetty_types	2009-06-08 21:43:15.000000000 -0400
 @@ -1 +1,6 @@
 +auditadm_tty_device_t
 +secadm_tty_device_t
@@ -57,7 +57,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
  user_tty_device_t
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/seusers serefpolicy-3.6.14/config/appconfig-mcs/seusers
 --- nsaserefpolicy/config/appconfig-mcs/seusers	2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.14/config/appconfig-mcs/seusers	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/seusers	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,3 @@
  system_u:system_u:s0-mcs_systemhigh
 -root:root:s0-mcs_systemhigh
@@ -66,7 +66,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +__default__:unconfined_u:s0-mcs_systemhigh
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts serefpolicy-3.6.14/config/appconfig-mcs/staff_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/staff_u_default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/staff_u_default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,10 +1,12 @@
  system_r:local_login_t:s0	staff_r:staff_t:s0 sysadm_r:sysadm_t:s0
  system_r:remote_login_t:s0	staff_r:staff_t:s0
@@ -83,7 +83,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.6.14/config/appconfig-mcs/unconfined_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/unconfined_u_default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/unconfined_u_default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,4 @@
 -system_r:crond_t:s0		unconfined_r:unconfined_t:s0 unconfined_r:unconfined_cronjob_t:s0
 +system_r:crond_t:s0		unconfined_r:unconfined_t:s0
@@ -99,13 +99,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
  system_r:xdm_t:s0		unconfined_r:unconfined_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.6.14/config/appconfig-mcs/userhelper_context
 --- nsaserefpolicy/config/appconfig-mcs/userhelper_context	2008-08-07 11:15:14.000000000 -0400
-+++ serefpolicy-3.6.14/config/appconfig-mcs/userhelper_context	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/userhelper_context	2009-06-08 21:43:15.000000000 -0400
 @@ -1 +1 @@
 -system_u:sysadm_r:sysadm_t:s0
 +system_u:system_r:unconfined_t:s0	
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts serefpolicy-3.6.14/config/appconfig-mcs/user_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/user_u_default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/user_u_default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,8 +1,9 @@
  system_r:local_login_t:s0	user_r:user_t:s0
  system_r:remote_login_t:s0	user_r:user_t:s0
@@ -120,18 +120,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +user_r:user_t:s0		user_r:user_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_domain_context serefpolicy-3.6.14/config/appconfig-mcs/virtual_domain_context
 --- nsaserefpolicy/config/appconfig-mcs/virtual_domain_context	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/virtual_domain_context	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/virtual_domain_context	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1 @@
 +system_u:system_r:svirt_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/virtual_image_context serefpolicy-3.6.14/config/appconfig-mcs/virtual_image_context
 --- nsaserefpolicy/config/appconfig-mcs/virtual_image_context	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mcs/virtual_image_context	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mcs/virtual_image_context	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,2 @@
 +system_u:object_r:svirt_image_t:s0
 +system_u:object_r:virt_content_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/default_contexts serefpolicy-3.6.14/config/appconfig-mls/default_contexts
 --- nsaserefpolicy/config/appconfig-mls/default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mls/default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mls/default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,15 +1,6 @@
 -system_r:crond_t:s0		user_r:cronjob_t:s0 staff_r:cronjob_t:s0 sysadm_r:cronjob_t:s0 system_r:cronjob_t:s0 unconfined_r:unconfined_cronjob_t:s0
 -system_r:local_login_t:s0	user_r:user_t:s0 staff_r:staff_t:s0 sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0
@@ -155,7 +155,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +system_r:xdm_t:s0		user_r:user_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/root_default_contexts serefpolicy-3.6.14/config/appconfig-mls/root_default_contexts
 --- nsaserefpolicy/config/appconfig-mls/root_default_contexts	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mls/root_default_contexts	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mls/root_default_contexts	2009-06-08 21:43:15.000000000 -0400
 @@ -1,11 +1,11 @@
 -system_r:crond_t:s0		unconfined_r:unconfined_t:s0 sysadm_r:cronjob_t:s0 staff_r:cronjob_t:s0 user_r:cronjob_t:s0
 -system_r:local_login_t:s0	unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -176,18 +176,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
 +#system_r:sshd_t:s0		sysadm_r:sysadm_t:s0 staff_r:staff_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_domain_context serefpolicy-3.6.14/config/appconfig-mls/virtual_domain_context
 --- nsaserefpolicy/config/appconfig-mls/virtual_domain_context	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mls/virtual_domain_context	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mls/virtual_domain_context	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1 @@
 +system_u:system_r:qemu_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/virtual_image_context serefpolicy-3.6.14/config/appconfig-mls/virtual_image_context
 --- nsaserefpolicy/config/appconfig-mls/virtual_image_context	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/config/appconfig-mls/virtual_image_context	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-mls/virtual_image_context	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,2 @@
 +system_u:object_r:virt_image_t:s0
 +system_u:object_r:virt_content_t:s0
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/securetty_types serefpolicy-3.6.14/config/appconfig-standard/securetty_types
 --- nsaserefpolicy/config/appconfig-standard/securetty_types	2009-06-08 15:22:18.000000000 -0400
-+++ serefpolicy-3.6.14/config/appconfig-standard/securetty_types	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/config/appconfig-standard/securetty_types	2009-06-08 21:43:15.000000000 -0400
 @@ -1 +1,6 @@
 +auditadm_tty_device_t
 +secadm_tty_device_t
@@ -197,7 +197,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/con
  user_tty_device_t
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.6.14/Makefile
 --- nsaserefpolicy/Makefile	2009-01-19 11:07:35.000000000 -0500
-+++ serefpolicy-3.6.14/Makefile	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/Makefile	2009-06-08 21:43:15.000000000 -0400
 @@ -241,7 +241,7 @@
  appdir := $(contextpath)
  user_default_contexts := $(wildcard config/appconfig-$(TYPE)/*_default_contexts)
@@ -262,7 +262,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Mak
  	$(verbose) $(INSTALL) -m 644 $< $@
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-3.6.14/policy/global_tunables
 --- nsaserefpolicy/policy/global_tunables	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/policy/global_tunables	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/global_tunables	2009-06-08 21:43:15.000000000 -0400
 @@ -61,15 +61,6 @@
  
  ## <desc>
@@ -300,7 +300,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mcs serefpolicy-3.6.14/policy/mcs
 --- nsaserefpolicy/policy/mcs	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/mcs	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/mcs	2009-06-08 21:43:15.000000000 -0400
 @@ -67,7 +67,7 @@
  # Note that getattr on files is always permitted.
  #
@@ -334,7 +334,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	(( h1 dom h2 ) or ( t1 == mcssetcats ));
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mls serefpolicy-3.6.14/policy/mls
 --- nsaserefpolicy/policy/mls	2009-06-08 15:22:18.000000000 -0400
-+++ serefpolicy-3.6.14/policy/mls	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/mls	2009-06-08 21:43:15.000000000 -0400
 @@ -516,25 +516,6 @@
  
  
@@ -363,7 +363,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-3.6.14/policy/modules/admin/anaconda.te
 --- nsaserefpolicy/policy/modules/admin/anaconda.te	2009-01-05 15:39:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/anaconda.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/anaconda.te	2009-06-08 21:43:15.000000000 -0400
 @@ -31,6 +31,7 @@
  modutils_domtrans_insmod(anaconda_t)
  
@@ -374,7 +374,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/certwatch.te serefpolicy-3.6.14/policy/modules/admin/certwatch.te
 --- nsaserefpolicy/policy/modules/admin/certwatch.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/certwatch.te	2009-06-08 21:24:50.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/certwatch.te	2009-06-08 21:43:15.000000000 -0400
 @@ -24,18 +24,22 @@
  files_read_usr_files(certwatch_t)
  files_read_usr_symlinks(certwatch_t)
@@ -401,7 +401,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/dmesg.fc serefpolicy-3.6.14/policy/modules/admin/dmesg.fc
 --- nsaserefpolicy/policy/modules/admin/dmesg.fc	2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/dmesg.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/dmesg.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,2 +1,4 @@
  
  /bin/dmesg		--		gen_context(system_u:object_r:dmesg_exec_t,s0)
@@ -409,7 +409,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/sbin/mcelog	--		gen_context(system_u:object_r:dmesg_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/dmesg.te serefpolicy-3.6.14/policy/modules/admin/dmesg.te
 --- nsaserefpolicy/policy/modules/admin/dmesg.te	2009-01-05 15:39:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/dmesg.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/dmesg.te	2009-06-08 21:43:15.000000000 -0400
 @@ -9,6 +9,7 @@
  type dmesg_t;
  type dmesg_exec_t;
@@ -446,7 +446,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.if serefpolicy-3.6.14/policy/modules/admin/kismet.if
 --- nsaserefpolicy/policy/modules/admin/kismet.if	2008-11-11 16:13:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/kismet.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/kismet.if	2009-06-08 21:43:15.000000000 -0400
 @@ -16,6 +16,7 @@
  	')
  
@@ -457,7 +457,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.te serefpolicy-3.6.14/policy/modules/admin/kismet.te
 --- nsaserefpolicy/policy/modules/admin/kismet.te	2009-01-05 15:39:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/kismet.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/kismet.te	2009-06-08 21:43:15.000000000 -0400
 @@ -14,27 +14,36 @@
  type kismet_var_run_t;
  files_pid_file(kismet_var_run_t)
@@ -525,7 +525,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +userdom_read_user_tmpfs_files(kismet_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logrotate.te serefpolicy-3.6.14/policy/modules/admin/logrotate.te
 --- nsaserefpolicy/policy/modules/admin/logrotate.te	2009-04-07 15:53:36.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/logrotate.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/logrotate.te	2009-06-08 21:43:15.000000000 -0400
 @@ -116,8 +116,9 @@
  seutil_dontaudit_read_config(logrotate_t)
  
@@ -558,7 +558,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logwatch.te serefpolicy-3.6.14/policy/modules/admin/logwatch.te
 --- nsaserefpolicy/policy/modules/admin/logwatch.te	2009-03-20 12:39:40.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/logwatch.te	2009-06-08 21:23:56.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/logwatch.te	2009-06-08 21:43:15.000000000 -0400
 @@ -62,10 +62,9 @@
  files_read_usr_files(logwatch_t)
  files_search_spool(logwatch_t)
@@ -588,7 +588,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/mrtg.te serefpolicy-3.6.14/policy/modules/admin/mrtg.te
 --- nsaserefpolicy/policy/modules/admin/mrtg.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/mrtg.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/mrtg.te	2009-06-08 21:43:15.000000000 -0400
 @@ -116,6 +116,7 @@
  userdom_use_user_terminals(mrtg_t)
  userdom_dontaudit_read_user_home_content_files(mrtg_t)
@@ -599,7 +599,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	corenet_udp_sendrecv_lo_if(mrtg_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutils.te serefpolicy-3.6.14/policy/modules/admin/netutils.te
 --- nsaserefpolicy/policy/modules/admin/netutils.te	2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/netutils.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/netutils.te	2009-06-08 21:43:15.000000000 -0400
 @@ -50,7 +50,7 @@
  files_tmp_filetrans(netutils_t, netutils_tmp_t, { file dir })
  
@@ -622,7 +622,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/prelink.fc serefpolicy-3.6.14/policy/modules/admin/prelink.fc
 --- nsaserefpolicy/policy/modules/admin/prelink.fc	2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/prelink.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/prelink.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -5,3 +5,5 @@
  
  /var/log/prelink\.log		--	gen_context(system_u:object_r:prelink_log_t,s0)
@@ -631,7 +631,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/lib/misc/prelink.*		--	gen_context(system_u:object_r:prelink_var_lib_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/prelink.if serefpolicy-3.6.14/policy/modules/admin/prelink.if
 --- nsaserefpolicy/policy/modules/admin/prelink.if	2008-11-11 16:13:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/prelink.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/prelink.if	2009-06-08 21:43:15.000000000 -0400
 @@ -120,3 +120,23 @@
  	logging_search_logs($1)
  	manage_files_pattern($1, prelink_log_t, prelink_log_t)
@@ -658,7 +658,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/prelink.te serefpolicy-3.6.14/policy/modules/admin/prelink.te
 --- nsaserefpolicy/policy/modules/admin/prelink.te	2009-01-05 15:39:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/prelink.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/prelink.te	2009-06-08 21:43:15.000000000 -0400
 @@ -21,12 +21,15 @@
  type prelink_tmp_t;
  files_tmp_file(prelink_tmp_t)
@@ -735,7 +735,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.fc serefpolicy-3.6.14/policy/modules/admin/readahead.fc
 --- nsaserefpolicy/policy/modules/admin/readahead.fc	2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/readahead.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/readahead.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,5 @@
 -/etc/readahead.d(/.*)?		gen_context(system_u:object_r:readahead_etc_rw_t,s0)
 +/usr/sbin/readahead.*	--	gen_context(system_u:object_r:readahead_exec_t,s0)
@@ -746,7 +746,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -/usr/sbin/readahead	--	gen_context(system_u:object_r:readahead_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-3.6.14/policy/modules/admin/readahead.te
 --- nsaserefpolicy/policy/modules/admin/readahead.te	2009-01-05 15:39:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/readahead.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/readahead.te	2009-06-08 21:43:15.000000000 -0400
 @@ -11,8 +11,8 @@
  init_daemon_domain(readahead_t, readahead_exec_t)
  application_domain(readahead_t, readahead_exec_t)
@@ -813,7 +813,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  miscfiles_read_localization(readahead_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.fc serefpolicy-3.6.14/policy/modules/admin/rpm.fc
 --- nsaserefpolicy/policy/modules/admin/rpm.fc	2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/rpm.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/rpm.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -3,15 +3,12 @@
  /usr/bin/smart 			--	gen_context(system_u:object_r:rpm_exec_t,s0)
  
@@ -856,7 +856,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ifdef(`distro_suse', `
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.if serefpolicy-3.6.14/policy/modules/admin/rpm.if
 --- nsaserefpolicy/policy/modules/admin/rpm.if	2008-11-11 16:13:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/rpm.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/rpm.if	2009-06-08 21:43:15.000000000 -0400
 @@ -66,6 +66,11 @@
  	rpm_domtrans($1)
  	role $2 types rpm_t;
@@ -1217,7 +1217,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.te serefpolicy-3.6.14/policy/modules/admin/rpm.te
 --- nsaserefpolicy/policy/modules/admin/rpm.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/rpm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/rpm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -9,6 +9,8 @@
  type rpm_t;
  type rpm_exec_t;
@@ -1451,7 +1451,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  		java_domtrans_unconfined(rpm_script_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/sudo.if serefpolicy-3.6.14/policy/modules/admin/sudo.if
 --- nsaserefpolicy/policy/modules/admin/sudo.if	2008-11-11 16:13:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/sudo.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/sudo.if	2009-06-08 21:43:15.000000000 -0400
 @@ -32,6 +32,7 @@
  
  	gen_require(`
@@ -1589,7 +1589,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/sudo.te serefpolicy-3.6.14/policy/modules/admin/sudo.te
 --- nsaserefpolicy/policy/modules/admin/sudo.te	2009-01-05 15:39:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/sudo.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/sudo.te	2009-06-08 21:43:15.000000000 -0400
 @@ -4,6 +4,7 @@
  ########################################
  #
@@ -1600,7 +1600,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  application_executable_file(sudo_exec_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if serefpolicy-3.6.14/policy/modules/admin/su.if
 --- nsaserefpolicy/policy/modules/admin/su.if	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/su.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/su.if	2009-06-08 21:43:15.000000000 -0400
 @@ -90,15 +90,6 @@
  
  	miscfiles_read_localization($1_su_t)
@@ -1635,7 +1635,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  		domain_subj_id_change_exemption($1_su_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreaper.te serefpolicy-3.6.14/policy/modules/admin/tmpreaper.te
 --- nsaserefpolicy/policy/modules/admin/tmpreaper.te	2008-11-11 16:13:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/admin/tmpreaper.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/tmpreaper.te	2009-06-08 21:43:15.000000000 -0400
 @@ -28,6 +28,9 @@
  files_purge_tmp(tmpreaper_t)
  # why does it need setattr?
@@ -1675,7 +1675,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/usermanage.te serefpolicy-3.6.14/policy/modules/admin/usermanage.te
 --- nsaserefpolicy/policy/modules/admin/usermanage.te	2009-03-20 12:39:40.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/usermanage.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/usermanage.te	2009-06-08 21:43:15.000000000 -0400
 @@ -209,6 +209,7 @@
  files_manage_etc_files(groupadd_t)
  files_relabel_etc_files(groupadd_t)
@@ -1707,7 +1707,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vbetool.te serefpolicy-3.6.14/policy/modules/admin/vbetool.te
 --- nsaserefpolicy/policy/modules/admin/vbetool.te	2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/admin/vbetool.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/admin/vbetool.te	2009-06-08 21:43:15.000000000 -0400
 @@ -23,6 +23,7 @@
  dev_rwx_zero(vbetool_t)
  dev_read_sysfs(vbetool_t)
@@ -1728,7 +1728,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/awstats.te serefpolicy-3.6.14/policy/modules/apps/awstats.te
 --- nsaserefpolicy/policy/modules/apps/awstats.te	2009-02-16 08:44:12.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/awstats.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/awstats.te	2009-06-08 21:43:15.000000000 -0400
 @@ -51,6 +51,8 @@
  
  libs_read_lib_files(awstats_t)
@@ -1740,18 +1740,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  sysnet_dns_name_resolve(awstats_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cpufreqselector.fc serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.fc
 --- nsaserefpolicy/policy/modules/apps/cpufreqselector.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1 @@
 +/usr/bin/cpufreq-selector       --      gen_context(system_u:object_r:cpufreqselector_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cpufreqselector.if serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.if
 --- nsaserefpolicy/policy/modules/apps/cpufreqselector.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,2 @@
 +## <summary>cpufreq-selector policy</summary>
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/cpufreqselector.te serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.te
 --- nsaserefpolicy/policy/modules/apps/cpufreqselector.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.te	2009-06-08 21:25:51.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/cpufreqselector.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,42 @@
 +policy_module(cpufreqselector,1.0.0)
 +
@@ -1797,7 +1797,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +permissive cpufreqselector_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.fc serefpolicy-3.6.14/policy/modules/apps/gnome.fc
 --- nsaserefpolicy/policy/modules/apps/gnome.fc	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/gnome.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/gnome.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,8 +1,16 @@
 -HOME_DIR/\.config/gtk-.*	gen_context(system_u:object_r:gnome_home_t,s0)
 +HOME_DIR/\.config(/.*)?		gen_context(system_u:object_r:gnome_home_t,s0)
@@ -1819,7 +1819,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/libexec/gnome-system-monitor-mechanism 	--      gen_context(system_u:object_r:gnomesystemmm_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.if serefpolicy-3.6.14/policy/modules/apps/gnome.if
 --- nsaserefpolicy/policy/modules/apps/gnome.if	2008-11-11 16:13:41.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/gnome.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/gnome.if	2009-06-08 21:43:15.000000000 -0400
 @@ -89,5 +89,175 @@
  
  	allow $1 gnome_home_t:dir manage_dir_perms;
@@ -1998,7 +1998,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te serefpolicy-3.6.14/policy/modules/apps/gnome.te
 --- nsaserefpolicy/policy/modules/apps/gnome.te	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/gnome.te	2009-06-08 21:31:42.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/gnome.te	2009-06-08 21:43:15.000000000 -0400
 @@ -9,16 +9,18 @@
  attribute gnomedomain;
  
