diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index b0a60cc..7b7d13f 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -15,6 +15,7 @@
 	dpkg (Erich Schubert)
 	ethereal
 	evolution
+	games
 	mozilla
 	mplayer
 	rhgb
diff --git a/refpolicy/policy/global_tunables b/refpolicy/policy/global_tunables
index 2a9c6aa..fc8a254 100644
--- a/refpolicy/policy/global_tunables
+++ b/refpolicy/policy/global_tunables
@@ -390,6 +390,14 @@ gen_tunable(cron_can_relabel,false)
 
 ## <desc>
 ## <p>
+## force to games to run in user_t
+## mapping executable (text relocation).
+## </p>
+## </desc>
+gen_tunable(disable_games_trans,false)
+
+## <desc>
+## <p>
 ## Disable transitions to evolution domains.
 ## </p>
 ## </desc>
diff --git a/refpolicy/policy/modules/apps/games.fc b/refpolicy/policy/modules/apps/games.fc
new file mode 100644
index 0000000..e35e2b5
--- /dev/null
+++ b/refpolicy/policy/modules/apps/games.fc
@@ -0,0 +1,67 @@
+#
+# /usr
+#
+/usr/lib/games(/.*)? 		gen_context(system_u:object_r:games_exec_t,s0)
+
+#
+# /var
+#
+/var/lib/games(/.*)? 		gen_context(system_u:object_r:games_data_t,s0)
+
+ifdef(`distro_debian', `
+/usr/games/.*		--	gen_context(system_u:object_r:games_exec_t,s0)
+/var/games(/.*)?		gen_context(system_u:object_r:games_data_t,s0)
+', `
+/usr/bin/micq		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/blackjack	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gataxx		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/glines		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnect		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnibbles	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnobots2	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnome-stones	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnomine	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnotravex	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gnotski	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/gtali		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/iagno		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/mahjongg	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/same-gnome	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/sol		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/atlantik	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kasteroids	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/katomic	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kbackgammon	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kbattleship	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kblackbox	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kbounce	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kenolaba	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kfouleggs	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kgoldrunner	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kjumpingcube	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/klickety	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/klines		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kmahjongg	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kmines		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kolf		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/konquest	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kpat		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kpoker		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kreversi	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ksame		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kshisen	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ksirtet	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ksmiletris	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ksnake		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ksokoban	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kspaceduel	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ktron		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/ktuberling	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kwin4		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/kwin4proc	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/lskat		--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/lskatproc	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/Maelstrom	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/civclient.*	--	gen_context(system_u:object_r:games_exec_t,s0)
+/usr/bin/civserver.*	--	gen_context(system_u:object_r:games_exec_t,s0)
+')dnl end non-Debian section
diff --git a/refpolicy/policy/modules/apps/games.if b/refpolicy/policy/modules/apps/games.if
new file mode 100644
index 0000000..03310d0
--- /dev/null
+++ b/refpolicy/policy/modules/apps/games.if
@@ -0,0 +1,174 @@
+## <summary>Games</summary>
+
+#######################################
+## <summary>
+##	The per user domain template for the games module.
+## </summary>
+## <desc>
+##	<p>
+##	This template creates a derived domains which are used
+##	for games.
+##	</p>
+##	<p>
+##	This template is invoked automatically for each user, and
+##	generally does not need to be invoked directly
+##	by policy writers.
+##	</p>
+## </desc>
+## <param name="userdomain_prefix">
+##	<summary>
+##	The prefix of the user domain (e.g., user
+##	is the prefix for user_t).
+##	</summary>
+## </param>
+## <param name="user_domain">
+##	<summary>
+##	The type of the user domain.
+##	</summary>
+## </param>
+## <param name="user_role">
+##	<summary>
+##	The role associated with the user domain.
+##	</summary>
+## </param>
+#
+template(`games_per_userdomain_template',`
+
+	########################################
+	#
+	# Declarations
+	#
+
+	type $1_games_t;
+	domain_type($1_games_t)
+	role $3 types $1_games_t;
+
+	type $1_games_devpts_t;
+	term_pty($1_games_devpts_t)
+
+	type $1_games_tmpfs_t;
+	files_tmpfs_file($1_games_tmpfs_t)
+
+	type $1_games_tmp_t;
+	files_tmp_file($1_games_tmp_t)
+	
+	########################################
+	#
+	# Local policy
+	#
+
+	allow $1_games_t self:sem create_sem_perms;
+	allow $1_games_t self:tcp_socket create_stream_socket_perms;
+	allow $1_games_t self:udp_socket create_socket_perms;
