- Label /var/lib/pgsql/.ssh as ssh_home_t
- Add labeling for /usr/bin/pg_ctl
- Allow systemd-logind to manage keyring user tmp dirs
- Add support for 7389/tcp port
- gems seems to be placed in lots of places
- Since xdm is running a full session, it seems to be trying to execute lots
- Add back tcp/8123 port as http_cache port
- Add ovirt-guest-agent\.pid labeling
- Allow xend to run scsi_id
- Allow rhsmcertd-worker to read "physical_package_id"
- Allow pki_tomcat to connect to ldap port
- Allow lpr to read /usr/share/fonts
- Allow open file from CD/DVD drive on domU
- Allow munin services plugins to talk to SSSD
- Allow all samba domains to create samba directory in var_t directories
- Take away svirt_t ability to use nsswitch
- Dontaudit attempts by openshift to read apache logs
- Allow apache to create as well as append _ra_content_t
- Dontaudit sendmail_t reading a leaked file descriptor
- Add interface to have admin transition /etc/prelink.cache to the proper la
- Add sntp support to ntp policy
- Allow firewalld to dbus chat with devicekit_power
- Allow tuned to call lsblk
- Allow tor to read /proc/sys/kernel/random/uuid
- Add tor_can_network_relay boolean