@@ -2127,7 +2127,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.fc serefpolicy-3.6.14/policy/modules/apps/gpg.fc
 --- nsaserefpolicy/policy/modules/apps/gpg.fc	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/gpg.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/gpg.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -5,5 +5,5 @@
  /usr/bin/kgpg		--	gen_context(system_u:object_r:gpg_exec_t,s0)
  /usr/bin/pinentry.*	--	gen_context(system_u:object_r:pinentry_exec_t,s0)
@@ -2138,7 +2138,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib(64)?/gnupg/gpgkeys.* --	gen_context(system_u:object_r:gpg_helper_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.if serefpolicy-3.6.14/policy/modules/apps/gpg.if
 --- nsaserefpolicy/policy/modules/apps/gpg.if	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/gpg.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/gpg.if	2009-06-08 21:43:15.000000000 -0400
 @@ -30,7 +30,7 @@
  
  	# allow ps to show gpg
@@ -2168,7 +2168,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te serefpolicy-3.6.14/policy/modules/apps/gpg.te
 --- nsaserefpolicy/policy/modules/apps/gpg.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/gpg.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/gpg.te	2009-06-08 21:43:15.000000000 -0400
 @@ -60,7 +60,7 @@
  
  allow gpg_t self:capability { ipc_lock setuid };
@@ -2265,7 +2265,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc serefpolicy-3.6.14/policy/modules/apps/java.fc
 --- nsaserefpolicy/policy/modules/apps/java.fc	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/java.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/java.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -2,15 +2,16 @@
  # /opt
  #
@@ -2302,7 +2302,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib/opera(/.*)?/opera	--	gen_context(system_u:object_r:java_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if serefpolicy-3.6.14/policy/modules/apps/java.if
 --- nsaserefpolicy/policy/modules/apps/java.if	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/java.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/java.if	2009-06-08 21:43:15.000000000 -0400
 @@ -30,6 +30,7 @@
  
  	allow java_t $2:unix_stream_socket connectto;
@@ -2445,7 +2445,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.te serefpolicy-3.6.14/policy/modules/apps/java.te
 --- nsaserefpolicy/policy/modules/apps/java.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/java.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/java.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,8 @@
  typealias java_t alias { staff_javaplugin_t user_javaplugin_t sysadm_javaplugin_t };
  typealias java_t alias { auditadm_javaplugin_t secadm_javaplugin_t };
@@ -2510,13 +2510,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.fc serefpolicy-3.6.14/policy/modules/apps/livecd.fc
 --- nsaserefpolicy/policy/modules/apps/livecd.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/livecd.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/livecd.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,2 @@
 +
 +/usr/bin/livecd-creator	--	gen_context(system_u:object_r:livecd_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.if serefpolicy-3.6.14/policy/modules/apps/livecd.if
 --- nsaserefpolicy/policy/modules/apps/livecd.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/livecd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/livecd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,50 @@
 +
 +## <summary>policy for livecd</summary>
@@ -2570,7 +2570,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.te serefpolicy-3.6.14/policy/modules/apps/livecd.te
 --- nsaserefpolicy/policy/modules/apps/livecd.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/livecd.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/livecd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,26 @@
 +policy_module(livecd, 1.0.0)
 +
@@ -2600,7 +2600,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +seutil_domtrans_setfiles_mac(livecd_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.if serefpolicy-3.6.14/policy/modules/apps/mono.if
 --- nsaserefpolicy/policy/modules/apps/mono.if	2008-08-07 11:15:02.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/apps/mono.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/mono.if	2009-06-08 21:43:15.000000000 -0400
 @@ -21,6 +21,105 @@
  
  ########################################
@@ -2718,7 +2718,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	corecmd_search_bin($1)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.te serefpolicy-3.6.14/policy/modules/apps/mono.te
 --- nsaserefpolicy/policy/modules/apps/mono.te	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/mono.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/mono.te	2009-06-08 21:43:15.000000000 -0400
 @@ -15,7 +15,7 @@
  # Local policy
  #
@@ -2744,7 +2744,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.fc serefpolicy-3.6.14/policy/modules/apps/mozilla.fc
 --- nsaserefpolicy/policy/modules/apps/mozilla.fc	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/mozilla.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/mozilla.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -17,7 +17,6 @@
  #
  # /etc
@@ -2761,7 +2761,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib64/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:mozilla_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.if serefpolicy-3.6.14/policy/modules/apps/mozilla.if
 --- nsaserefpolicy/policy/modules/apps/mozilla.if	2008-11-11 16:13:41.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/mozilla.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/mozilla.if	2009-06-08 21:43:15.000000000 -0400
 @@ -82,8 +82,7 @@
  		type mozilla_home_t;
  	')
@@ -2774,7 +2774,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.te serefpolicy-3.6.14/policy/modules/apps/mozilla.te
 --- nsaserefpolicy/policy/modules/apps/mozilla.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/mozilla.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/mozilla.te	2009-06-08 21:43:15.000000000 -0400
 @@ -105,6 +105,7 @@
  # Should not need other ports
  corenet_dontaudit_tcp_sendrecv_generic_port(mozilla_t)
@@ -2813,7 +2813,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.fc serefpolicy-3.6.14/policy/modules/apps/nsplugin.fc
 --- nsaserefpolicy/policy/modules/apps/nsplugin.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/nsplugin.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/nsplugin.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,12 @@
 +HOME_DIR/\.adobe(/.*)?			gen_context(system_u:object_r:nsplugin_home_t,s0)
 +HOME_DIR/\.macromedia(/.*)?		gen_context(system_u:object_r:nsplugin_home_t,s0)
@@ -2829,7 +2829,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib(64)?/mozilla/plugins-wrapped(/.*)?			gen_context(system_u:object_r:nsplugin_rw_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.if serefpolicy-3.6.14/policy/modules/apps/nsplugin.if
 --- nsaserefpolicy/policy/modules/apps/nsplugin.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/nsplugin.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/nsplugin.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,313 @@
 +
 +## <summary>policy for nsplugin</summary>
@@ -3146,7 +3146,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.te serefpolicy-3.6.14/policy/modules/apps/nsplugin.te
 --- nsaserefpolicy/policy/modules/apps/nsplugin.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/nsplugin.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/nsplugin.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,286 @@
 +
 +policy_module(nsplugin, 1.0.0)
@@ -3436,14 +3436,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.fc serefpolicy-3.6.14/policy/modules/apps/openoffice.fc
 --- nsaserefpolicy/policy/modules/apps/openoffice.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/openoffice.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/openoffice.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,3 @@
 +/usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:openoffice_exec_t,s0)
 +/usr/lib64/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:openoffice_exec_t,s0)
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.if serefpolicy-3.6.14/policy/modules/apps/openoffice.if
 --- nsaserefpolicy/policy/modules/apps/openoffice.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/openoffice.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/openoffice.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,93 @@
 +## <summary>Openoffice</summary>
 +
@@ -3540,7 +3540,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.te serefpolicy-3.6.14/policy/modules/apps/openoffice.te
 --- nsaserefpolicy/policy/modules/apps/openoffice.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/openoffice.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/openoffice.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,14 @@
 +
 +policy_module(openoffice, 1.0.0)
@@ -3558,7 +3558,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/podsleuth.fc serefpolicy-3.6.14/policy/modules/apps/podsleuth.fc
 --- nsaserefpolicy/policy/modules/apps/podsleuth.fc	2008-08-07 11:15:02.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/apps/podsleuth.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/podsleuth.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,2 +1,4 @@
  
  /usr/bin/podsleuth	--	gen_context(system_u:object_r:podsleuth_exec_t,s0)
@@ -3566,7 +3566,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/cache/podsleuth(/.*)?		gen_context(system_u:object_r:podsleuth_cache_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/podsleuth.if serefpolicy-3.6.14/policy/modules/apps/podsleuth.if
 --- nsaserefpolicy/policy/modules/apps/podsleuth.if	2008-08-07 11:15:02.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/apps/podsleuth.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/podsleuth.if	2009-06-08 21:43:15.000000000 -0400
 @@ -16,4 +16,32 @@
  	')
  
@@ -3602,7 +3602,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/podsleuth.te serefpolicy-3.6.14/policy/modules/apps/podsleuth.te
 --- nsaserefpolicy/policy/modules/apps/podsleuth.te	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/podsleuth.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/podsleuth.te	2009-06-08 21:43:15.000000000 -0400
 @@ -11,25 +11,80 @@
  application_domain(podsleuth_t, podsleuth_exec_t)
  role system_r types podsleuth_t;
@@ -3690,13 +3690,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.fc serefpolicy-3.6.14/policy/modules/apps/pulseaudio.fc
 --- nsaserefpolicy/policy/modules/apps/pulseaudio.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/pulseaudio.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/pulseaudio.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,2 @@
 +
 +/usr/bin/pulseaudio	--	gen_context(system_u:object_r:pulseaudio_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.if serefpolicy-3.6.14/policy/modules/apps/pulseaudio.if
 --- nsaserefpolicy/policy/modules/apps/pulseaudio.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/pulseaudio.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/pulseaudio.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,148 @@
 +
 +## <summary>policy for pulseaudio</summary>
@@ -3848,7 +3848,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.te serefpolicy-3.6.14/policy/modules/apps/pulseaudio.te
 --- nsaserefpolicy/policy/modules/apps/pulseaudio.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/pulseaudio.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/pulseaudio.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,111 @@
 +policy_module(pulseaudio,1.0.0)
 +
@@ -3963,7 +3963,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.fc serefpolicy-3.6.14/policy/modules/apps/qemu.fc
 --- nsaserefpolicy/policy/modules/apps/qemu.fc	2008-08-07 11:15:02.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/apps/qemu.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/qemu.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,2 +1,3 @@
 -/usr/bin/qemu	--	gen_context(system_u:object_r:qemu_exec_t,s0)
 -/usr/bin/qemu-kvm --	gen_context(system_u:object_r:qemu_exec_t,s0)
@@ -3972,7 +3972,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.if serefpolicy-3.6.14/policy/modules/apps/qemu.if
 --- nsaserefpolicy/policy/modules/apps/qemu.if	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/qemu.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/qemu.if	2009-06-08 21:43:15.000000000 -0400
 @@ -40,6 +40,93 @@
  
  	qemu_domtrans($1)
@@ -4281,7 +4281,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.te serefpolicy-3.6.14/policy/modules/apps/qemu.te
 --- nsaserefpolicy/policy/modules/apps/qemu.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/qemu.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/qemu.te	2009-06-08 21:43:15.000000000 -0400
 @@ -13,28 +13,96 @@
  ## </desc>
  gen_tunable(qemu_full_network, false)
@@ -4399,7 +4399,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sambagui.fc serefpolicy-3.6.14/policy/modules/apps/sambagui.fc
 --- nsaserefpolicy/policy/modules/apps/sambagui.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/sambagui.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/sambagui.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,4 @@
 +/usr/share/system-config-samba/system-config-samba-mechanism.py -- gen_context(system_u:object_r:sambagui_exec_t,s0)
 +
@@ -4407,13 +4407,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sambagui.if serefpolicy-3.6.14/policy/modules/apps/sambagui.if
 --- nsaserefpolicy/policy/modules/apps/sambagui.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/sambagui.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/sambagui.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,2 @@
 +## <summary>system-config-samba policy</summary>
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sambagui.te serefpolicy-3.6.14/policy/modules/apps/sambagui.te
 --- nsaserefpolicy/policy/modules/apps/sambagui.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/sambagui.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/sambagui.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,57 @@
 +policy_module(sambagui,1.0.0)
 +
@@ -4474,12 +4474,12 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +permissive sambagui_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.fc serefpolicy-3.6.14/policy/modules/apps/sandbox.fc
 --- nsaserefpolicy/policy/modules/apps/sandbox.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/sandbox.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/sandbox.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1 @@
 +# No types are sandbox_exec_t
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.if serefpolicy-3.6.14/policy/modules/apps/sandbox.if
 --- nsaserefpolicy/policy/modules/apps/sandbox.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/sandbox.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/sandbox.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,75 @@
 +
 +## <summary>policy for sandbox</summary>
@@ -4558,7 +4558,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.te serefpolicy-3.6.14/policy/modules/apps/sandbox.te
 --- nsaserefpolicy/policy/modules/apps/sandbox.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/sandbox.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/sandbox.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,43 @@
 +policy_module(sandbox,1.0.0)
 +
@@ -4605,7 +4605,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +corecmd_exec_all_executables(sandbox_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.if serefpolicy-3.6.14/policy/modules/apps/screen.if
 --- nsaserefpolicy/policy/modules/apps/screen.if	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/screen.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/screen.if	2009-06-08 21:43:15.000000000 -0400
 @@ -165,3 +165,24 @@
  		nscd_socket_use($1_screen_t)
  	')
@@ -4633,7 +4633,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/uml.te serefpolicy-3.6.14/policy/modules/apps/uml.te
 --- nsaserefpolicy/policy/modules/apps/uml.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/uml.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/uml.te	2009-06-08 21:43:15.000000000 -0400
 @@ -16,14 +16,12 @@
  type uml_ro_t;
  typealias uml_ro_t alias { user_uml_ro_t staff_uml_ro_t sysadm_uml_ro_t };
@@ -4653,7 +4653,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  typealias uml_tmp_t alias { user_uml_tmp_t staff_uml_tmp_t sysadm_uml_tmp_t };
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.fc serefpolicy-3.6.14/policy/modules/apps/vmware.fc
 --- nsaserefpolicy/policy/modules/apps/vmware.fc	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/vmware.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/vmware.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -63,6 +63,7 @@
  ')
  
@@ -4664,7 +4664,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/run/vmware.* 			gen_context(system_u:object_r:vmware_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.te serefpolicy-3.6.14/policy/modules/apps/vmware.te
 --- nsaserefpolicy/policy/modules/apps/vmware.te	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/vmware.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/vmware.te	2009-06-08 21:43:15.000000000 -0400
 @@ -29,6 +29,10 @@
  type vmware_host_exec_t;
  init_daemon_domain(vmware_host_t, vmware_host_exec_t)
@@ -4755,7 +4755,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  storage_raw_read_removable_device(vmware_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/webalizer.te serefpolicy-3.6.14/policy/modules/apps/webalizer.te
 --- nsaserefpolicy/policy/modules/apps/webalizer.te	2009-02-16 08:44:12.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/webalizer.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/webalizer.te	2009-06-08 21:43:15.000000000 -0400
 @@ -69,7 +69,6 @@
  fs_search_auto_mountpoints(webalizer_t)
  fs_getattr_xattr_fs(webalizer_t)
@@ -4766,7 +4766,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  files_read_etc_runtime_files(webalizer_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.fc serefpolicy-3.6.14/policy/modules/apps/wine.fc
 --- nsaserefpolicy/policy/modules/apps/wine.fc	2008-08-07 11:15:02.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/apps/wine.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/wine.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,21 @@
 -/usr/bin/wine			--	gen_context(system_u:object_r:wine_exec_t,s0)
 +/usr/bin/wine.*			--	gen_context(system_u:object_r:wine_exec_t,s0)
@@ -4794,7 +4794,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -/opt/picasa/wine/bin/wine	--	gen_context(system_u:object_r:wine_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.if serefpolicy-3.6.14/policy/modules/apps/wine.if
 --- nsaserefpolicy/policy/modules/apps/wine.if	2008-11-11 16:13:41.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/wine.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/wine.if	2009-06-08 21:43:15.000000000 -0400
 @@ -43,3 +43,63 @@
  	wine_domtrans($1)
  	role $2 types wine_t;
@@ -4861,7 +4861,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.te serefpolicy-3.6.14/policy/modules/apps/wine.te
 --- nsaserefpolicy/policy/modules/apps/wine.te	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/wine.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/wine.te	2009-06-08 21:43:15.000000000 -0400
 @@ -9,6 +9,7 @@
  type wine_t;
  type wine_exec_t;
@@ -4894,14 +4894,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wm.fc serefpolicy-3.6.14/policy/modules/apps/wm.fc
 --- nsaserefpolicy/policy/modules/apps/wm.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/wm.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/wm.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,3 @@
 +/usr/bin/twm		--	gen_context(system_u:object_r:wm_exec_t,s0)
 +/usr/bin/openbox	--	gen_context(system_u:object_r:wm_exec_t,s0)
 +/usr/bin/metacity	--	gen_context(system_u:object_r:wm_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wm.if serefpolicy-3.6.14/policy/modules/apps/wm.if
 --- nsaserefpolicy/policy/modules/apps/wm.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/wm.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/wm.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,108 @@
 +## <summary>Window Manager.</summary>
 +
@@ -5013,7 +5013,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wm.te serefpolicy-3.6.14/policy/modules/apps/wm.te
 --- nsaserefpolicy/policy/modules/apps/wm.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/apps/wm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/apps/wm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,9 @@
 +policy_module(wm,0.0.4)
 +
@@ -5026,7 +5026,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +corecmd_executable_file(wm_exec_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corecommands.fc serefpolicy-3.6.14/policy/modules/kernel/corecommands.fc
 --- nsaserefpolicy/policy/modules/kernel/corecommands.fc	2009-03-05 10:34:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/corecommands.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/corecommands.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -7,6 +7,7 @@
  /bin/d?ash			--	gen_context(system_u:object_r:shell_exec_t,s0)
  /bin/bash			--	gen_context(system_u:object_r:shell_exec_t,s0)
@@ -5109,7 +5109,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corecommands.if serefpolicy-3.6.14/policy/modules/kernel/corecommands.if
 --- nsaserefpolicy/policy/modules/kernel/corecommands.if	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/corecommands.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/corecommands.if	2009-06-08 21:43:15.000000000 -0400
 @@ -893,6 +893,7 @@
  
  	read_lnk_files_pattern($1, bin_t, bin_t)
@@ -5120,7 +5120,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.if.in serefpolicy-3.6.14/policy/modules/kernel/corenetwork.if.in
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in	2009-02-03 22:50:50.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/corenetwork.if.in	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/corenetwork.if.in	2009-06-08 21:43:15.000000000 -0400
 @@ -1612,6 +1612,24 @@
  