+	allow $1_games_t self:tcp_socket { connectto sendto recvfrom };
+	allow $1_games_t self:tcp_socket { acceptfrom recvfrom };
+
+	allow $1_games_t $1_games_tmpfs_t:dir rw_dir_perms;
+	allow $1_games_t $1_games_tmpfs_t:file manage_file_perms;
+	allow $1_games_t $1_games_tmpfs_t:lnk_file create_lnk_perms;
+	allow $1_games_t $1_games_tmpfs_t:sock_file manage_file_perms;
+	allow $1_games_t $1_games_tmpfs_t:fifo_file manage_file_perms;
+	fs_tmpfs_filetrans($1_games_t,$1_games_tmpfs_t,{ dir file lnk_file sock_file fifo_file })
+
+	allow $1_games_t $1_games_tmp_t:dir manage_dir_perms;
+	allow $1_games_t $1_games_tmp_t:file manage_file_perms;
+	files_tmp_filetrans($1_games_t, $1_games_tmp_t, { file dir })
+
+	allow $1_games_t $1_games_devpts_t:chr_file { rw_file_perms setattr };
+	term_create_pty($1_games_t,$1_games_devpts_t)
+
+	allow $1_games_t games_data_t:dir rw_dir_perms;
+	allow $1_games_t games_data_t:file manage_file_perms;
+	allow $1_games_t games_data_t:lnk_file create_lnk_perms;
+
+	can_exec($1_games_t, games_exec_t)
+
+	allow $2 $1_games_t:unix_stream_socket connectto;
+	allow $1_games_t $2:unix_stream_socket connectto;
+
+	kernel_tcp_recvfrom($1_games_t)
+	kernel_tcp_recvfrom($1_games_t)
+	kernel_read_system_state($1_games_t)
+
+	corecmd_exec_bin($1_games_t)
+	corecmd_exec_sbin($1_games_t)
+
+	corenet_tcp_sendrecv_generic_if($1_games_t)
+	corenet_udp_sendrecv_generic_if($1_games_t)
+	corenet_raw_sendrecv_generic_if($1_games_t)
+	corenet_tcp_sendrecv_all_nodes($1_games_t)
+	corenet_udp_sendrecv_all_nodes($1_games_t)
+	corenet_raw_sendrecv_all_nodes($1_games_t)
+	corenet_tcp_sendrecv_all_ports($1_games_t)
+	corenet_udp_sendrecv_all_ports($1_games_t)
+	corenet_non_ipsec_sendrecv($1_games_t)
+	corenet_tcp_bind_all_nodes($1_games_t)
+	corenet_udp_bind_all_nodes($1_games_t)
+	corenet_tcp_bind_generic_port($1_games_t)
+	corenet_tcp_connect_generic_port($1_games_t)
+
+	dev_read_sound($1_games_t)
+	dev_write_sound($1_games_t)
+	dev_read_input($1_games_t)
+	dev_read_mouse($1_games_t)
+	dev_read_urand($1_games_t)
+
+	files_list_var($1_games_t)
+	files_search_var_lib($1_games_t)
+	files_dontaudit_search_var($1_games_t)
+	files_read_etc_files($1_games_t)
+	files_read_usr_files($1_games_t)
+	files_read_var_files($1_games_t)
+
+	init_dontaudit_rw_utmp($1_games_t)
+
+	logging_dontaudit_search_logs($1_games_t)
+
+	libs_use_shared_libs($1_games_t)
+	libs_use_ld_so($1_games_t)
+
+	miscfiles_read_man_pages($1_games_t)
+	miscfiles_read_localization($1_games_t)
+
+	sysnet_read_config($1_games_t)
+
+	userdom_manage_user_tmp_dirs($1,$1_games_t)
+	userdom_manage_user_tmp_files($1,$1_games_t)
+	userdom_manage_user_tmp_symlinks($1,$1_games_t)
+	userdom_manage_user_tmp_sockets($1,$1_games_t)
+	# Suppress .icons denial until properly implemented
+	userdom_dontaudit_read_user_home_content_files($1,$1_games_t)
+	
+	# Type transition
+	tunable_policy(`!disable_games_trans',`
+		domain_auto_trans($2, games_exec_t, $1_games_t)
+	')
+
+	tunable_policy(`allow_execmem',`
+		allow $1_games_t self:process execmem;
+	')
+
+	optional_policy(`nscd',`
+		nscd_socket_use($1_games_t)
+	')
+
+	optional_policy(`xserver',`
+		xserver_user_client_template($1,$1_games_t,$1_games_tmpfs_t)
+		xserver_create_xdm_tmp_sockets($1_games_t)
+		xserver_read_xdm_lib_files($1_games_t)
+	')
+
+	ifdef(`TODO',`
+		gnome_application($1_games, $1)
+		gnome_file_dialog($1_games, $1)
+		# Access /home/user/.gnome2
+		# FIXME: Change to use per app types
+		allow $1_games_t $1_gnome_settings_t:dir create_dir_perms;
+		allow $1_games_t $1_gnome_settings_t:file create_file_perms;
+		allow $1_games_t $1_gnome_settings_t:lnk_file create_lnk_perms;
+		#missing policy
+		optional_policy(`mozilla', ` 
+			dontaudit $1_games_t $1_mozilla_t:unix_stream_socket connectto;
+		')
+	')
+')
diff --git a/refpolicy/policy/modules/apps/games.te b/refpolicy/policy/modules/apps/games.te
new file mode 100644
index 0000000..d1a8a34
--- /dev/null
+++ b/refpolicy/policy/modules/apps/games.te
@@ -0,0 +1,84 @@
+
+policy_module(games,1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+type games_data_t;
+files_type(games_data_t)
+
+# games_t is for system operation of games, generic games daemons and
+# games recovery scripts
+type games_t;
+type games_exec_t;
+init_system_domain(games_t,games_exec_t)
+
+type games_var_run_t;
+files_pid_file(games_var_run_t)
+
+########################################
+#
+# Local policy
+#
+
+dontaudit games_t self:capability sys_tty_config;
+allow games_t self:process signal_perms;
+
+allow games_t games_data_t:dir rw_dir_perms;
+allow games_t games_data_t:file manage_file_perms;
+allow games_t games_data_t:lnk_file create_lnk_perms;
+
+allow games_t games_var_run_t:file manage_file_perms;
+allow games_t games_var_run_t:dir rw_dir_perms;
+files_pid_filetrans(games_t,games_var_run_t,file)
+
+can_exec(games_t,games_exec_t)
+
+kernel_read_kernel_sysctls(games_t)
+kernel_list_proc(games_t)
+kernel_read_proc_symlinks(games_t)
+
+dev_read_sysfs(games_t)
+
+fs_getattr_all_fs(games_t)
+fs_search_auto_mountpoints(games_t)
+
+term_dontaudit_use_console(games_t)
+
+domain_use_interactive_fds(games_t)
+
+init_use_fds(games_t)
+init_use_script_ptys(games_t)
+
+libs_use_ld_so(games_t)
+libs_use_shared_libs(games_t)
+
+logging_send_syslog_msg(games_t)
+
+miscfiles_read_localization(games_t)
+
+userdom_dontaudit_use_unpriv_user_fds(games_t)
+userdom_dontaudit_search_sysadm_home_dirs(games_t)
+
+ifdef(`targeted_policy', `
+	term_dontaudit_use_unallocated_ttys(games_t)
+	term_dontaudit_use_generic_ptys(games_t)
+	files_dontaudit_read_root_files(games_t)
+')
+
+optional_policy(`selinuxutil',`
+	seutil_sigchld_newrole(games_t)
+')
+
+optional_policy(`udev',`
+	udev_read_db(games_t)
+')
+
+ifdef(`TODO',`
+	#WHY!!!
+	#allow initrc_t games_data_t:dir r_dir_perms;
+	#allow initrc_t games_data_t:file r_file_perms;
+	#allow initrc_t games_data_t:lnk_file { getattr read };
+')
diff --git a/refpolicy/policy/modules/services/xserver.if b/refpolicy/policy/modules/services/xserver.if
index e4ea884..6cf46cb 100644
--- a/refpolicy/policy/modules/services/xserver.if
+++ b/refpolicy/policy/modules/services/xserver.if
@@ -713,6 +713,24 @@ interface(`xserver_read_xdm_pid',`
 
