diff --git a/policy-rawhide-contrib.patch b/policy-rawhide-contrib.patch
index cb6fa7f..a8ab903 100644
--- a/policy-rawhide-contrib.patch
+++ b/policy-rawhide-contrib.patch
@@ -64643,7 +64643,7 @@ index d2fc677..ded726f 100644
  ')
 +
 diff --git a/pegasus.te b/pegasus.te
-index 608f454..6054e92 100644
+index 608f454..251160b 100644
 --- a/pegasus.te
 +++ b/pegasus.te
 @@ -5,13 +5,12 @@ policy_module(pegasus, 1.9.0)
@@ -64662,7 +64662,7 @@ index 608f454..6054e92 100644
  type pegasus_cache_t;
  files_type(pegasus_cache_t)
  
-@@ -30,20 +29,324 @@ files_type(pegasus_mof_t)
+@@ -30,20 +29,326 @@ files_type(pegasus_mof_t)
  type pegasus_var_run_t;
  files_pid_file(pegasus_var_run_t)
  
@@ -64898,6 +64898,8 @@ index 608f454..6054e92 100644
 +kernel_get_sysvipc_info(pegasus_openlmi_storage_t)
 +kernel_request_load_module(pegasus_openlmi_storage_t)
 +
++auth_use_nsswitch(pegasus_openlmi_storage_t)
++
 +dev_read_raw_memory(pegasus_openlmi_storage_t)
 +dev_read_rand(pegasus_openlmi_storage_t)
 +dev_read_urand(pegasus_openlmi_storage_t)
@@ -64992,7 +64994,7 @@ index 608f454..6054e92 100644
  allow pegasus_t pegasus_conf_t:lnk_file read_lnk_file_perms;
  
  manage_dirs_pattern(pegasus_t, pegasus_cache_t, pegasus_cache_t)
-@@ -54,22 +357,22 @@ files_var_filetrans(pegasus_t, pegasus_cache_t, { dir file lnk_file })
+@@ -54,22 +359,22 @@ files_var_filetrans(pegasus_t, pegasus_cache_t, { dir file lnk_file })
  manage_dirs_pattern(pegasus_t, pegasus_data_t, pegasus_data_t)
  manage_files_pattern(pegasus_t, pegasus_data_t, pegasus_data_t)
  manage_lnk_files_pattern(pegasus_t, pegasus_data_t, pegasus_data_t)
@@ -65023,7 +65025,7 @@ index 608f454..6054e92 100644
  
  kernel_read_network_state(pegasus_t)
  kernel_read_kernel_sysctls(pegasus_t)
-@@ -80,27 +383,21 @@ kernel_read_net_sysctls(pegasus_t)
+@@ -80,27 +385,21 @@ kernel_read_net_sysctls(pegasus_t)
  kernel_read_xen_state(pegasus_t)
  kernel_write_xen_state(pegasus_t)
  
@@ -65056,7 +65058,7 @@ index 608f454..6054e92 100644
  
  corecmd_exec_bin(pegasus_t)
  corecmd_exec_shell(pegasus_t)
-@@ -114,9 +411,11 @@ files_getattr_all_dirs(pegasus_t)
+@@ -114,9 +413,11 @@ files_getattr_all_dirs(pegasus_t)
  
  auth_use_nsswitch(pegasus_t)
  auth_domtrans_chk_passwd(pegasus_t)
@@ -65068,7 +65070,7 @@ index 608f454..6054e92 100644
  
  files_list_var_lib(pegasus_t)
  files_read_var_lib_files(pegasus_t)
-@@ -128,18 +427,29 @@ init_stream_connect_script(pegasus_t)
+@@ -128,18 +429,29 @@ init_stream_connect_script(pegasus_t)
  logging_send_audit_msgs(pegasus_t)
  logging_send_syslog_msg(pegasus_t)
  
@@ -65104,7 +65106,7 @@ index 608f454..6054e92 100644
  ')
  
  optional_policy(`
-@@ -151,16 +461,24 @@ optional_policy(`
+@@ -151,16 +463,24 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -65133,7 +65135,7 @@ index 608f454..6054e92 100644
  ')
  
  optional_policy(`
-@@ -168,7 +486,7 @@ optional_policy(`
+@@ -168,7 +488,7 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -65142,7 +65144,7 @@ index 608f454..6054e92 100644
  ')
  
  optional_policy(`
-@@ -180,6 +498,7 @@ optional_policy(`
+@@ -180,6 +500,7 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -97364,7 +97366,7 @@ index 03472ed..48b5633 100644
 +	cron_system_entry(squid_cron_t, squid_cron_exec_t)
 +')
 diff --git a/sssd.fc b/sssd.fc
-index dbb005a..5db696e 100644
+index dbb005a..835122a 100644
 --- a/sssd.fc
 +++ b/sssd.fc
 @@ -1,15 +1,19 @@
@@ -97380,7 +97382,7 @@ index dbb005a..5db696e 100644
 +/usr/lib/systemd/system/sssd.*      --      gen_context(system_u:object_r:sssd_unit_file_t,s0)
  
 -/var/lib/sss/mc(/.*)?	gen_context(system_u:object_r:sssd_public_t,s0)
-+/usr/libexec/sssd/selinux_child     --  gen_context(system_u:object_r:sssd_selinux_manager_exec_t)
++/usr/libexec/sssd/selinux_child     --  gen_context(system_u:object_r:sssd_selinux_manager_exec_t,s0)
 +
 +/var/lib/sss(/.*)?		gen_context(system_u:object_r:sssd_var_lib_t,s0)
 +