  ########################################
@@ -5173,7 +5173,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.6.14/policy/modules/kernel/corenetwork.te.in
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/corenetwork.te.in	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/corenetwork.te.in	2009-06-08 21:43:15.000000000 -0400
 @@ -65,6 +65,7 @@
  type server_packet_t, packet_type, server_packet_type;
  
@@ -5291,8 +5291,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  #network_node(multicast, s0 - mls_systemhigh, ff00::, ff00::)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.fc serefpolicy-3.6.14/policy/modules/kernel/devices.fc
 --- nsaserefpolicy/policy/modules/kernel/devices.fc	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/devices.fc	2009-06-08 21:21:19.000000000 -0400
-@@ -47,8 +46,10 @@
++++ serefpolicy-3.6.14/policy/modules/kernel/devices.fc	2009-06-08 21:43:15.000000000 -0400
+@@ -47,8 +47,10 @@
  /dev/kmem		-c	gen_context(system_u:object_r:memory_device_t,mls_systemhigh)
  /dev/kmsg		-c	gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh)
  /dev/kqemu		-c	gen_context(system_u:object_r:qemu_device_t,s0)
@@ -5305,7 +5305,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /dev/lp.*		-c	gen_context(system_u:object_r:printer_device_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.if serefpolicy-3.6.14/policy/modules/kernel/devices.if
 --- nsaserefpolicy/policy/modules/kernel/devices.if	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/devices.if	2009-06-08 21:34:49.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/devices.if	2009-06-08 21:43:15.000000000 -0400
 @@ -1655,6 +1655,78 @@
  
  ########################################
@@ -5475,7 +5475,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.te serefpolicy-3.6.14/policy/modules/kernel/devices.te
 --- nsaserefpolicy/policy/modules/kernel/devices.te	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/devices.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/devices.te	2009-06-08 21:43:15.000000000 -0400
 @@ -84,6 +84,13 @@
  dev_node(kmsg_device_t)
  
@@ -5505,7 +5505,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  type lvm_control_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-3.6.14/policy/modules/kernel/domain.if
 --- nsaserefpolicy/policy/modules/kernel/domain.if	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/domain.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/domain.if	2009-06-08 21:43:15.000000000 -0400
 @@ -65,7 +65,8 @@
  	')
  
@@ -5598,7 +5598,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.te serefpolicy-3.6.14/policy/modules/kernel/domain.te
 --- nsaserefpolicy/policy/modules/kernel/domain.te	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/domain.te	2009-06-08 21:26:28.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/domain.te	2009-06-08 21:43:15.000000000 -0400
 @@ -5,6 +5,13 @@
  #
  # Declarations
@@ -5731,7 +5731,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.fc serefpolicy-3.6.14/policy/modules/kernel/files.fc
 --- nsaserefpolicy/policy/modules/kernel/files.fc	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/files.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/files.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -8,6 +8,8 @@
  /initrd\.img.*		-l	gen_context(system_u:object_r:boot_t,s0)
  /vmlinuz.*		-l	gen_context(system_u:object_r:boot_t,s0)
@@ -5760,7 +5760,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/lib/nfs/rpc_pipefs(/.*)?	<<none>>
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-3.6.14/policy/modules/kernel/files.if
 --- nsaserefpolicy/policy/modules/kernel/files.if	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/files.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/files.if	2009-06-08 21:43:15.000000000 -0400
 @@ -110,6 +110,11 @@
  ## </param>
  #
@@ -6218,7 +6218,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.te serefpolicy-3.6.14/policy/modules/kernel/files.te
 --- nsaserefpolicy/policy/modules/kernel/files.te	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/files.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/files.te	2009-06-08 21:43:15.000000000 -0400
 @@ -52,7 +52,9 @@
  #
  # etc_t is the type of the system etc directories.
@@ -6244,24 +6244,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  #
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.fc serefpolicy-3.6.14/policy/modules/kernel/filesystem.fc
 --- nsaserefpolicy/policy/modules/kernel/filesystem.fc	2008-08-07 11:15:01.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/filesystem.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/filesystem.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1 +1 @@
 -# This module currently does not have any file contexts.
 +/dev/shm		-d	gen_context(system_u:object_r:tmpfs_t,s0)
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-3.6.14/policy/modules/kernel/filesystem.if
---- nsaserefpolicy/policy/modules/kernel/filesystem.if	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/filesystem.if	2009-06-08 21:21:19.000000000 -0400
-3341,6 +3342,7 @@
- 		type tmpfs_t;
- 	')
- 
-+	dontaudit $1 tmpfs_t:dir rw_dir_perms;
- 	dontaudit $1 tmpfs_t:file rw_file_perms;
- ')
- 
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-3.6.14/policy/modules/kernel/kernel.if
 --- nsaserefpolicy/policy/modules/kernel/kernel.if	2009-01-05 15:39:38.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/kernel.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/kernel.if	2009-06-08 21:43:15.000000000 -0400
 @@ -157,7 +157,7 @@
  		type kernel_t;
  	')
@@ -6405,7 +6394,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.te serefpolicy-3.6.14/policy/modules/kernel/kernel.te
 --- nsaserefpolicy/policy/modules/kernel/kernel.te	2009-02-03 22:50:50.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/kernel.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/kernel.te	2009-06-08 21:43:15.000000000 -0400
 @@ -63,6 +63,15 @@
  genfscon debugfs / gen_context(system_u:object_r:debugfs_t,s0)
  
@@ -6517,237 +6506,9 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +files_boot(kernel_t)
 +
 +permissive kernel_t;
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/rwhod.fc serefpolicy-3.6.14/policy/modules/kernel/rwhod.fc
---- nsaserefpolicy/policy/modules/kernel/rwhod.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/rwhod.fc	2009-06-08 21:21:19.000000000 -0400
-@@ -0,0 +1,5 @@
-+
-+/usr/sbin/rwhod	--	gen_context(system_u:object_r:rwhod_exec_t,s0)
-+
-+/etc/rc\.d/init\.d/rwhod	--	gen_context(system_u:object_r:rwhod_initrc_exec_t,s0)
-+/var/spool/rwho(/.*)?			gen_context(system_u:object_r:rwhod_spool_t,s0)
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/rwhod.if serefpolicy-3.6.14/policy/modules/kernel/rwhod.if
---- nsaserefpolicy/policy/modules/kernel/rwhod.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/rwhod.if	2009-06-08 21:21:19.000000000 -0400
-@@ -0,0 +1,164 @@
-+
-+## <summary>policy for rwhod</summary>
-+
-+########################################
-+## <summary>
-+##	Execute a domain transition to run rwhod.
-+## </summary>
-+## <param name="domain">
-+## <summary>
-+##	Domain allowed to transition.
-+## </summary>
-+## </param>
-+#
-+interface(`rwhod_domtrans',`
-+	gen_require(`
-+		type rwhod_t;
-+                type rwhod_exec_t;
-+	')
-+
-+	domtrans_pattern($1,rwhod_exec_t,rwhod_t)
-+')
-+
-+
-+########################################
-+## <summary>
-+##	Execute rwhod server in the rwhod domain.
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	The type of the process performing this action.
-+##	</summary>
-+## </param>
-+#
-+interface(`rwhod_initrc_domtrans',`
-+	gen_require(`
-+		type rwhod_initrc_exec_t;
-+	')
-+
-+	init_labeled_script_domtrans($1,rwhod_initrc_exec_t)
-+')
-+
-+########################################
-+## <summary>
-+##	Search rwhod spool directories.
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	Domain allowed access.
-+##	</summary>
-+## </param>
-+#
-+interface(`rwhod_search_spool',`
-+	gen_require(`
-+		type rwhod_spool_t;
-+	')
-+
-+	allow $1 rwhod_spool_t:dir search_dir_perms;
-+	files_search_spool($1)
-+')
-+
-+########################################
-+## <summary>
-+##	Read rwhod spool files.
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	Domain allowed access.
-+##	</summary>
-+## </param>
-+#
-+interface(`rwhod_read_spool_files',`
-+	gen_require(`
-+		type rwhod_spool_t;
-+	')
-+
-+	files_search_spool($1)
-+        read_files_pattern($1, rwhod_spool_t rwhod_spool_t)
-+')
-+
-+########################################
-+## <summary>
-+##	Create, read, write, and delete
-+##	rwhod spool files.
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	Domain allowed access.
-+##	</summary>
-+## </param>
-+#
-+interface(`rwhod_manage_spool_files',`
-+	gen_require(`
-+		type rwhod_spool_t;
-+	')
-+
-+	files_search_spool($1)
-+        manage_files_pattern($1,rwhod_spool_t,rwhod_spool_t)
-+')
-+
-+########################################
-+## <summary>
-+##	Allow domain to manage rwhod spool files
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	Domain to not audit.
-+##	</summary>
-+## </param>
-+#
-+interface(`rwhod_manage_spool',`
-+	gen_require(`
-+		type rwhod_spool_t;
-+	')
-+
-+         manage_dirs_pattern($1,rwhod_spool_t,rwhod_spool_t)
-+         manage_files_pattern($1,rwhod_spool_t,rwhod_spool_t)
-+         manage_lnk_files_pattern($1,rwhod_spool_t,rwhod_spool_t)
-+')
-+
-+
-+########################################
-+## <summary>
-+##	All of the rules required to administrate 
-+##	an rwhod environment
-+## </summary>
-+## <param name="domain">
-+##	<summary>
-+##	Domain allowed access.
-+##	</summary>
-+## </param>
-+## <param name="role">
-+##	<summary>
-+##	The role to be allowed to manage the rwhod domain.
-+##	</summary>
-+## </param>
-+## <param name="terminal">
-+##	<summary>
-+##	The type of the user terminal.
-+##	</summary>
-+## </param>
-+## <rolecap/>
-+#
-+interface(`rwhod_admin',`
-+	gen_require(`
-+		type rwhod_t;
-+	')
-+
-+	allow $1 rwhod_t:process { ptrace signal_perms getattr };
-+	read_files_pattern($1, rwhod_t, rwhod_t)
-+	        
-+
-+	gen_require(`
-+		type rwhod_initrc_exec_t;
-+	')
-+
-+	# Allow rwhod_t to restart the apache service
-+	rwhod_initrc_domtrans($1)
-+	domain_system_change_exemption($1)
-+	role_transition $2 rwhod_initrc_exec_t system_r;
-+	allow $2 system_r;
-+
-+	rwhod_manage_spool($1)
-+
-+')
-diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/rwhod.te serefpolicy-3.6.14/policy/modules/kernel/rwhod.te
---- nsaserefpolicy/policy/modules/kernel/rwhod.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/rwhod.te	2009-06-08 21:21:19.000000000 -0400
-@@ -0,0 +1,47 @@
-+policy_module(rwhod,1.0.0)
-+
-+########################################
-+#
-+# Declarations
-+#
-+
-+type rwhod_t;
-+type rwhod_exec_t;
-+init_daemon_domain(rwhod_t, rwhod_exec_t)
-+
-+permissive rwhod_t;
-+
-+type rwhod_initrc_exec_t;
-+init_script_file(rwhod_initrc_exec_t)
-+
-+type rwhod_spool_t;
-+files_type(rwhod_spool_t)
-+
-+########################################
-+#
-+# rwhod local policy
-+#
-+
-+allow rwhod self:capability { kill setgid setuid };
-+allow rwhod self:process { fork signal };
-+
-+# Init script handling
-+domain_use_interactive_fds(rwhod_t)
-+
-+# internal communication is often done using fifo and unix sockets.
-+allow rwhod_t self:fifo_file rw_file_perms;
-+allow rwhod_t self:unix_stream_socket create_stream_socket_perms;
-+
-+files_read_etc_files(rwhod_t)
-+
-+miscfiles_read_localization(rwhod_t)
-+
-+
-+allow rwhod_t rwhod_spool_t:dir manage_dir_perms;
-+allow rwhod_t rwhod_spool_t:file manage_file_perms;
-+allow rwhod_t rwhod_spool_t:sock_file manage_sock_file_perms;
-+files_spool_filetrans(rwhod_t,rwhod_spool_t, { file dir sock_file })
-+
-+auth_use_nsswitch(rwhod_t)
-+
-+logging_send_syslog_msg(rwhod_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/selinux.if serefpolicy-3.6.14/policy/modules/kernel/selinux.if
 --- nsaserefpolicy/policy/modules/kernel/selinux.if	2009-01-19 11:03:28.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/selinux.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/selinux.if	2009-06-08 21:43:15.000000000 -0400
 @@ -40,7 +40,7 @@
  
  	# because of this statement, any module which
@@ -6807,7 +6568,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storage.fc serefpolicy-3.6.14/policy/modules/kernel/storage.fc
 --- nsaserefpolicy/policy/modules/kernel/storage.fc	2009-03-05 12:28:57.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/storage.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/storage.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -57,7 +57,7 @@
  
  /dev/cciss/[^/]*	-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
@@ -6819,7 +6580,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /dev/i2o/hd[^/]*	-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.fc serefpolicy-3.6.14/policy/modules/kernel/terminal.fc
 --- nsaserefpolicy/policy/modules/kernel/terminal.fc	2008-08-07 11:15:01.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/kernel/terminal.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/terminal.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -13,6 +13,7 @@
  /dev/ip2[^/]*		-c	gen_context(system_u:object_r:tty_device_t,s0)
  /dev/isdn.*		-c	gen_context(system_u:object_r:tty_device_t,s0)
@@ -6830,7 +6591,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /dev/tty		-c	gen_context(system_u:object_r:devtty_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-3.6.14/policy/modules/kernel/terminal.if
 --- nsaserefpolicy/policy/modules/kernel/terminal.if	2008-11-11 16:13:41.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/kernel/terminal.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/kernel/terminal.if	2009-06-08 21:43:15.000000000 -0400
 @@ -173,7 +173,7 @@
  
  	dev_list_all_dev_nodes($1)
@@ -6878,7 +6639,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/guest.te serefpolicy-3.6.14/policy/modules/roles/guest.te
 --- nsaserefpolicy/policy/modules/roles/guest.te	2009-04-06 12:42:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/roles/guest.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/guest.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,7 +6,7 @@
  # Declarations
  #
@@ -6904,7 +6665,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +gen_user(guest_u, user, guest_r, s0, s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/staff.te serefpolicy-3.6.14/policy/modules/roles/staff.te
 --- nsaserefpolicy/policy/modules/roles/staff.te	2008-11-11 16:13:47.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/staff.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/staff.te	2009-06-08 21:43:15.000000000 -0400
 @@ -15,156 +15,99 @@
  # Local policy
  #
@@ -7099,7 +6860,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/sysadm.if serefpolicy-3.6.14/policy/modules/roles/sysadm.if
 --- nsaserefpolicy/policy/modules/roles/sysadm.if	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/sysadm.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/sysadm.if	2009-06-08 21:43:15.000000000 -0400
 @@ -116,41 +116,6 @@
  
  ########################################
@@ -7144,7 +6905,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ##	requiring the caller to use setexeccon().
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/sysadm.te serefpolicy-3.6.14/policy/modules/roles/sysadm.te
 --- nsaserefpolicy/policy/modules/roles/sysadm.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/sysadm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/sysadm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -15,7 +15,7 @@
  
  role sysadm_r;
@@ -7435,7 +7196,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfineduser.fc serefpolicy-3.6.14/policy/modules/roles/unconfineduser.fc
 --- nsaserefpolicy/policy/modules/roles/unconfineduser.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/unconfineduser.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/unconfineduser.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,34 @@
 +# Add programs here which should not be confined by SELinux
 +# e.g.:
@@ -7473,7 +7234,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfineduser.if serefpolicy-3.6.14/policy/modules/roles/unconfineduser.if
 --- nsaserefpolicy/policy/modules/roles/unconfineduser.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/unconfineduser.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/unconfineduser.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,638 @@
 +## <summary>Unconfiend user role</summary>
 +
@@ -8115,7 +7876,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfineduser.te serefpolicy-3.6.14/policy/modules/roles/unconfineduser.te
 --- nsaserefpolicy/policy/modules/roles/unconfineduser.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/unconfineduser.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/unconfineduser.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,403 @@
 +policy_module(unconfineduser, 1.0.0)
 +
@@ -8522,7 +8283,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +gen_user(unconfined_u, user, unconfined_r system_r, s0, s0 - mls_systemhigh, mcs_allcats)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unprivuser.te serefpolicy-3.6.14/policy/modules/roles/unprivuser.te
 --- nsaserefpolicy/policy/modules/roles/unprivuser.te	2008-11-11 16:13:47.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/roles/unprivuser.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/unprivuser.te	2009-06-08 21:43:15.000000000 -0400
 @@ -14,142 +14,13 @@
  userdom_unpriv_user_template(user)
  