 ########################################
 ## <summary>
+##      Read XDM var lib files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`xserver_read_xdm_lib_files',`
+	gen_require(`
+		type xdm_var_lib_t;
+	')
+
+	allow $1 xdm_var_lib_t:file { getattr read };
+')
+
+########################################
+## <summary>
 ##	Execute the X server in the XDM X server domain.
 ## </summary>
 ## <param name="domain">
diff --git a/refpolicy/policy/modules/services/xserver.te b/refpolicy/policy/modules/services/xserver.te
index 2d7bfba..d362fda 100644
--- a/refpolicy/policy/modules/services/xserver.te
+++ b/refpolicy/policy/modules/services/xserver.te
@@ -1,5 +1,5 @@
 
-policy_module(xserver,1.1.0)
+policy_module(xserver,1.1.1)
 
 ########################################
 #
diff --git a/refpolicy/policy/modules/system/logging.if b/refpolicy/policy/modules/system/logging.if
index 10d4d26..7bc0d88 100644
--- a/refpolicy/policy/modules/system/logging.if
+++ b/refpolicy/policy/modules/system/logging.if
@@ -167,6 +167,24 @@ interface(`logging_search_logs',`
 
 #######################################
 ## <summary>
+##      Do not audit attempts to search the var log directory.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain not to audit.
+##      </summary>
+## </param>
+#
+interface(`logging_dontaudit_search_logs',`
+	gen_require(`
+		type var_log_t;
+	')
+
+	dontaudit $1 var_log_t:dir search;
+')
+
+#######################################
+## <summary>
 ##	List the contents of the generic log directory (/var/log).
 ## </summary>
 ## <param name="domain">
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index 90a956f..80e2252 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -1,5 +1,5 @@
 
-policy_module(logging,1.3.0)
+policy_module(logging,1.3.1)
 
 ########################################
 #