- Label any block devices or char devices under /dev/infiniband as fixed_disk_devi
- Fix userdom_restricted_xwindows_user_template() interface
- User accounts need to dbus chat with accountsd daemon
- Gnome requires all users to be able to read /proc/1/
- Add support for /var/lib/systemd/linger
- Allow systemd-timestamp to set SELinux context
- Fix systemd.fc
- Switch gnomeclock_dbus_chat to systemd_dbus_chat_timedated since we have switche
- Allow sytstemd-timedated to get status of init_t
- Add new systemd policies for hostnamed and rename gnomeclock_t to systemd_timeda
- Allow tuned to created kobject_uevent socket
- Allow guest user to run fusermount
- Allow openshift to read /proc and locale
- Allow realmd to dbus chat with rpm
- virsh now does a setexeccon call
- Additional rules required by openshift domains
- Allow svirt_lxc_domains to use inherited terminals, needed to make virt-sandbox-
- Allow spamd_update_t to search spamc_home_t
- Avcs discovered by mounting an isci device under /mnt
- Avcs discovered by mounting an isci device under /mnt
- Allow lspci running as logrotate to read pci.ids
- Additional fix for networkmanager_read_pid_files()
- Fix networkmanager_read_pid_files() interface
- Allow all svirt domains to connect to svirt_socket_t
- Allow virsh to set SELinux context for a process.
- Allow tuned to create netlink_kobject_uevent_socket
- Add new tuned_tmp_t type