@@ -8671,7 +8432,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/webadm.te serefpolicy-3.6.14/policy/modules/roles/webadm.te
 --- nsaserefpolicy/policy/modules/roles/webadm.te	2009-04-07 15:53:36.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/roles/webadm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/webadm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -42,7 +42,7 @@
  
  userdom_dontaudit_search_user_home_dirs(webadm_t)
@@ -8683,7 +8444,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	userdom_manage_user_home_content_files(webadm_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/xguest.te serefpolicy-3.6.14/policy/modules/roles/xguest.te
 --- nsaserefpolicy/policy/modules/roles/xguest.te	2009-04-06 12:42:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/roles/xguest.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/roles/xguest.te	2009-06-08 21:43:15.000000000 -0400
 @@ -67,7 +67,11 @@
  ')
  
@@ -8714,7 +8475,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +gen_user(xguest_u, user, xguest_r, s0, s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/afs.fc serefpolicy-3.6.14/policy/modules/services/afs.fc
 --- nsaserefpolicy/policy/modules/services/afs.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/afs.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/afs.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,6 @@
 +/etc/rc\.d/init\.d/openafs-client	--	gen_context(system_u:object_r:afs_initrc_exec_t,s0)
 +/etc/rc\.d/init\.d/afs	--	gen_context(system_u:object_r:afs_initrc_exec_t,s0)
@@ -8738,7 +8499,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/cache/afs(/.*)?		gen_context(system_u:object_r:afs_cache_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/afs.if serefpolicy-3.6.14/policy/modules/services/afs.if
 --- nsaserefpolicy/policy/modules/services/afs.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/afs.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/afs.if	2009-06-08 21:43:15.000000000 -0400
 @@ -1 +1,110 @@
  ## <summary>Andrew Filesystem server</summary>
 +
@@ -8852,7 +8613,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/afs.te serefpolicy-3.6.14/policy/modules/services/afs.te
 --- nsaserefpolicy/policy/modules/services/afs.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/afs.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/afs.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,16 @@
  # Declarations
  #
@@ -8919,7 +8680,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +permissive afs_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.fc serefpolicy-3.6.14/policy/modules/services/apache.fc
 --- nsaserefpolicy/policy/modules/services/apache.fc	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/apache.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/apache.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,12 +1,13 @@
 -HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_user_content_t,s0)
 +HOME_DIR/((www)|(web)|(public_html)|(public_git))(/.+)? gen_context(system_u:object_r:httpd_user_content_t,s0)
@@ -9015,7 +8776,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/www/svn/conf(/.*)?			gen_context(system_u:object_r:httpd_sys_content_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.if serefpolicy-3.6.14/policy/modules/services/apache.if
 --- nsaserefpolicy/policy/modules/services/apache.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/apache.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/apache.if	2009-06-08 21:43:15.000000000 -0400
 @@ -13,21 +13,16 @@
  #
  template(`apache_content_template',`
@@ -9557,7 +9318,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.6.14/policy/modules/services/apache.te
 --- nsaserefpolicy/policy/modules/services/apache.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/apache.te	2009-06-08 21:26:38.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/apache.te	2009-06-08 21:43:15.000000000 -0400
 @@ -19,6 +19,8 @@
  # Declarations
  #
@@ -10268,7 +10029,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.te serefpolicy-3.6.14/policy/modules/services/apm.te
 --- nsaserefpolicy/policy/modules/services/apm.te	2009-02-16 08:44:12.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/apm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/apm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -123,6 +123,7 @@
  libs_exec_lib_files(apmd_t)
  
@@ -10279,7 +10040,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  miscfiles_read_hwdata(apmd_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/audioentropy.te serefpolicy-3.6.14/policy/modules/services/audioentropy.te
 --- nsaserefpolicy/policy/modules/services/audioentropy.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/audioentropy.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/audioentropy.te	2009-06-08 21:43:15.000000000 -0400
 @@ -40,6 +40,9 @@
  # and sample rate.
  dev_write_sound(entropyd_t)
@@ -10304,7 +10065,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.if serefpolicy-3.6.14/policy/modules/services/automount.if
 --- nsaserefpolicy/policy/modules/services/automount.if	2008-10-14 11:58:09.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/automount.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/automount.if	2009-06-08 21:43:15.000000000 -0400
 @@ -109,6 +109,25 @@
  
  ########################################
@@ -10333,7 +10094,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## </summary>
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.te serefpolicy-3.6.14/policy/modules/services/automount.te
 --- nsaserefpolicy/policy/modules/services/automount.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/automount.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/automount.te	2009-06-08 21:43:15.000000000 -0400
 @@ -71,6 +71,7 @@
  files_mounton_all_mountpoints(automount_t)
  files_mount_all_file_type_fs(automount_t)
@@ -10377,7 +10138,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avahi.te serefpolicy-3.6.14/policy/modules/services/avahi.te
 --- nsaserefpolicy/policy/modules/services/avahi.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/avahi.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/avahi.te	2009-06-08 21:43:15.000000000 -0400
 @@ -33,6 +33,7 @@
  allow avahi_t self:tcp_socket create_stream_socket_perms;
  allow avahi_t self:udp_socket create_socket_perms;
@@ -10396,7 +10157,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.fc serefpolicy-3.6.14/policy/modules/services/bind.fc
 --- nsaserefpolicy/policy/modules/services/bind.fc	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/bind.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/bind.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,17 +1,22 @@
  /etc/rc\.d/init\.d/named --	gen_context(system_u:object_r:named_initrc_exec_t,s0)
 +/etc/rc\.d/init\.d/unbound	--	gen_context(system_u:object_r:named_initrc_exec_t,s0)
@@ -10436,7 +10197,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/named/chroot/var/named(/.*)? gen_context(system_u:object_r:named_zone_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.if serefpolicy-3.6.14/policy/modules/services/bind.if
 --- nsaserefpolicy/policy/modules/services/bind.if	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/bind.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/bind.if	2009-06-08 21:43:15.000000000 -0400
 @@ -38,6 +38,42 @@
  
  ########################################
@@ -10535,7 +10296,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.te serefpolicy-3.6.14/policy/modules/services/bind.te
 --- nsaserefpolicy/policy/modules/services/bind.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/bind.te	2009-06-08 21:26:49.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/bind.te	2009-06-08 21:43:15.000000000 -0400
 @@ -123,6 +123,7 @@
  corenet_sendrecv_dns_client_packets(named_t)
  corenet_sendrecv_rndc_server_packets(named_t)
@@ -10555,7 +10316,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitlbee.te serefpolicy-3.6.14/policy/modules/services/bitlbee.te
 --- nsaserefpolicy/policy/modules/services/bitlbee.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/bitlbee.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/bitlbee.te	2009-06-08 21:43:15.000000000 -0400
 @@ -75,6 +75,8 @@
  # grant read-only access to the user help files
  files_read_usr_files(bitlbee_t)
@@ -10567,7 +10328,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  miscfiles_read_localization(bitlbee_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-3.6.14/policy/modules/services/bluetooth.te
 --- nsaserefpolicy/policy/modules/services/bluetooth.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/bluetooth.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/bluetooth.te	2009-06-08 21:43:15.000000000 -0400
 @@ -152,6 +152,10 @@
  	optional_policy(`
  		hal_dbus_chat(bluetooth_t)
@@ -10581,7 +10342,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.fc serefpolicy-3.6.14/policy/modules/services/clamav.fc
 --- nsaserefpolicy/policy/modules/services/clamav.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/clamav.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/clamav.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,20 +1,23 @@
  /etc/clamav(/.*)?			gen_context(system_u:object_r:clamd_etc_t,s0)
 +/etc/rc\.d/init\.d/clamd-wrapper	--	gen_context(system_u:object_r:clamd_initrc_exec_t,s0)
@@ -10613,7 +10374,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/spool/MailScanner(/.*)?	gen_context(system_u:object_r:clamd_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.if serefpolicy-3.6.14/policy/modules/services/clamav.if
 --- nsaserefpolicy/policy/modules/services/clamav.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/clamav.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/clamav.if	2009-06-08 21:43:15.000000000 -0400
 @@ -38,6 +38,27 @@
  
  ########################################
@@ -10731,7 +10492,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.te serefpolicy-3.6.14/policy/modules/services/clamav.te
 --- nsaserefpolicy/policy/modules/services/clamav.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/clamav.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/clamav.te	2009-06-08 21:43:15.000000000 -0400
 @@ -13,7 +13,10 @@
  
  # configuration files
@@ -10828,7 +10589,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.6.14/policy/modules/services/consolekit.te
 --- nsaserefpolicy/policy/modules/services/consolekit.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/consolekit.te	2009-06-08 21:27:01.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/consolekit.te	2009-06-08 21:43:15.000000000 -0400
 @@ -11,7 +11,7 @@
  init_daemon_domain(consolekit_t, consolekit_exec_t)
  
@@ -10905,7 +10666,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.if serefpolicy-3.6.14/policy/modules/services/courier.if
 --- nsaserefpolicy/policy/modules/services/courier.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/courier.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/courier.if	2009-06-08 21:43:15.000000000 -0400
 @@ -179,6 +179,24 @@
  
  ########################################
@@ -10933,7 +10694,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.te serefpolicy-3.6.14/policy/modules/services/courier.te
 --- nsaserefpolicy/policy/modules/services/courier.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/courier.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/courier.te	2009-06-08 21:43:15.000000000 -0400
 @@ -10,6 +10,7 @@
  
  type courier_etc_t;
@@ -10944,7 +10705,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.fc serefpolicy-3.6.14/policy/modules/services/cron.fc
 --- nsaserefpolicy/policy/modules/services/cron.fc	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/cron.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cron.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,4 @@
 +/etc/rc\.d/init\.d/atd		--	gen_context(system_u:object_r:crond_initrc_exec_t,s0)
  
@@ -10979,7 +10740,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/log/mcelog.*		--	gen_context(system_u:object_r:cron_log_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-3.6.14/policy/modules/services/cron.if
 --- nsaserefpolicy/policy/modules/services/cron.if	2008-11-11 16:13:47.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/cron.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cron.if	2009-06-08 21:43:15.000000000 -0400
 @@ -12,6 +12,10 @@
  ## </param>
  #
@@ -11281,7 +11042,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-3.6.14/policy/modules/services/cron.te
 --- nsaserefpolicy/policy/modules/services/cron.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/cron.te	2009-06-08 21:33:31.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cron.te	2009-06-08 21:43:15.000000000 -0400
 @@ -38,6 +38,10 @@
  type cron_var_lib_t;
  files_type(cron_var_lib_t)
@@ -11629,7 +11390,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.fc serefpolicy-3.6.14/policy/modules/services/cups.fc
 --- nsaserefpolicy/policy/modules/services/cups.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/cups.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cups.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -5,27 +5,38 @@
  /etc/cups/classes\.conf.* --	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
  /etc/cups/cupsd\.conf.* --	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
@@ -11705,7 +11466,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib/cups/backend/cups-pdf	--	gen_context(system_u:object_r:cups_pdf_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.if serefpolicy-3.6.14/policy/modules/services/cups.if
 --- nsaserefpolicy/policy/modules/services/cups.if	2008-11-11 16:13:47.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/cups.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cups.if	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,30 @@
  
  ########################################
@@ -11832,7 +11593,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.6.14/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/cups.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cups.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,9 +20,18 @@
  type cupsd_etc_t;
  files_config_file(cupsd_etc_t)
@@ -12273,7 +12034,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.te serefpolicy-3.6.14/policy/modules/services/cvs.te
 --- nsaserefpolicy/policy/modules/services/cvs.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/cvs.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/cvs.te	2009-06-08 21:43:15.000000000 -0400
 @@ -112,4 +112,5 @@
  	read_files_pattern(httpd_cvs_script_t, cvs_data_t, cvs_data_t)
  	manage_dirs_pattern(httpd_cvs_script_t, cvs_tmp_t, cvs_tmp_t)
@@ -12282,7 +12043,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.fc serefpolicy-3.6.14/policy/modules/services/dbus.fc
 --- nsaserefpolicy/policy/modules/services/dbus.fc	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dbus.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dbus.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -4,6 +4,9 @@
  /usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
  /bin/dbus-daemon 	--	gen_context(system_u:object_r:dbusd_exec_t,s0)
@@ -12295,7 +12056,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/run/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.6.14/policy/modules/services/dbus.if
 --- nsaserefpolicy/policy/modules/services/dbus.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dbus.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dbus.if	2009-06-08 21:43:15.000000000 -0400
 @@ -44,6 +44,7 @@
  
  		attribute session_bus_type;
@@ -12522,7 +12283,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.14/policy/modules/services/dbus.te
 --- nsaserefpolicy/policy/modules/services/dbus.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dbus.te	2009-06-08 21:27:13.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dbus.te	2009-06-08 21:43:15.000000000 -0400
 @@ -9,14 +9,15 @@
  #
  # Delcarations
@@ -12655,7 +12416,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +allow session_bus_type dbusd_unconfined:dbus send_msg;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.fc serefpolicy-3.6.14/policy/modules/services/dcc.fc
 --- nsaserefpolicy/policy/modules/services/dcc.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/dcc.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dcc.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -12,6 +12,8 @@
  
  /var/dcc(/.*)?				gen_context(system_u:object_r:dcc_var_t,s0)
@@ -12667,7 +12428,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/run/dcc/map		--	gen_context(system_u:object_r:dcc_client_map_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/devicekit.fc serefpolicy-3.6.14/policy/modules/services/devicekit.fc
 --- nsaserefpolicy/policy/modules/services/devicekit.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/devicekit.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/devicekit.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,9 @@
 +
 +/usr/libexec/devkit-daemon	--	gen_context(system_u:object_r:devicekit_exec_t,s0)
@@ -12680,7 +12441,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/run/DeviceKit-disk(/.*)?		gen_context(system_u:object_r:devicekit_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/devicekit.if serefpolicy-3.6.14/policy/modules/services/devicekit.if
 --- nsaserefpolicy/policy/modules/services/devicekit.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/devicekit.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/devicekit.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,197 @@
 +
 +## <summary>policy for devicekit</summary>
@@ -12881,7 +12642,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/devicekit.te serefpolicy-3.6.14/policy/modules/services/devicekit.te
 --- nsaserefpolicy/policy/modules/services/devicekit.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/devicekit.te	2009-06-08 21:32:42.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/devicekit.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,233 @@
 +policy_module(devicekit,1.0.0)
 +
@@ -13118,7 +12879,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +#')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp.if serefpolicy-3.6.14/policy/modules/services/dhcp.if
 --- nsaserefpolicy/policy/modules/services/dhcp.if	2008-11-18 18:57:20.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dhcp.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dhcp.if	2009-06-08 21:43:15.000000000 -0400
 @@ -22,6 +22,25 @@
  
  ########################################
@@ -13147,7 +12908,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## </summary>
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsmasq.if serefpolicy-3.6.14/policy/modules/services/dnsmasq.if
 --- nsaserefpolicy/policy/modules/services/dnsmasq.if	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/dnsmasq.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dnsmasq.if	2009-06-08 21:43:15.000000000 -0400
 @@ -22,6 +22,25 @@
  
  ########################################
@@ -13176,7 +12937,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsmasq.te serefpolicy-3.6.14/policy/modules/services/dnsmasq.te
 --- nsaserefpolicy/policy/modules/services/dnsmasq.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/dnsmasq.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dnsmasq.te	2009-06-08 21:43:15.000000000 -0400
 @@ -42,8 +42,7 @@
  files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, file)
  
@@ -13204,7 +12965,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.fc serefpolicy-3.6.14/policy/modules/services/dovecot.fc
 --- nsaserefpolicy/policy/modules/services/dovecot.fc	2008-11-11 16:13:47.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dovecot.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dovecot.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,7 @@
  /etc/dovecot\.passwd.*			gen_context(system_u:object_r:dovecot_passwd_t,s0)
  
@@ -13240,7 +13001,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/spool/dovecot(/.*)?		gen_context(system_u:object_r:dovecot_spool_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.if serefpolicy-3.6.14/policy/modules/services/dovecot.if
 --- nsaserefpolicy/policy/modules/services/dovecot.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dovecot.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dovecot.if	2009-06-08 21:43:15.000000000 -0400
 @@ -21,7 +21,46 @@
  
  ########################################
@@ -13352,7 +13113,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-3.6.14/policy/modules/services/dovecot.te
 --- nsaserefpolicy/policy/modules/services/dovecot.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/dovecot.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/dovecot.te	2009-06-08 21:43:15.000000000 -0400
 @@ -15,12 +15,21 @@
  domain_entry_file(dovecot_auth_t, dovecot_auth_exec_t)
  role system_r types dovecot_auth_t;
@@ -13537,7 +13298,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.fc serefpolicy-3.6.14/policy/modules/services/fail2ban.fc
 --- nsaserefpolicy/policy/modules/services/fail2ban.fc	2008-10-08 19:00:27.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/fail2ban.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fail2ban.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -2,5 +2,9 @@
  
  /usr/bin/fail2ban	--	gen_context(system_u:object_r:fail2ban_exec_t,s0)
@@ -13550,7 +13311,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/run/fail2ban.*		gen_context(system_u:object_r:fail2ban_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.if serefpolicy-3.6.14/policy/modules/services/fail2ban.if
 --- nsaserefpolicy/policy/modules/services/fail2ban.if	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/fail2ban.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fail2ban.if	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,25 @@
  
