diff --git a/policy/modules/apps/firewallgui.te b/policy/modules/apps/firewallgui.te
index 4da3d86..910a3f4 100644
--- a/policy/modules/apps/firewallgui.te
+++ b/policy/modules/apps/firewallgui.te
@@ -17,8 +17,7 @@ files_tmp_file(firewallgui_tmp_t)
 # firewallgui local policy
 #
 
-allow firewallgui_t self:capability net_admin;
-
+allow firewallgui_t self:capability { net_admin sys_rawio } ;
 allow firewallgui_t self:fifo_file rw_fifo_file_perms;
 
 manage_files_pattern(firewallgui_t,firewallgui_tmp_t,firewallgui_tmp_t)
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index d58ef64..5843cad 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -121,6 +121,9 @@ term_use_controlling_term(domain)
 
 # list the root directory
 files_list_root(domain)
+# allow all domains to search through default_t directory, since users sometimes
+# place labels within these directories.  (samba_share_t) for example.
+files_search_default(domain)
 
 # All executables should be able to search the directory they are in
 corecmd_search_bin(domain)
diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index 39c2bb3..6a160b2 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -106,6 +106,7 @@ ifdef(`distro_debian', `
 /var/cache/gdm(/.*)?		gen_context(system_u:object_r:xdm_var_lib_t,s0)
 
 /var/log/gdm(/.*)?		gen_context(system_u:object_r:xdm_log_t,s0)
+/var/log/slim\.log.*	--	gen_context(system_u:object_r:xdm_log_t,s0)
 /var/log/lxdm\.log.*	--	gen_context(system_u:object_r:xdm_log_t,s0)
 /var/log/[kw]dm\.log.*	--	gen_context(system_u:object_r:xserver_log_t,s0)
 /var/log/XFree86.*	--	gen_context(system_u:object_r:xserver_log_t,s0)