- Remove userdom_home_manager for xdm_t and move all rules to xserver
- Add new xdm_write_home boolean to allow xdm_t to create files in HO
- Allow postfix-showq to read/write unix.showq in /var/spool/postfix/
- Allow virsh to read xen lock file
- Allow qemu-ga to create files in /run with proper labeling
- Allow glusterd to connect to own socket in /tmp
- Allow glance-api to connect to http port to make glance image-creat
- Allow keystonte_t to execute rpm