  ########################################
@@ -13588,7 +13349,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	allow $2 system_r;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.te serefpolicy-3.6.14/policy/modules/services/fail2ban.te
 --- nsaserefpolicy/policy/modules/services/fail2ban.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/fail2ban.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fail2ban.te	2009-06-08 21:43:15.000000000 -0400
 @@ -17,6 +17,9 @@
  type fail2ban_log_t;
  logging_log_file(fail2ban_log_t)
@@ -13620,7 +13381,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  manage_sock_files_pattern(fail2ban_t, fail2ban_var_run_t, fail2ban_var_run_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetchmail.te serefpolicy-3.6.14/policy/modules/services/fetchmail.te
 --- nsaserefpolicy/policy/modules/services/fetchmail.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/fetchmail.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fetchmail.te	2009-06-08 21:43:15.000000000 -0400
 @@ -9,6 +9,7 @@
  type fetchmail_t;
  type fetchmail_exec_t;
@@ -13631,7 +13392,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  files_pid_file(fetchmail_var_run_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fprintd.fc serefpolicy-3.6.14/policy/modules/services/fprintd.fc
 --- nsaserefpolicy/policy/modules/services/fprintd.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/fprintd.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fprintd.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,4 @@
 +
 +/usr/libexec/fprintd	--	gen_context(system_u:object_r:fprintd_exec_t,s0)
@@ -13639,7 +13400,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/lib/fprint(/.*)?		gen_context(system_u:object_r:fprintd_var_lib_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fprintd.if serefpolicy-3.6.14/policy/modules/services/fprintd.if
 --- nsaserefpolicy/policy/modules/services/fprintd.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/fprintd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fprintd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,43 @@
 +
 +## <summary>policy for fprintd</summary>
@@ -13686,7 +13447,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fprintd.te serefpolicy-3.6.14/policy/modules/services/fprintd.te
 --- nsaserefpolicy/policy/modules/services/fprintd.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/fprintd.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/fprintd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,52 @@
 +policy_module(fprintd,1.0.0)
 +
@@ -13742,7 +13503,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-3.6.14/policy/modules/services/ftp.te
 --- nsaserefpolicy/policy/modules/services/ftp.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ftp.te	2009-06-08 21:32:01.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ftp.te	2009-06-08 21:43:15.000000000 -0400
 @@ -26,7 +26,7 @@
  ## <desc>
  ## <p>
@@ -13852,7 +13613,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/git.te serefpolicy-3.6.14/policy/modules/services/git.te
 --- nsaserefpolicy/policy/modules/services/git.te	2009-04-07 15:53:35.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/git.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/git.te	2009-06-08 21:43:15.000000000 -0400
 @@ -7,3 +7,4 @@
  #
  
@@ -13860,14 +13621,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +permissive httpd_git_script_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.fc serefpolicy-3.6.14/policy/modules/services/gnomeclock.fc
 --- nsaserefpolicy/policy/modules/services/gnomeclock.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/gnomeclock.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/gnomeclock.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,3 @@
 +
 +/usr/libexec/gnome-clock-applet-mechanism	--	gen_context(system_u:object_r:gnomeclock_exec_t,s0)
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.if serefpolicy-3.6.14/policy/modules/services/gnomeclock.if
 --- nsaserefpolicy/policy/modules/services/gnomeclock.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/gnomeclock.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/gnomeclock.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,69 @@
 +
 +## <summary>policy for gnomeclock</summary>
@@ -13940,7 +13701,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.te serefpolicy-3.6.14/policy/modules/services/gnomeclock.te
 --- nsaserefpolicy/policy/modules/services/gnomeclock.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/gnomeclock.te	2009-06-08 21:32:07.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/gnomeclock.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,49 @@
 +policy_module(gnomeclock, 1.0.0)
 +########################################
@@ -13993,7 +13754,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gpm.if serefpolicy-3.6.14/policy/modules/services/gpm.if
 --- nsaserefpolicy/policy/modules/services/gpm.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/gpm.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/gpm.if	2009-06-08 21:43:15.000000000 -0400
 @@ -16,7 +16,7 @@
  		type gpmctl_t, gpm_t;
  	')
@@ -14005,7 +13766,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gpm.te serefpolicy-3.6.14/policy/modules/services/gpm.te
 --- nsaserefpolicy/policy/modules/services/gpm.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/gpm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/gpm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -54,6 +54,8 @@
  dev_rw_input_dev(gpm_t)
  dev_rw_mouse(gpm_t)
@@ -14015,9 +13776,57 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  fs_getattr_all_fs(gpm_t)
  fs_search_auto_mountpoints(gpm_t)
  
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gpsd.if serefpolicy-3.6.14/policy/modules/services/gpsd.if
+--- nsaserefpolicy/policy/modules/services/gpsd.if	2009-06-08 15:22:17.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/gpsd.if	2009-06-08 22:05:31.000000000 -0400
+@@ -33,11 +33,6 @@
+ ##      The role to be allowed the gpsd domain.
+ ##      </summary>
+ ## </param>
+-## <param name="terminal">
+-##      <summary>
+-##      The type of the role's terminal.
+-##      </summary>
+-## </param>
+ #
+ interface(`gpsd_run',`
+         gen_require(`
+@@ -46,7 +41,6 @@
+ 
+         gpsd_domtrans($1)
+         role $2 types gpsd_t;
+-        allow gpsd_t $3:chr_file rw_term_perms;
+ ')
+ 
+ ########################################
+@@ -70,3 +64,24 @@
+         read_lnk_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
+         fs_search_tmpfs($1)
+ ')
++
++########################################
++## <summary>
++##      Read/write gpsd tmpfs files.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      The type of the process performing this action.
++##      </summary>
++## </param>
++#
++interface(`gpsd_rw_tmpfs_files',`
++        gen_require(`
++                type gpsd_tmpfs_t;
++        ')
++
++        fs_search_tmpfs($1)
++        allow $1 gpsd_tmpfs_t:dir list_dir_perms;
++        rw_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
++        read_lnk_files_pattern($1, gpsd_tmpfs_t, gpsd_tmpfs_t)
++')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.fc serefpolicy-3.6.14/policy/modules/services/hal.fc
 --- nsaserefpolicy/policy/modules/services/hal.fc	2008-11-19 11:51:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/hal.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/hal.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -5,6 +5,7 @@
  /usr/bin/hal-setup-keymap		--	gen_context(system_u:object_r:hald_keymap_exec_t,s0)
  
@@ -14028,7 +13837,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /usr/libexec/hald-addon-macbookpro-backlight --	gen_context(system_u:object_r:hald_mac_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-3.6.14/policy/modules/services/hal.if
 --- nsaserefpolicy/policy/modules/services/hal.if	2008-11-19 11:51:44.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/hal.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/hal.if	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,24 @@
  
  ########################################
@@ -14156,7 +13965,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.14/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/hal.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/hal.te	2009-06-08 21:43:15.000000000 -0400
 @@ -49,6 +49,15 @@
  type hald_var_lib_t;
  files_type(hald_var_lib_t)
@@ -14346,7 +14155,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +permissive hald_dccm_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inetd.if serefpolicy-3.6.14/policy/modules/services/inetd.if
 --- nsaserefpolicy/policy/modules/services/inetd.if	2008-09-03 07:59:15.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/inetd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/inetd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -36,8 +36,7 @@
  	role system_r types $1;
  
@@ -14359,7 +14168,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.fc serefpolicy-3.6.14/policy/modules/services/kerberos.fc
 --- nsaserefpolicy/policy/modules/services/kerberos.fc	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/kerberos.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/kerberos.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,6 @@
 +HOME_DIR/\.k5login		--	gen_context(system_u:object_r:krb5_home_t,s0)
 +/root/\.k5login			--	gen_context(system_u:object_r:krb5_home_t,s0)
@@ -14394,7 +14203,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/log/kadmin(d)?\.log		gen_context(system_u:object_r:kadmind_log_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.if serefpolicy-3.6.14/policy/modules/services/kerberos.if
 --- nsaserefpolicy/policy/modules/services/kerberos.if	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/kerberos.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/kerberos.if	2009-06-08 21:43:15.000000000 -0400
 @@ -70,6 +70,7 @@
  interface(`kerberos_use',`
  	gen_require(`
@@ -14426,7 +14235,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.te serefpolicy-3.6.14/policy/modules/services/kerberos.te
 --- nsaserefpolicy/policy/modules/services/kerberos.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/kerberos.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/kerberos.te	2009-06-08 21:43:15.000000000 -0400
 @@ -33,6 +33,7 @@
  type kpropd_t;
  type kpropd_exec_t;
@@ -14455,7 +14264,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  corecmd_exec_bin(kpropd_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerneloops.if serefpolicy-3.6.14/policy/modules/services/kerneloops.if
 --- nsaserefpolicy/policy/modules/services/kerneloops.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/kerneloops.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/kerneloops.if	2009-06-08 21:43:15.000000000 -0400
 @@ -63,6 +63,25 @@
  
  ########################################
@@ -14500,7 +14309,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerneloops.te serefpolicy-3.6.14/policy/modules/services/kerneloops.te
 --- nsaserefpolicy/policy/modules/services/kerneloops.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/kerneloops.te	2009-06-08 21:32:13.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/kerneloops.te	2009-06-08 21:43:15.000000000 -0400
 @@ -13,6 +13,9 @@
  type kerneloops_initrc_exec_t;
  init_script_file(kerneloops_initrc_exec_t)
@@ -14542,7 +14351,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ktalk.te serefpolicy-3.6.14/policy/modules/services/ktalk.te
 --- nsaserefpolicy/policy/modules/services/ktalk.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ktalk.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ktalk.te	2009-06-08 21:43:15.000000000 -0400
 @@ -69,6 +69,7 @@
  files_read_etc_files(ktalkd_t)
  
@@ -14553,7 +14362,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lircd.te serefpolicy-3.6.14/policy/modules/services/lircd.te
 --- nsaserefpolicy/policy/modules/services/lircd.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/lircd.te	2009-06-08 21:32:18.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/lircd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -42,7 +42,17 @@
  # /dev/lircd socket
  manage_sock_files_pattern(lircd_t, lircd_sock_t, lircd_sock_t)
@@ -14574,7 +14383,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lpd.if serefpolicy-3.6.14/policy/modules/services/lpd.if
 --- nsaserefpolicy/policy/modules/services/lpd.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/lpd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/lpd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -134,6 +134,7 @@
  	files_search_spool($1)
  	manage_dirs_pattern($1, print_spool_t, print_spool_t)
@@ -14585,7 +14394,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.fc serefpolicy-3.6.14/policy/modules/services/mailman.fc
 --- nsaserefpolicy/policy/modules/services/mailman.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/mailman.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/mailman.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -31,3 +31,4 @@
  /var/lock/mailman(/.*)?			gen_context(system_u:object_r:mailman_lock_t,s0)
  /var/spool/mailman(/.*)?		gen_context(system_u:object_r:mailman_data_t,s0)
@@ -14593,7 +14402,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib/mailman/mail/mailman --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.if serefpolicy-3.6.14/policy/modules/services/mailman.if
 --- nsaserefpolicy/policy/modules/services/mailman.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/mailman.if	2009-06-08 21:33:12.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/mailman.if	2009-06-08 21:43:15.000000000 -0400
 @@ -31,6 +31,12 @@
  	allow mailman_$1_t self:tcp_socket create_stream_socket_perms;
  	allow mailman_$1_t self:udp_socket create_socket_perms;
@@ -14653,7 +14462,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.te serefpolicy-3.6.14/policy/modules/services/mailman.te
 --- nsaserefpolicy/policy/modules/services/mailman.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/mailman.te	2009-06-08 21:29:58.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/mailman.te	2009-06-08 21:43:15.000000000 -0400
 @@ -53,10 +53,8 @@
  	apache_use_fds(mailman_cgi_t)
  	apache_dontaudit_append_log(mailman_cgi_t)
@@ -14721,7 +14530,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	cron_system_entry(mailman_queue_t, mailman_queue_exec_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.fc serefpolicy-3.6.14/policy/modules/services/milter.fc
 --- nsaserefpolicy/policy/modules/services/milter.fc	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/milter.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/milter.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,8 +1,15 @@
  /usr/sbin/milter-regex				--	gen_context(system_u:object_r:regex_milter_exec_t,s0)
 -/var/spool/milter-regex(/.*)?				gen_context(system_u:object_r:regex_milter_data_t,s0)
@@ -14742,7 +14551,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/run/spamass-milter\.pid			--	gen_context(system_u:object_r:spamass_milter_data_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.if serefpolicy-3.6.14/policy/modules/services/milter.if
 --- nsaserefpolicy/policy/modules/services/milter.if	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/milter.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/milter.if	2009-06-08 21:43:15.000000000 -0400
 @@ -24,7 +24,7 @@
  
  	# Type for the milter data (e.g. the socket used to communicate with the MTA)
@@ -14754,7 +14563,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.te serefpolicy-3.6.14/policy/modules/services/milter.te
 --- nsaserefpolicy/policy/modules/services/milter.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/milter.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/milter.te	2009-06-08 21:43:15.000000000 -0400
 @@ -63,3 +63,40 @@
  
  # The main job of the milter is to pipe spam through spamc and act on the result
@@ -14798,7 +14607,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.fc serefpolicy-3.6.14/policy/modules/services/mta.fc
 --- nsaserefpolicy/policy/modules/services/mta.fc	2008-09-12 10:48:05.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/mta.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/mta.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,4 @@
 -/bin/mail		--	gen_context(system_u:object_r:sendmail_exec_t,s0)
 +/bin/mail(x)?		--	gen_context(system_u:object_r:sendmail_exec_t,s0)
@@ -14831,7 +14640,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/root/\.forward		--	gen_context(system_u:object_r:mail_forward_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.if serefpolicy-3.6.14/policy/modules/services/mta.if
 --- nsaserefpolicy/policy/modules/services/mta.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/mta.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/mta.if	2009-06-08 21:43:15.000000000 -0400
 @@ -130,6 +130,15 @@
  		sendmail_create_log($1_mail_t)
  	')
@@ -14935,7 +14744,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.6.14/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/mta.te	2009-06-08 21:30:05.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/mta.te	2009-06-08 21:43:15.000000000 -0400
 @@ -27,6 +27,9 @@
  type mail_spool_t;
  files_mountpoint(mail_spool_t)
@@ -15082,7 +14891,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # User send mail local policy
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.fc serefpolicy-3.6.14/policy/modules/services/munin.fc
 --- nsaserefpolicy/policy/modules/services/munin.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/munin.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/munin.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,5 @@
  /etc/munin(/.*)?			gen_context(system_u:object_r:munin_etc_t,s0)
 +/etc/rc\.d/init\.d/munin-node	--	gen_context(system_u:object_r:munin_initrc_exec_t,s0)
@@ -15102,7 +14911,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.if serefpolicy-3.6.14/policy/modules/services/munin.if
 --- nsaserefpolicy/policy/modules/services/munin.if	2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/munin.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/munin.if	2009-06-08 21:43:15.000000000 -0400
 @@ -59,8 +59,9 @@
  		type munin_log_t;
  	')
@@ -15172,7 +14981,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.te serefpolicy-3.6.14/policy/modules/services/munin.te
 --- nsaserefpolicy/policy/modules/services/munin.te	2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/munin.te	2009-06-08 21:30:09.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/munin.te	2009-06-08 21:43:15.000000000 -0400
 @@ -13,6 +13,9 @@
  type munin_etc_t alias lrrd_etc_t;
  files_config_file(munin_etc_t)
@@ -15308,7 +15117,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.fc serefpolicy-3.6.14/policy/modules/services/nagios.fc
 --- nsaserefpolicy/policy/modules/services/nagios.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/nagios.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nagios.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,16 +1,19 @@
  /etc/nagios(/.*)?			gen_context(system_u:object_r:nagios_etc_t,s0)
  /etc/nagios/nrpe\.cfg		--	gen_context(system_u:object_r:nrpe_etc_t,s0)
@@ -15335,7 +15144,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.if serefpolicy-3.6.14/policy/modules/services/nagios.if
 --- nsaserefpolicy/policy/modules/services/nagios.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/nagios.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nagios.if	2009-06-08 21:43:15.000000000 -0400
 @@ -44,7 +44,7 @@
  
  ########################################
@@ -15457,7 +15266,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.te serefpolicy-3.6.14/policy/modules/services/nagios.te
 --- nsaserefpolicy/policy/modules/services/nagios.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/nagios.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nagios.te	2009-06-08 21:43:15.000000000 -0400
 @@ -10,13 +10,12 @@
  type nagios_exec_t;
  init_daemon_domain(nagios_t, nagios_exec_t)
@@ -15555,7 +15364,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  #
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.fc serefpolicy-3.6.14/policy/modules/services/networkmanager.fc
 --- nsaserefpolicy/policy/modules/services/networkmanager.fc	2008-09-24 09:07:28.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/networkmanager.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/networkmanager.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,12 +1,25 @@
 +/etc/rc\.d/init\.d/wicd		--	gen_context(system_u:object_r:NetworkManager_initrc_exec_t, s0)
 +/etc/NetworkManager/dispatcher\.d(/.*)	gen_context(system_u:object_r:NetworkManager_initrc_exec_t,s0)
@@ -15584,7 +15393,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.if serefpolicy-3.6.14/policy/modules/services/networkmanager.if
 --- nsaserefpolicy/policy/modules/services/networkmanager.if	2008-09-11 11:28:34.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/networkmanager.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/networkmanager.if	2009-06-08 21:43:15.000000000 -0400
 @@ -118,6 +118,24 @@
  
  ########################################
@@ -15643,7 +15452,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.6.14/policy/modules/services/networkmanager.te
 --- nsaserefpolicy/policy/modules/services/networkmanager.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/networkmanager.te	2009-06-08 21:30:15.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/networkmanager.te	2009-06-08 21:43:15.000000000 -0400
 @@ -19,6 +19,9 @@
  type NetworkManager_tmp_t;
  files_tmp_file(NetworkManager_tmp_t)
@@ -15871,7 +15680,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.fc serefpolicy-3.6.14/policy/modules/services/nis.fc
 --- nsaserefpolicy/policy/modules/services/nis.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/nis.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nis.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,9 +1,13 @@
 -
 +/etc/rc\.d/init\.d/ypbind	--	gen_context(system_u:object_r:ypbind_initrc_exec_t,s0)
@@ -15889,7 +15698,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /usr/sbin/rpc\.ypxfrd	--	gen_context(system_u:object_r:ypxfr_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.if serefpolicy-3.6.14/policy/modules/services/nis.if
 --- nsaserefpolicy/policy/modules/services/nis.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/nis.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nis.if	2009-06-08 21:43:15.000000000 -0400
 @@ -28,7 +28,7 @@
  		type var_yp_t;
  	')
@@ -16069,7 +15878,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.te serefpolicy-3.6.14/policy/modules/services/nis.te
 --- nsaserefpolicy/policy/modules/services/nis.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/nis.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nis.te	2009-06-08 21:43:15.000000000 -0400
 @@ -13,6 +13,9 @@
  type ypbind_exec_t;
  init_daemon_domain(ypbind_t, ypbind_exec_t)
@@ -16146,7 +15955,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  corenet_tcp_connect_all_ports(ypxfr_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.fc serefpolicy-3.6.14/policy/modules/services/nscd.fc
 --- nsaserefpolicy/policy/modules/services/nscd.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/nscd.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nscd.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,4 @@
 +/etc/rc\.d/init\.d/nscd	--	gen_context(system_u:object_r:nscd_initrc_exec_t,s0)
  
@@ -16154,7 +15963,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.if serefpolicy-3.6.14/policy/modules/services/nscd.if
 --- nsaserefpolicy/policy/modules/services/nscd.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/nscd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nscd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -58,6 +58,42 @@
  
  ########################################
@@ -16279,7 +16088,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.te serefpolicy-3.6.14/policy/modules/services/nscd.te
 --- nsaserefpolicy/policy/modules/services/nscd.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/nscd.te	2009-06-08 21:30:21.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nscd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,9 @@
  type nscd_exec_t;
  init_daemon_domain(nscd_t, nscd_exec_t)
@@ -16371,7 +16180,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.if serefpolicy-3.6.14/policy/modules/services/ntp.if
 --- nsaserefpolicy/policy/modules/services/ntp.if	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/ntp.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ntp.if	2009-06-08 21:43:15.000000000 -0400
 @@ -37,6 +37,32 @@
  
  ########################################
@@ -16472,7 +16281,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.te serefpolicy-3.6.14/policy/modules/services/ntp.te
 --- nsaserefpolicy/policy/modules/services/ntp.te	2009-06-08 15:22:17.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/ntp.te	2009-06-08 21:30:26.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ntp.te	2009-06-08 21:43:15.000000000 -0400
 @@ -41,10 +41,11 @@
  
  # sys_resource and setrlimit is for locking memory
@@ -16513,7 +16322,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nx.te serefpolicy-3.6.14/policy/modules/services/nx.te
 --- nsaserefpolicy/policy/modules/services/nx.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/nx.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/nx.te	2009-06-08 21:43:15.000000000 -0400
 @@ -25,6 +25,9 @@
  type nx_server_var_run_t;
  files_pid_file(nx_server_var_run_t)
@@ -16536,7 +16345,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.fc serefpolicy-3.6.14/policy/modules/services/oddjob.fc
 --- nsaserefpolicy/policy/modules/services/oddjob.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/oddjob.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/oddjob.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,4 @@
 -/usr/lib/oddjob/mkhomedir	--	gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
 +/usr/lib(64)?/oddjob/mkhomedir	--	gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
@@ -16545,7 +16354,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.if serefpolicy-3.6.14/policy/modules/services/oddjob.if
 --- nsaserefpolicy/policy/modules/services/oddjob.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/oddjob.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/oddjob.if	2009-06-08 21:43:15.000000000 -0400
 @@ -44,6 +44,7 @@
  	')
  
@@ -16585,7 +16394,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.te serefpolicy-3.6.14/policy/modules/services/oddjob.te
 --- nsaserefpolicy/policy/modules/services/oddjob.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/oddjob.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/oddjob.te	2009-06-08 21:43:15.000000000 -0400
 @@ -10,14 +10,21 @@
  type oddjob_exec_t;
  domain_type(oddjob_t)
@@ -16644,7 +16453,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  userdom_manage_user_home_content_dirs(oddjob_mkhomedir_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pads.fc serefpolicy-3.6.14/policy/modules/services/pads.fc
 --- nsaserefpolicy/policy/modules/services/pads.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pads.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pads.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,12 @@
 +
 +/etc/pads-ether-codes   --      gen_context(system_u:object_r:pads_config_t, s0)
@@ -16660,7 +16469,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pads.if serefpolicy-3.6.14/policy/modules/services/pads.if
 --- nsaserefpolicy/policy/modules/services/pads.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pads.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pads.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,44 @@
 +## <summary>SELinux policy for PADS daemon.</summary>
 +## <desc>
@@ -16708,7 +16517,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pads.te serefpolicy-3.6.14/policy/modules/services/pads.te
 --- nsaserefpolicy/policy/modules/services/pads.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pads.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pads.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,65 @@
 +
 +policy_module(pads, 0.0.1) 
@@ -16777,7 +16586,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-3.6.14/policy/modules/services/pegasus.te
 --- nsaserefpolicy/policy/modules/services/pegasus.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pegasus.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pegasus.te	2009-06-08 21:43:15.000000000 -0400
 @@ -30,7 +30,7 @@
  # Local policy
  #
@@ -16851,7 +16660,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.fc serefpolicy-3.6.14/policy/modules/services/polkit.fc
 --- nsaserefpolicy/policy/modules/services/polkit.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/polkit.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/polkit.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,11 @@
 +
 +/usr/libexec/polkit-read-auth-helper	--	gen_context(system_u:object_r:polkit_auth_exec_t,s0)
@@ -16866,7 +16675,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/lib/misc/PolicyKit.reload			gen_context(system_u:object_r:polkit_reload_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.if serefpolicy-3.6.14/policy/modules/services/polkit.if
 --- nsaserefpolicy/policy/modules/services/polkit.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/polkit.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/polkit.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,241 @@
 +
 +## <summary>policy for polkit_auth</summary>
@@ -17111,7 +16920,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.te serefpolicy-3.6.14/policy/modules/services/polkit.te
 --- nsaserefpolicy/policy/modules/services/polkit.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/polkit.te	2009-06-08 21:30:32.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/polkit.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,235 @@
 +policy_module(polkit_auth, 1.0.0)
 +
@@ -17350,7 +17159,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/portreserve.te serefpolicy-3.6.14/policy/modules/services/portreserve.te
 --- nsaserefpolicy/policy/modules/services/portreserve.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/portreserve.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/portreserve.te	2009-06-08 21:43:15.000000000 -0400
 @@ -37,9 +37,12 @@
  manage_sock_files_pattern(portreserve_t, portreserve_var_run_t, portreserve_var_run_t)
  files_pid_filetrans(portreserve_t, portreserve_var_run_t, { file sock_file })
@@ -17368,7 +17177,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  files_read_etc_files(portreserve_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.fc serefpolicy-3.6.14/policy/modules/services/postfix.fc
 --- nsaserefpolicy/policy/modules/services/postfix.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/postfix.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/postfix.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -29,12 +29,10 @@
  /usr/lib/postfix/smtpd	--	gen_context(system_u:object_r:postfix_smtpd_exec_t,s0)
  /usr/lib/postfix/bounce	--	gen_context(system_u:object_r:postfix_bounce_exec_t,s0)
@@ -17384,7 +17193,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /usr/sbin/postkick	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.6.14/policy/modules/services/postfix.if
 --- nsaserefpolicy/policy/modules/services/postfix.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/postfix.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/postfix.if	2009-06-08 21:43:15.000000000 -0400
 @@ -46,6 +46,7 @@
  
  	allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
@@ -17619,7 +17428,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-3.6.14/policy/modules/services/postfix.te
 --- nsaserefpolicy/policy/modules/services/postfix.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/postfix.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/postfix.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,15 @@
  # Declarations
  #
@@ -17999,7 +17808,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +userdom_user_home_dir_filetrans_user_home_content(postfix_virtual_t, {file dir })
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.fc serefpolicy-3.6.14/policy/modules/services/postgresql.fc
 --- nsaserefpolicy/policy/modules/services/postgresql.fc	2008-08-14 13:08:27.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/postgresql.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/postgresql.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -2,6 +2,7 @@
  # /etc
  #
@@ -18010,7 +17819,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # /usr
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.if serefpolicy-3.6.14/policy/modules/services/postgresql.if
 --- nsaserefpolicy/policy/modules/services/postgresql.if	2009-05-22 10:28:56.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/postgresql.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/postgresql.if	2009-06-08 21:43:15.000000000 -0400
 @@ -64,7 +64,7 @@
  	allow $2 user_sepgsql_proc_exec_t:db_procedure { getattr execute };
  	type_transition $2 sepgsql_database_type:db_procedure user_sepgsql_proc_exec_t;
@@ -18078,7 +17887,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.te serefpolicy-3.6.14/policy/modules/services/postgresql.te
 --- nsaserefpolicy/policy/modules/services/postgresql.te	2009-05-22 10:28:56.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/postgresql.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/postgresql.te	2009-06-08 21:43:15.000000000 -0400
 @@ -32,6 +32,9 @@
  type postgresql_etc_t;
  files_config_file(postgresql_etc_t)
@@ -18107,7 +17916,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  corenet_tcp_connect_auth_port(postgresql_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.fc serefpolicy-3.6.14/policy/modules/services/ppp.fc
 --- nsaserefpolicy/policy/modules/services/ppp.fc	2008-09-11 11:28:34.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/ppp.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ppp.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,7 +1,7 @@
  #
  # /etc
@@ -18130,7 +17939,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # /sbin
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.if serefpolicy-3.6.14/policy/modules/services/ppp.if
 --- nsaserefpolicy/policy/modules/services/ppp.if	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ppp.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ppp.if	2009-06-08 21:43:15.000000000 -0400
 @@ -58,6 +58,25 @@
  
  ########################################
@@ -18233,7 +18042,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.te serefpolicy-3.6.14/policy/modules/services/ppp.te
 --- nsaserefpolicy/policy/modules/services/ppp.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ppp.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ppp.te	2009-06-08 21:43:15.000000000 -0400
 @@ -37,8 +37,8 @@
  type pppd_etc_rw_t;
  files_type(pppd_etc_rw_t)
@@ -18371,7 +18180,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -domtrans_pattern(pppd_t, pppd_script_exec_t, initrc_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.fc serefpolicy-3.6.14/policy/modules/services/prelude.fc
 --- nsaserefpolicy/policy/modules/services/prelude.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/prelude.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/prelude.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,9 @@
 +/etc/prelude-correlator(/.*)?   gen_context(system_u:object_r:prelude_correlator_config_t, s0)
 +
@@ -18400,7 +18209,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.if serefpolicy-3.6.14/policy/modules/services/prelude.if
 --- nsaserefpolicy/policy/modules/services/prelude.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/prelude.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/prelude.if	2009-06-08 21:43:15.000000000 -0400
 @@ -6,7 +6,7 @@
  ## </summary>
  ## <param name="domain">
@@ -18515,7 +18324,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.te serefpolicy-3.6.14/policy/modules/services/prelude.te
 --- nsaserefpolicy/policy/modules/services/prelude.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/prelude.te	2009-06-08 21:30:39.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/prelude.te	2009-06-08 21:43:15.000000000 -0400
 @@ -13,25 +13,57 @@
  type prelude_spool_t;
  files_type(prelude_spool_t)
@@ -18786,7 +18595,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  		mysql_search_db(httpd_prewikka_script_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/privoxy.te serefpolicy-3.6.14/policy/modules/services/privoxy.te
 --- nsaserefpolicy/policy/modules/services/privoxy.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/privoxy.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/privoxy.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,14 @@
  # Declarations
  #
@@ -18831,7 +18640,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.te serefpolicy-3.6.14/policy/modules/services/procmail.te
 --- nsaserefpolicy/policy/modules/services/procmail.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/procmail.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/procmail.te	2009-06-08 21:43:15.000000000 -0400
 @@ -77,6 +77,7 @@
  files_read_usr_files(procmail_t)
  
@@ -18870,7 +18679,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.fc serefpolicy-3.6.14/policy/modules/services/pyzor.fc
 --- nsaserefpolicy/policy/modules/services/pyzor.fc	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pyzor.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pyzor.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,6 +1,10 @@
  /etc/pyzor(/.*)?		gen_context(system_u:object_r:pyzor_etc_t, s0)
 +/etc/rc\.d/init\.d/pyzord	--	gen_context(system_u:object_r:pyzord_initrc_exec_t,s0)
@@ -18884,7 +18693,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /usr/bin/pyzord		--	gen_context(system_u:object_r:pyzord_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.if serefpolicy-3.6.14/policy/modules/services/pyzor.if
 --- nsaserefpolicy/policy/modules/services/pyzor.if	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pyzor.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pyzor.if	2009-06-08 21:43:15.000000000 -0400
 @@ -88,3 +88,50 @@
  	corecmd_search_bin($1)
  	can_exec($1, pyzor_exec_t)
@@ -18938,7 +18747,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.te serefpolicy-3.6.14/policy/modules/services/pyzor.te
 --- nsaserefpolicy/policy/modules/services/pyzor.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/pyzor.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/pyzor.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,38 @@
  # Declarations
  #
@@ -18997,7 +18806,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razor.fc serefpolicy-3.6.14/policy/modules/services/razor.fc
 --- nsaserefpolicy/policy/modules/services/razor.fc	2008-11-11 16:13:45.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/razor.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/razor.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,4 @@
 +/root/\.razor(/.*)?		gen_context(system_u:object_r:razor_home_t,s0)
  HOME_DIR/\.razor(/.*)?		gen_context(system_u:object_r:razor_home_t,s0)
@@ -19005,7 +18814,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /etc/razor(/.*)?		gen_context(system_u:object_r:razor_etc_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razor.if serefpolicy-3.6.14/policy/modules/services/razor.if
 --- nsaserefpolicy/policy/modules/services/razor.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/razor.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/razor.if	2009-06-08 21:43:15.000000000 -0400
 @@ -157,3 +157,45 @@
  
  	domtrans_pattern($1, razor_exec_t, razor_t)
@@ -19054,7 +18863,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razor.te serefpolicy-3.6.14/policy/modules/services/razor.te
 --- nsaserefpolicy/policy/modules/services/razor.te	2009-01-19 11:07:32.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/razor.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/razor.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,32 @@
  # Declarations
  #
@@ -19108,7 +18917,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rhgb.te serefpolicy-3.6.14/policy/modules/services/rhgb.te
 --- nsaserefpolicy/policy/modules/services/rhgb.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/rhgb.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rhgb.te	2009-06-08 21:43:15.000000000 -0400
 @@ -118,7 +118,7 @@
  xserver_domtrans(rhgb_t)
  xserver_signal(rhgb_t)
@@ -19120,7 +18929,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	consoletype_exec(rhgb_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ricci.te serefpolicy-3.6.14/policy/modules/services/ricci.te
 --- nsaserefpolicy/policy/modules/services/ricci.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ricci.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ricci.te	2009-06-08 21:43:15.000000000 -0400
 @@ -133,6 +133,8 @@
  
  dev_read_urand(ricci_t)
@@ -19227,7 +19036,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	ccs_read_config(ricci_modstorage_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rlogin.fc serefpolicy-3.6.14/policy/modules/services/rlogin.fc
 --- nsaserefpolicy/policy/modules/services/rlogin.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/rlogin.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rlogin.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -4,3 +4,5 @@
  /usr/lib(64)?/telnetlogin	--	gen_context(system_u:object_r:rlogind_exec_t,s0)
  
@@ -19236,7 +19045,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +HOME_DIR/\.rlogin		--	gen_context(system_u:object_r:rlogind_home_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rlogin.if serefpolicy-3.6.14/policy/modules/services/rlogin.if
 --- nsaserefpolicy/policy/modules/services/rlogin.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/rlogin.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rlogin.if	2009-06-08 21:43:15.000000000 -0400
 @@ -18,3 +18,30 @@
  	corecmd_search_bin($1)
  	domtrans_pattern($1, rlogind_exec_t, rlogind_t)
@@ -19270,7 +19079,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rlogin.te serefpolicy-3.6.14/policy/modules/services/rlogin.te
 --- nsaserefpolicy/policy/modules/services/rlogin.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/rlogin.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rlogin.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,9 @@
  type rlogind_var_run_t;
  files_pid_file(rlogind_var_run_t)
@@ -19292,7 +19101,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  seutil_read_config(rlogind_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.6.14/policy/modules/services/rpc.te
 --- nsaserefpolicy/policy/modules/services/rpc.te	2009-03-20 12:39:39.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/rpc.te	2009-06-08 21:31:11.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rpc.te	2009-06-08 21:43:15.000000000 -0400
 @@ -23,7 +23,7 @@
  gen_tunable(allow_nfsd_anon_write, false)
  
@@ -19397,7 +19206,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rshd.te serefpolicy-3.6.14/policy/modules/services/rshd.te
 --- nsaserefpolicy/policy/modules/services/rshd.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/rshd.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rshd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -51,7 +51,7 @@
  
  files_list_home(rshd_t)
@@ -19420,7 +19229,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsync.te serefpolicy-3.6.14/policy/modules/services/rsync.te
 --- nsaserefpolicy/policy/modules/services/rsync.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/rsync.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/rsync.te	2009-06-08 21:43:15.000000000 -0400
 @@ -8,6 +8,13 @@
  
  ## <desc>
@@ -19457,7 +19266,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  auth_can_read_shadow_passwords(rsync_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.fc serefpolicy-3.6.14/policy/modules/services/samba.fc
 --- nsaserefpolicy/policy/modules/services/samba.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/samba.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/samba.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -2,6 +2,9 @@
  #
  # /etc
@@ -19486,7 +19295,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.if serefpolicy-3.6.14/policy/modules/services/samba.if
 --- nsaserefpolicy/policy/modules/services/samba.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/samba.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/samba.if	2009-06-08 21:43:15.000000000 -0400
 @@ -4,6 +4,45 @@
  ##	from Windows NT servers.
  ## </summary>
@@ -19886,7 +19695,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.te serefpolicy-3.6.14/policy/modules/services/samba.te
 --- nsaserefpolicy/policy/modules/services/samba.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/samba.te	2009-06-08 21:27:52.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/samba.te	2009-06-08 21:43:15.000000000 -0400
 @@ -66,6 +66,13 @@
  ## </desc>
  gen_tunable(samba_share_nfs, false)
@@ -20344,7 +20153,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +allow smbcontrol_t nmbd_var_run_t:file { read lock };
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.te serefpolicy-3.6.14/policy/modules/services/sasl.te
 --- nsaserefpolicy/policy/modules/services/sasl.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/sasl.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/sasl.te	2009-06-08 21:43:15.000000000 -0400
 @@ -99,6 +99,7 @@
  
  optional_policy(`
@@ -20366,7 +20175,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.if serefpolicy-3.6.14/policy/modules/services/sendmail.if
 --- nsaserefpolicy/policy/modules/services/sendmail.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/sendmail.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/sendmail.if	2009-06-08 21:43:15.000000000 -0400
 @@ -59,20 +59,20 @@
  
  ########################################
@@ -20496,7 +20305,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.te serefpolicy-3.6.14/policy/modules/services/sendmail.te
 --- nsaserefpolicy/policy/modules/services/sendmail.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/sendmail.te	2009-06-08 21:27:58.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/sendmail.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,13 +20,17 @@
  mta_mailserver_delivery(sendmail_t)
  mta_mailserver_sender(sendmail_t)
@@ -20670,7 +20479,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -') dnl end TODO
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.fc serefpolicy-3.6.14/policy/modules/services/setroubleshoot.fc
 --- nsaserefpolicy/policy/modules/services/setroubleshoot.fc	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/setroubleshoot.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/setroubleshoot.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,3 +1,5 @@
 +/etc/rc\.d/init\.d/setroubleshoot	--	gen_context(system_u:object_r:setroubleshoot_initrc_exec_t,s0)
 +
@@ -20679,7 +20488,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/run/setroubleshoot(/.*)?		gen_context(system_u:object_r:setroubleshoot_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.if serefpolicy-3.6.14/policy/modules/services/setroubleshoot.if
 --- nsaserefpolicy/policy/modules/services/setroubleshoot.if	2008-08-07 11:15:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/setroubleshoot.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/setroubleshoot.if	2009-06-08 21:43:15.000000000 -0400
 @@ -16,8 +16,8 @@
  	')
  
@@ -20764,7 +20573,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.te serefpolicy-3.6.14/policy/modules/services/setroubleshoot.te
 --- nsaserefpolicy/policy/modules/services/setroubleshoot.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/setroubleshoot.te	2009-06-08 21:28:03.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/setroubleshoot.te	2009-06-08 21:43:15.000000000 -0400
 @@ -11,6 +11,9 @@
  domain_type(setroubleshootd_t)
  init_daemon_domain(setroubleshootd_t, setroubleshootd_exec_t)
@@ -20853,7 +20662,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	rpm_use_script_fds(setroubleshootd_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/shorewall.fc serefpolicy-3.6.14/policy/modules/services/shorewall.fc
 --- nsaserefpolicy/policy/modules/services/shorewall.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/shorewall.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/shorewall.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,12 @@
 +
 +/etc/rc\.d/init\.d/shorewall        	--      gen_context(system_u:object_r:shorewall_initrc_exec_t,s0)
@@ -20869,7 +20678,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/lib/shorewall-lite(/.*)?           	gen_context(system_u:object_r:shorewall_var_lib_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/shorewall.if serefpolicy-3.6.14/policy/modules/services/shorewall.if
 --- nsaserefpolicy/policy/modules/services/shorewall.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/shorewall.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/shorewall.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,166 @@
 +## <summary>policy for shorewall</summary>
 +
@@ -21039,7 +20848,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/shorewall.te serefpolicy-3.6.14/policy/modules/services/shorewall.te
 --- nsaserefpolicy/policy/modules/services/shorewall.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/shorewall.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/shorewall.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,102 @@
 +policy_module(shorewall,1.0.0)
 +
@@ -21145,7 +20954,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smartmon.te serefpolicy-3.6.14/policy/modules/services/smartmon.te
 --- nsaserefpolicy/policy/modules/services/smartmon.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/smartmon.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/smartmon.te	2009-06-08 21:43:15.000000000 -0400
 @@ -19,6 +19,10 @@
  type fsdaemon_tmp_t;
  files_tmp_file(fsdaemon_tmp_t)
@@ -21205,7 +21014,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snort.if serefpolicy-3.6.14/policy/modules/services/snort.if
 --- nsaserefpolicy/policy/modules/services/snort.if	2008-10-10 15:53:03.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/snort.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/snort.if	2009-06-08 21:43:15.000000000 -0400
 @@ -38,6 +38,7 @@
  interface(`snort_admin',`
  	gen_require(`
@@ -21216,7 +21025,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snort.te serefpolicy-3.6.14/policy/modules/services/snort.te
 --- nsaserefpolicy/policy/modules/services/snort.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/snort.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/snort.te	2009-06-08 21:43:15.000000000 -0400
 @@ -56,6 +56,7 @@
  files_pid_filetrans(snort_t, snort_var_run_t, file)
  
@@ -21249,7 +21058,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.fc serefpolicy-3.6.14/policy/modules/services/spamassassin.fc
 --- nsaserefpolicy/policy/modules/services/spamassassin.fc	2008-11-25 09:01:08.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/spamassassin.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/spamassassin.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,15 +1,25 @@
 -HOME_DIR/\.spamassassin(/.*)?	gen_context(system_u:object_r:spamassassin_home_t,s0)
 +/root/\.spamassassin(/.*)?	gen_context(system_u:object_r:spamc_home_t,s0)
@@ -21281,7 +21090,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/spool/MIMEDefang(/.*)?		gen_context(system_u:object_r:spamd_spool_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.if serefpolicy-3.6.14/policy/modules/services/spamassassin.if
 --- nsaserefpolicy/policy/modules/services/spamassassin.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/spamassassin.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/spamassassin.if	2009-06-08 21:43:15.000000000 -0400
 @@ -111,6 +111,7 @@
  	')
  
@@ -21370,7 +21179,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.6.14/policy/modules/services/spamassassin.te
 --- nsaserefpolicy/policy/modules/services/spamassassin.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/spamassassin.te	2009-06-08 21:28:08.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/spamassassin.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,35 @@
  ## </desc>
  gen_tunable(spamd_enable_home_dirs, true)
@@ -21670,7 +21479,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-3.6.14/policy/modules/services/squid.te
 --- nsaserefpolicy/policy/modules/services/squid.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/squid.te	2009-06-08 21:29:27.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/squid.te	2009-06-08 21:43:15.000000000 -0400
 @@ -118,6 +118,8 @@
  
  fs_getattr_all_fs(squid_t)
@@ -21691,7 +21500,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -') dnl end TODO
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.fc serefpolicy-3.6.14/policy/modules/services/ssh.fc
 --- nsaserefpolicy/policy/modules/services/ssh.fc	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ssh.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ssh.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -14,3 +14,5 @@
  /usr/sbin/sshd			--	gen_context(system_u:object_r:sshd_exec_t,s0)
  
@@ -21700,7 +21509,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/root/\.ssh(/.*)?			gen_context(system_u:object_r:home_ssh_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.if serefpolicy-3.6.14/policy/modules/services/ssh.if
 --- nsaserefpolicy/policy/modules/services/ssh.if	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ssh.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ssh.if	2009-06-08 21:43:15.000000000 -0400
 @@ -36,6 +36,7 @@
  	gen_require(`
  		attribute ssh_server;
@@ -21985,7 +21794,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.te serefpolicy-3.6.14/policy/modules/services/ssh.te
 --- nsaserefpolicy/policy/modules/services/ssh.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/ssh.te	2009-06-08 21:29:34.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ssh.te	2009-06-08 21:43:15.000000000 -0400
 @@ -41,6 +41,9 @@
  files_tmp_file(sshd_tmp_t)
  files_poly_parent(sshd_tmp_t)
@@ -22155,7 +21964,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sssd.fc serefpolicy-3.6.14/policy/modules/services/sssd.fc
 --- nsaserefpolicy/policy/modules/services/sssd.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/sssd.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/sssd.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,6 @@
 +
 +/usr/sbin/sssd	--	gen_context(system_u:object_r:sssd_exec_t,s0)
@@ -22165,7 +21974,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/lib/sss(/.*)?			gen_context(system_u:object_r:sssd_var_lib_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sssd.if serefpolicy-3.6.14/policy/modules/services/sssd.if
 --- nsaserefpolicy/policy/modules/services/sssd.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/sssd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/sssd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,249 @@
 +
 +## <summary>policy for sssd</summary>
@@ -22418,7 +22227,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sssd.te serefpolicy-3.6.14/policy/modules/services/sssd.te
 --- nsaserefpolicy/policy/modules/services/sssd.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/sssd.te	2009-06-08 21:28:15.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/sssd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,72 @@
 +policy_module(sssd,1.0.0)
 +
@@ -22494,7 +22303,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.if serefpolicy-3.6.14/policy/modules/services/tftp.if
 --- nsaserefpolicy/policy/modules/services/tftp.if	2008-11-11 16:13:45.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/tftp.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/tftp.if	2009-06-08 21:43:15.000000000 -0400
 @@ -2,6 +2,24 @@
  
  ########################################
@@ -22522,7 +22331,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## </summary>
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ulogd.if serefpolicy-3.6.14/policy/modules/services/ulogd.if
 --- nsaserefpolicy/policy/modules/services/ulogd.if	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/ulogd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/ulogd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -60,6 +60,25 @@
  	read_files_pattern($1, ulogd_var_log_t, ulogd_var_log_t)
  ')
@@ -22551,7 +22360,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ##	Allow the specified domain to append to ulogd's log files.
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/uucp.te serefpolicy-3.6.14/policy/modules/services/uucp.te
 --- nsaserefpolicy/policy/modules/services/uucp.te	2009-03-23 13:47:11.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/uucp.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/uucp.te	2009-06-08 21:43:15.000000000 -0400
 @@ -129,6 +129,7 @@
  optional_policy(`
  	mta_send_mail(uux_t)
@@ -22562,7 +22371,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/varnishd.fc serefpolicy-3.6.14/policy/modules/services/varnishd.fc
 --- nsaserefpolicy/policy/modules/services/varnishd.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/varnishd.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/varnishd.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,20 @@
 +
 +/etc/rc\.d/init\.d/varnish		--		gen_context(system_u:object_r:varnishd_initrc_exec_t,s0)
@@ -22586,7 +22395,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/varnishd.if serefpolicy-3.6.14/policy/modules/services/varnishd.if
 --- nsaserefpolicy/policy/modules/services/varnishd.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/varnishd.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/varnishd.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,202 @@
 +## <summary>Varnishd http accelerator daemon</summary>
 +
@@ -22792,7 +22601,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/varnishd.te serefpolicy-3.6.14/policy/modules/services/varnishd.te
 --- nsaserefpolicy/policy/modules/services/varnishd.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/varnishd.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/varnishd.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,137 @@
 +policy_module(varnishd,1.0.0)
 +
@@ -22933,7 +22742,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +permissive varnishlog_t;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.fc serefpolicy-3.6.14/policy/modules/services/virt.fc
 --- nsaserefpolicy/policy/modules/services/virt.fc	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/virt.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/virt.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -8,5 +8,16 @@
  
  /var/lib/libvirt(/.*)?		gen_context(system_u:object_r:virt_var_lib_t,s0)
@@ -22953,7 +22762,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/run/libvirt/qemu(/.*)? 	gen_context(system_u:object_r:svirt_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.if serefpolicy-3.6.14/policy/modules/services/virt.if
 --- nsaserefpolicy/policy/modules/services/virt.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/virt.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/virt.if	2009-06-08 21:43:15.000000000 -0400
 @@ -2,28 +2,6 @@
  
  ########################################
@@ -23117,7 +22926,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/virt.te serefpolicy-3.6.14/policy/modules/services/virt.te
 --- nsaserefpolicy/policy/modules/services/virt.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/virt.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/virt.te	2009-06-08 21:43:15.000000000 -0400
 @@ -8,19 +8,31 @@
  
  ## <desc>
@@ -23438,7 +23247,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/w3c.te serefpolicy-3.6.14/policy/modules/services/w3c.te
 --- nsaserefpolicy/policy/modules/services/w3c.te	2008-08-25 09:12:31.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/w3c.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/w3c.te	2009-06-08 21:43:15.000000000 -0400
 @@ -8,11 +8,18 @@
  
  apache_content_template(w3c_validator)
@@ -23460,7 +23269,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  corenet_tcp_connect_http_port(httpd_w3c_validator_script_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.fc serefpolicy-3.6.14/policy/modules/services/xserver.fc
 --- nsaserefpolicy/policy/modules/services/xserver.fc	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/xserver.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/xserver.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -3,12 +3,16 @@
  #
  HOME_DIR/\.fonts\.conf	--	gen_context(system_u:object_r:user_fonts_config_t,s0)
@@ -23530,7 +23339,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /var/lib/pam_devperm/:0	--	gen_context(system_u:object_r:xdm_var_lib_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.6.14/policy/modules/services/xserver.if
 --- nsaserefpolicy/policy/modules/services/xserver.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/xserver.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/xserver.if	2009-06-08 21:43:15.000000000 -0400
 @@ -90,7 +90,7 @@
  	allow $2 xauth_home_t:file manage_file_perms;
  	allow $2 xauth_home_t:file { relabelfrom relabelto };
@@ -24180,7 +23989,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.6.14/policy/modules/services/xserver.te
 --- nsaserefpolicy/policy/modules/services/xserver.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/services/xserver.te	2009-06-08 21:32:28.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/xserver.te	2009-06-08 21:43:15.000000000 -0400
 @@ -34,6 +34,13 @@
  
  ## <desc>
@@ -24911,7 +24720,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -') dnl end TODO
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zosremote.if serefpolicy-3.6.14/policy/modules/services/zosremote.if
 --- nsaserefpolicy/policy/modules/services/zosremote.if	2009-03-20 12:39:39.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/services/zosremote.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/services/zosremote.if	2009-06-08 21:43:15.000000000 -0400
 @@ -12,7 +12,7 @@
  #
  interface(`zosremote_domtrans',`
@@ -24923,7 +24732,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
          domtrans_pattern($1, zos_remote_exec_t, zos_remote_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/application.if serefpolicy-3.6.14/policy/modules/system/application.if
 --- nsaserefpolicy/policy/modules/system/application.if	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/application.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/application.if	2009-06-08 21:43:15.000000000 -0400
 @@ -2,7 +2,7 @@
  
  ########################################
@@ -24957,7 +24766,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/application.te serefpolicy-3.6.14/policy/modules/system/application.te
 --- nsaserefpolicy/policy/modules/system/application.te	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/application.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/application.te	2009-06-08 21:43:15.000000000 -0400
 @@ -7,8 +7,18 @@
  # Executables to be run by user
  attribute application_exec_type;
@@ -24979,7 +24788,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.fc serefpolicy-3.6.14/policy/modules/system/authlogin.fc
 --- nsaserefpolicy/policy/modules/system/authlogin.fc	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/authlogin.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/authlogin.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -7,12 +7,10 @@
  /etc/passwd\.lock	--	gen_context(system_u:object_r:shadow_t,s0)
  /etc/shadow.*		--	gen_context(system_u:object_r:shadow_t,s0)
@@ -25008,7 +24817,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/cache/coolkey(/.*)?	gen_context(system_u:object_r:auth_cache_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.6.14/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/authlogin.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/authlogin.if	2009-06-08 21:43:15.000000000 -0400
 @@ -43,22 +43,42 @@
  interface(`auth_login_pgm_domain',`
  	gen_require(`
@@ -25357,7 +25166,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.6.14/policy/modules/system/authlogin.te
 --- nsaserefpolicy/policy/modules/system/authlogin.te	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/authlogin.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/authlogin.te	2009-06-08 21:43:15.000000000 -0400
 @@ -12,7 +12,7 @@
  
  type chkpwd_t, can_read_shadow_passwords;
@@ -25439,7 +25248,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  mls_file_read_all_levels(pam_console_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.fc serefpolicy-3.6.14/policy/modules/system/fstools.fc
 --- nsaserefpolicy/policy/modules/system/fstools.fc	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/fstools.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/fstools.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,3 @@
 -/sbin/badblocks		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
  /sbin/blkid		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
@@ -25455,7 +25264,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  /sbin/partx		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.te serefpolicy-3.6.14/policy/modules/system/fstools.te
 --- nsaserefpolicy/policy/modules/system/fstools.te	2009-04-06 12:42:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/fstools.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/fstools.te	2009-06-08 21:43:15.000000000 -0400
 @@ -97,6 +97,10 @@
  fs_getattr_tmpfs_dirs(fsadm_t)
  fs_read_tmpfs_symlinks(fsadm_t)
@@ -25486,7 +25295,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-3.6.14/policy/modules/system/hostname.te
 --- nsaserefpolicy/policy/modules/system/hostname.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/hostname.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/hostname.te	2009-06-08 21:43:15.000000000 -0400
 @@ -8,7 +8,9 @@
  
  type hostname_t;
@@ -25500,7 +25309,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.fc serefpolicy-3.6.14/policy/modules/system/init.fc
 --- nsaserefpolicy/policy/modules/system/init.fc	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/init.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/init.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -4,10 +4,10 @@
  /etc/init\.d/.*		--	gen_context(system_u:object_r:initrc_exec_t,s0)
  
@@ -25525,7 +25334,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  #
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-3.6.14/policy/modules/system/init.if
 --- nsaserefpolicy/policy/modules/system/init.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/init.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/init.if	2009-06-08 21:43:15.000000000 -0400
 @@ -174,6 +174,7 @@
  	role system_r types $1;
  
@@ -25736,7 +25545,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.6.14/policy/modules/system/init.te
 --- nsaserefpolicy/policy/modules/system/init.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/init.te	2009-06-08 21:28:43.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/init.te	2009-06-08 21:43:15.000000000 -0400
 @@ -17,6 +17,20 @@
  ## </desc>
  gen_tunable(init_upstart,false)
@@ -26116,7 +25925,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.te serefpolicy-3.6.14/policy/modules/system/ipsec.te
 --- nsaserefpolicy/policy/modules/system/ipsec.te	2009-04-06 12:42:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/ipsec.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/ipsec.te	2009-06-08 21:43:15.000000000 -0400
 @@ -55,7 +55,7 @@
  
  allow ipsec_t self:capability { net_admin dac_override dac_read_search };
@@ -26185,7 +25994,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ipsec_setcontext_default_spd(setkey_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.fc serefpolicy-3.6.14/policy/modules/system/iptables.fc
 --- nsaserefpolicy/policy/modules/system/iptables.fc	2009-04-06 12:42:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/iptables.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/iptables.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,9 +1,10 @@
 -/sbin/ip6tables.*	--	gen_context(system_u:object_r:iptables_exec_t,s0)
  /sbin/ipchains.*	--	gen_context(system_u:object_r:iptables_exec_t,s0)
@@ -26204,7 +26013,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -/var/lib/shorewall(/.*)? --	gen_context(system_u:object_r:iptables_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.te serefpolicy-3.6.14/policy/modules/system/iptables.te
 --- nsaserefpolicy/policy/modules/system/iptables.te	2009-04-06 12:42:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/iptables.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/iptables.te	2009-06-08 21:43:15.000000000 -0400
 @@ -53,6 +53,7 @@
  mls_file_read_all_levels(iptables_t)
  
@@ -26215,7 +26024,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.if serefpolicy-3.6.14/policy/modules/system/iscsi.if
 --- nsaserefpolicy/policy/modules/system/iscsi.if	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/iscsi.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/iscsi.if	2009-06-08 21:43:15.000000000 -0400
 @@ -17,3 +17,43 @@
  
  	domtrans_pattern($1,iscsid_exec_t,iscsid_t)
@@ -26262,7 +26071,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.te serefpolicy-3.6.14/policy/modules/system/iscsi.te
 --- nsaserefpolicy/policy/modules/system/iscsi.te	2009-03-20 12:39:39.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/iscsi.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/iscsi.te	2009-06-08 21:43:15.000000000 -0400
 @@ -55,6 +55,7 @@
  files_pid_filetrans(iscsid_t,iscsi_var_run_t,file)
  
@@ -26282,7 +26091,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +miscfiles_read_localization(iscsid_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-3.6.14/policy/modules/system/libraries.fc
 --- nsaserefpolicy/policy/modules/system/libraries.fc	2009-06-08 15:22:18.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/libraries.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/libraries.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -60,12 +60,15 @@
  #
  # /opt
@@ -26482,7 +26291,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib(64)?/ICAClient/.*\.so(\.[^/]*)*	gen_context(system_u:object_r:textrel_shlib_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.if serefpolicy-3.6.14/policy/modules/system/libraries.if
 --- nsaserefpolicy/policy/modules/system/libraries.if	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/libraries.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/libraries.if	2009-06-08 21:43:15.000000000 -0400
 @@ -60,7 +60,7 @@
  		type lib_t, ld_so_t, ld_so_cache_t;
  	')
@@ -26512,7 +26321,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	mmap_files_pattern($1,lib_t,{ lib_t textrel_shlib_t })
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.te serefpolicy-3.6.14/policy/modules/system/libraries.te
 --- nsaserefpolicy/policy/modules/system/libraries.te	2009-06-08 15:22:18.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/libraries.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/libraries.te	2009-06-08 21:43:15.000000000 -0400
 @@ -52,11 +52,11 @@
  # ldconfig local policy
  #
@@ -26571,7 +26380,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-3.6.14/policy/modules/system/locallogin.te
 --- nsaserefpolicy/policy/modules/system/locallogin.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/locallogin.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/locallogin.te	2009-06-08 21:43:15.000000000 -0400
 @@ -67,6 +67,7 @@
  dev_setattr_power_mgmt_dev(local_login_t)
  dev_getattr_sound_dev(local_login_t)
@@ -26660,7 +26469,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.fc serefpolicy-3.6.14/policy/modules/system/logging.fc
 --- nsaserefpolicy/policy/modules/system/logging.fc	2008-09-24 09:07:28.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/logging.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/logging.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -53,15 +53,18 @@
  /var/named/chroot/var/log -d	gen_context(system_u:object_r:var_log_t,s0)
  ')
@@ -26686,7 +26495,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.if serefpolicy-3.6.14/policy/modules/system/logging.if
 --- nsaserefpolicy/policy/modules/system/logging.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/logging.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/logging.if	2009-06-08 21:43:15.000000000 -0400
 @@ -623,7 +623,7 @@
  	')
  
@@ -26707,7 +26516,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.te serefpolicy-3.6.14/policy/modules/system/logging.te
 --- nsaserefpolicy/policy/modules/system/logging.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/logging.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/logging.te	2009-06-08 21:43:15.000000000 -0400
 @@ -126,7 +126,7 @@
  allow auditd_t self:process { signal_perms setpgid setsched };
  allow auditd_t self:file rw_file_perms;
@@ -26802,7 +26611,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-3.6.14/policy/modules/system/lvm.te
 --- nsaserefpolicy/policy/modules/system/lvm.te	2009-05-21 08:43:08.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/lvm.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/lvm.te	2009-06-08 21:43:15.000000000 -0400
 @@ -10,6 +10,9 @@
  type clvmd_exec_t;
  init_daemon_domain(clvmd_t, clvmd_exec_t)
@@ -26891,7 +26700,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	modutils_domtrans_insmod(lvm_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfiles.if serefpolicy-3.6.14/policy/modules/system/miscfiles.if
 --- nsaserefpolicy/policy/modules/system/miscfiles.if	2009-03-20 12:39:40.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/miscfiles.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/miscfiles.if	2009-06-08 21:43:15.000000000 -0400
 @@ -87,6 +87,25 @@
  
  ########################################
@@ -26920,7 +26729,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <param name="domain">
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-3.6.14/policy/modules/system/modutils.te
 --- nsaserefpolicy/policy/modules/system/modutils.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/modutils.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/modutils.te	2009-06-08 21:43:15.000000000 -0400
 @@ -42,7 +42,7 @@
  # insmod local policy
  #
@@ -27035,7 +26844,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  #################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.fc serefpolicy-3.6.14/policy/modules/system/mount.fc
 --- nsaserefpolicy/policy/modules/system/mount.fc	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/mount.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/mount.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,9 @@
  /bin/mount.*			--	gen_context(system_u:object_r:mount_exec_t,s0)
  /bin/umount.*			--	gen_context(system_u:object_r:mount_exec_t,s0)
@@ -27049,7 +26858,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/var/run/davfs2(/.*)?		gen_context(system_u:object_r:mount_var_run_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.if serefpolicy-3.6.14/policy/modules/system/mount.if
 --- nsaserefpolicy/policy/modules/system/mount.if	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/mount.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/mount.if	2009-06-08 21:43:15.000000000 -0400
 @@ -43,9 +43,11 @@
  
  	mount_domtrans($1)
@@ -27087,7 +26896,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-3.6.14/policy/modules/system/mount.te
 --- nsaserefpolicy/policy/modules/system/mount.te	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/mount.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/mount.te	2009-06-08 21:43:15.000000000 -0400
 @@ -18,17 +18,22 @@
  init_system_domain(mount_t,mount_exec_t)
  role system_r types mount_t;
@@ -27313,7 +27122,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-3.6.14/policy/modules/system/selinuxutil.fc
 --- nsaserefpolicy/policy/modules/system/selinuxutil.fc	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/selinuxutil.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/selinuxutil.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -6,13 +6,13 @@
  /etc/selinux(/.*)?			gen_context(system_u:object_r:selinux_config_t,s0)
  /etc/selinux/([^/]*/)?contexts(/.*)?	gen_context(system_u:object_r:default_context_t,s0)
@@ -27354,7 +27163,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/etc/share/selinux/mls(/.*)?		gen_context(system_u:object_r:semanage_store_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.if serefpolicy-3.6.14/policy/modules/system/selinuxutil.if
 --- nsaserefpolicy/policy/modules/system/selinuxutil.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/selinuxutil.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/selinuxutil.if	2009-06-08 21:43:15.000000000 -0400
 @@ -535,6 +535,53 @@
  
  ########################################
@@ -27745,7 +27554,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-3.6.14/policy/modules/system/selinuxutil.te
 --- nsaserefpolicy/policy/modules/system/selinuxutil.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/selinuxutil.te	2009-06-08 21:32:55.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/selinuxutil.te	2009-06-08 21:43:15.000000000 -0400
 @@ -23,6 +23,9 @@
  type selinux_config_t;
  files_type(selinux_config_t)
@@ -28111,7 +27920,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setrans.if serefpolicy-3.6.14/policy/modules/system/setrans.if
 --- nsaserefpolicy/policy/modules/system/setrans.if	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/setrans.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/setrans.if	2009-06-08 21:43:15.000000000 -0400
 @@ -21,3 +21,23 @@
  	stream_connect_pattern($1,setrans_var_run_t,setrans_var_run_t,setrans_t)
  	files_list_pids($1)
@@ -28138,7 +27947,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.fc serefpolicy-3.6.14/policy/modules/system/sysnetwork.fc
 --- nsaserefpolicy/policy/modules/system/sysnetwork.fc	2008-08-07 11:15:12.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/sysnetwork.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/sysnetwork.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -11,15 +11,20 @@
  /etc/dhclient-script	--	gen_context(system_u:object_r:dhcp_etc_t,s0)
  /etc/dhcpc.*			gen_context(system_u:object_r:dhcp_etc_t,s0)
@@ -28169,7 +27978,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.6.14/policy/modules/system/sysnetwork.if
 --- nsaserefpolicy/policy/modules/system/sysnetwork.if	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/sysnetwork.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/sysnetwork.if	2009-06-08 21:43:15.000000000 -0400
 @@ -43,6 +43,39 @@
  
  	sysnet_domtrans_dhcpc($1)
@@ -28340,7 +28149,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-3.6.14/policy/modules/system/sysnetwork.te
 --- nsaserefpolicy/policy/modules/system/sysnetwork.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/sysnetwork.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/sysnetwork.te	2009-06-08 21:43:15.000000000 -0400
 @@ -20,6 +20,9 @@
  init_daemon_domain(dhcpc_t,dhcpc_exec_t)
  role system_r types dhcpc_t;
@@ -28528,7 +28337,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	xen_append_log(ifconfig_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.te serefpolicy-3.6.14/policy/modules/system/udev.te
 --- nsaserefpolicy/policy/modules/system/udev.te	2009-04-07 15:53:36.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/udev.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/udev.te	2009-06-08 21:43:15.000000000 -0400
 @@ -50,6 +50,7 @@
  allow udev_t self:unix_stream_socket connectto;
  allow udev_t self:netlink_kobject_uevent_socket create_socket_perms;
@@ -28589,7 +28398,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	xen_manage_log(udev_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.fc serefpolicy-3.6.14/policy/modules/system/unconfined.fc
 --- nsaserefpolicy/policy/modules/system/unconfined.fc	2008-09-11 16:42:49.000000000 -0400
-+++ serefpolicy-3.6.14/policy/modules/system/unconfined.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/unconfined.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,16 +1 @@
  # Add programs here which should not be confined by SELinux
 -# e.g.:
@@ -28609,7 +28418,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-3.6.14/policy/modules/system/unconfined.if
 --- nsaserefpolicy/policy/modules/system/unconfined.if	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/unconfined.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/unconfined.if	2009-06-08 21:43:15.000000000 -0400
 @@ -12,14 +12,13 @@
  #
  interface(`unconfined_domain_noaudit',`
@@ -29105,7 +28914,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-3.6.14/policy/modules/system/unconfined.te
 --- nsaserefpolicy/policy/modules/system/unconfined.te	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/unconfined.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/unconfined.te	2009-06-08 21:43:15.000000000 -0400
 @@ -1,231 +1,9 @@
  
 -policy_module(unconfined, 3.0.0)
@@ -29342,7 +29151,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 -')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.fc serefpolicy-3.6.14/policy/modules/system/userdomain.fc
 --- nsaserefpolicy/policy/modules/system/userdomain.fc	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/userdomain.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/userdomain.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,4 +1,7 @@
  HOME_DIR	-d	gen_context(system_u:object_r:user_home_dir_t,s0-mls_systemhigh)
 +HOME_DIR	-l	gen_context(system_u:object_r:user_home_dir_t,s0-mls_systemhigh)
@@ -29354,7 +29163,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/dev/shm/mono.*		gen_context(system_u:object_r:user_tmpfs_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.6.14/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/userdomain.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/userdomain.if	2009-06-08 21:43:15.000000000 -0400
 @@ -30,8 +30,9 @@
  	')
  
@@ -31313,7 +31122,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.6.14/policy/modules/system/userdomain.te
 --- nsaserefpolicy/policy/modules/system/userdomain.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/userdomain.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/userdomain.te	2009-06-08 21:43:15.000000000 -0400
 @@ -8,13 +8,6 @@
  
  ## <desc>
@@ -31401,12 +31210,12 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +allow userdomain userdomain:process signull;
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.fc serefpolicy-3.6.14/policy/modules/system/virtual.fc
 --- nsaserefpolicy/policy/modules/system/virtual.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/virtual.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/virtual.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1 @@
 +# No application file contexts.
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.if serefpolicy-3.6.14/policy/modules/system/virtual.if
 --- nsaserefpolicy/policy/modules/system/virtual.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/virtual.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/virtual.if	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,119 @@
 +## <summary>Virtual machine emulator and virtualizer</summary>
 +
@@ -31529,7 +31338,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virtual.te serefpolicy-3.6.14/policy/modules/system/virtual.te
 --- nsaserefpolicy/policy/modules/system/virtual.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/virtual.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/virtual.te	2009-06-08 21:43:15.000000000 -0400
 @@ -0,0 +1,79 @@
 +
 +policy_module(virtualization, 1.1.2)
@@ -31612,7 +31421,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.fc serefpolicy-3.6.14/policy/modules/system/xen.fc
 --- nsaserefpolicy/policy/modules/system/xen.fc	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/xen.fc	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/xen.fc	2009-06-08 21:43:15.000000000 -0400
 @@ -1,32 +1,31 @@
  /dev/xen/tapctrl.*	-p	gen_context(system_u:object_r:xenctl_t,s0)
  
@@ -31654,7 +31463,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if serefpolicy-3.6.14/policy/modules/system/xen.if
 --- nsaserefpolicy/policy/modules/system/xen.if	2009-01-05 15:39:43.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/xen.if	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/xen.if	2009-06-08 21:43:15.000000000 -0400
 @@ -71,6 +71,8 @@
  	')
  
@@ -31729,7 +31538,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-3.6.14/policy/modules/system/xen.te
 --- nsaserefpolicy/policy/modules/system/xen.te	2009-01-19 11:07:34.000000000 -0500
-+++ serefpolicy-3.6.14/policy/modules/system/xen.te	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/modules/system/xen.te	2009-06-08 21:43:15.000000000 -0400
 @@ -6,6 +6,13 @@
  # Declarations
  #
@@ -32026,7 +31835,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/ipc_patterns.spt serefpolicy-3.6.14/policy/support/ipc_patterns.spt
 --- nsaserefpolicy/policy/support/ipc_patterns.spt	2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.14/policy/support/ipc_patterns.spt	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/support/ipc_patterns.spt	2009-06-08 21:43:15.000000000 -0400
 @@ -3,12 +3,12 @@
  #
  define(`stream_connect_pattern',`
@@ -32044,7 +31853,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.6.14/policy/support/obj_perm_sets.spt
 --- nsaserefpolicy/policy/support/obj_perm_sets.spt	2009-03-12 11:16:47.000000000 -0400
-+++ serefpolicy-3.6.14/policy/support/obj_perm_sets.spt	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/support/obj_perm_sets.spt	2009-06-08 21:43:15.000000000 -0400
 @@ -201,7 +201,7 @@
  define(`setattr_file_perms',`{ setattr }')
  define(`read_file_perms',`{ getattr open read lock ioctl }')
@@ -32079,7 +31888,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +define(`manage_key_perms', `{ create link read search setattr view write } ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.6.14/policy/users
 --- nsaserefpolicy/policy/users	2008-08-07 11:15:13.000000000 -0400
-+++ serefpolicy-3.6.14/policy/users	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/policy/users	2009-06-08 21:43:15.000000000 -0400
 @@ -25,11 +25,8 @@
  # permit any access to such users, then remove this entry.
  #
@@ -32106,7 +31915,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +gen_user(root, user, unconfined_r sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r') system_r, s0, s0 - mls_systemhigh, mcs_allcats)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.6.14/Rules.modular
 --- nsaserefpolicy/Rules.modular	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/Rules.modular	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/Rules.modular	2009-06-08 21:43:15.000000000 -0400
 @@ -73,8 +73,8 @@
  $(tmpdir)/%.mod: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf %.te
  	@echo "Compliling $(NAME) $(@F) module"
@@ -32138,7 +31947,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/Rul
  $(tmpdir)/all_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf $(base_te_files) $(tmpdir)/rolemap.conf
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/support/Makefile.devel serefpolicy-3.6.14/support/Makefile.devel
 --- nsaserefpolicy/support/Makefile.devel	2008-11-11 16:13:50.000000000 -0500
-+++ serefpolicy-3.6.14/support/Makefile.devel	2009-06-08 21:21:19.000000000 -0400
++++ serefpolicy-3.6.14/support/Makefile.devel	2009-06-08 21:43:15.000000000 -0400
 @@ -185,8 +185,7 @@
  tmp/%.mod: $(m4support) tmp/all_interfaces.conf %.te
  	@$(EINFO) "Compiling $(NAME) $(basename $(@F)) module"
diff --git a/sources b/sources
index 0af380e..e9af33e 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-4872394e39e63a985e3463ca443567cc  serefpolicy-3.6.13.tgz
+8194456ed5e1f5fb82691570b6cb053c  serefpolicy-3.6.14.tgz