diff --git a/booleans-targeted.conf b/booleans-targeted.conf
index 89c6e5a..3254cc4 100644
--- a/booleans-targeted.conf
+++ b/booleans-targeted.conf
@@ -258,3 +258,15 @@ browser_confine_xguest=true
 # Allow postfix locat to write to mail spool
 # 
 allow_postfix_local_write_mail_spool=true
+
+# Allow xguest to mount usb devices
+# 
+xguest_mount_media=true
+
+# Allow xguest to manage network connections
+# 
+xguest_connect_network=true
+
+# Allow xguest to use bluetooth devices
+# 
+xguest_use_bluetooth=true
diff --git a/policy-20070703.patch b/policy-20070703.patch
index e0f07bb..7e140b3 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -1272,8 +1272,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +/var/log/kismet(/.*)?			gen_context(system_u:object_r:kismet_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.if serefpolicy-3.0.8/policy/modules/admin/kismet.if
 --- nsaserefpolicy/policy/modules/admin/kismet.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.8/policy/modules/admin/kismet.if	2007-10-29 23:59:29.000000000 -0400
-@@ -0,0 +1,276 @@
++++ serefpolicy-3.0.8/policy/modules/admin/kismet.if	2007-11-17 07:11:45.000000000 -0500
+@@ -0,0 +1,277 @@
 +
 +## <summary>policy for kismet</summary>
 +
@@ -1475,9 +1475,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +		type kismet_log_t;
 +	')
 +
-+         manage_dirs_pattern($1,kismet_log_t,kismet_log_t)
-+         manage_files_pattern($1,kismet_log_t,kismet_log_t)
-+         manage_lnk_files_pattern($1,kismet_log_t,kismet_log_t)
++	logging_search_logs($1)
++	manage_dirs_pattern($1,kismet_log_t,kismet_log_t)
++	manage_files_pattern($1,kismet_log_t,kismet_log_t)
++	manage_lnk_files_pattern($1,kismet_log_t,kismet_log_t)
 +')
 +
 +########################################
@@ -2261,7 +2262,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if s
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreaper.te serefpolicy-3.0.8/policy/modules/admin/tmpreaper.te
 --- nsaserefpolicy/policy/modules/admin/tmpreaper.te	2007-10-22 13:21:42.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/admin/tmpreaper.te	2007-11-01 11:49:52.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/admin/tmpreaper.te	2007-11-17 07:10:47.000000000 -0500
 @@ -28,6 +28,7 @@
  files_purge_tmp(tmpreaper_t)
  # why does it need setattr?
@@ -18042,7 +18043,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-3.0.8/policy/modules/system/unconfined.te
 --- nsaserefpolicy/policy/modules/system/unconfined.te	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/unconfined.te	2007-11-13 14:37:46.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/system/unconfined.te	2007-11-17 07:01:29.000000000 -0500
 @@ -5,36 +5,52 @@
  #
  # Declarations
@@ -18103,7 +18104,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  
  libs_run_ldconfig(unconfined_t,unconfined_r,{ unconfined_devpts_t unconfined_tty_device_t })
  
-@@ -42,37 +58,39 @@
+@@ -42,37 +58,40 @@
  logging_run_auditctl(unconfined_t,unconfined_r,{ unconfined_devpts_t unconfined_tty_device_t })
  
  mount_run_unconfined(unconfined_t,unconfined_r,{ unconfined_devpts_t unconfined_tty_device_t })
@@ -18149,10 +18150,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  	unconfined_domain(unconfined_crond_t)
 +	unconfined_domain(unconfined_crontab_t)
 +	role system_r types unconfined_crontab_t;
++	rpm_transition_script(unconfined_crond_t)
  ')
  
  optional_policy(`
-@@ -107,22 +125,22 @@
+@@ -107,22 +126,22 @@
  	optional_policy(`
  		oddjob_dbus_chat(unconfined_t)
  	')
@@ -18181,7 +18183,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ')
  
  optional_policy(`
-@@ -130,15 +148,10 @@
+@@ -130,15 +149,10 @@
  ')
  
  optional_policy(`
@@ -18199,7 +18201,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ')
  
  optional_policy(`
-@@ -154,33 +167,20 @@
+@@ -154,33 +168,20 @@
  ')
  
  optional_policy(`
@@ -18237,7 +18239,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ')
  
  optional_policy(`
-@@ -205,11 +205,22 @@
+@@ -205,11 +206,22 @@
  ')
  
  optional_policy(`
@@ -18262,7 +18264,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ')
  
  ########################################
-@@ -219,14 +230,28 @@
+@@ -219,14 +231,28 @@
  
  allow unconfined_execmem_t self:process { execstack execmem };
  unconfined_domain_noaudit(unconfined_execmem_t)
@@ -18302,7 +18304,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  /tmp/gconfd-USER -d	gen_context(system_u:object_r:ROLE_tmp_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.0.8/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/userdomain.if	2007-11-16 17:13:34.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/system/userdomain.if	2007-11-17 07:03:58.000000000 -0500
 @@ -29,8 +29,9 @@
  	')
  
@@ -19596,7 +19598,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +#
 +template(`userdom_restricted_xwindows_user_template', `
 +
-+userdom_unpriv_login_user($1)
++userdom_restricted_user_template($1)
 +# Should be optional but policy will not build because of compiler problems
 +# Must be before xwindows calls
 +#optional_policy(`
@@ -20216,7 +20218,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.i
 +## <summary>Policy for guest user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.te serefpolicy-3.0.8/policy/modules/users/guest.te
 --- nsaserefpolicy/policy/modules/users/guest.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.8/policy/modules/users/guest.te	2007-11-16 17:15:41.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/users/guest.te	2007-11-17 06:47:50.000000000 -0500
 @@ -0,0 +1,4 @@
 +policy_module(guest,1.0.1)
 +userdom_restricted_user_template(guest)
@@ -20234,8 +20236,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.
 +## <summary>Policy for logadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.te serefpolicy-3.0.8/policy/modules/users/logadm.te
 --- nsaserefpolicy/policy/modules/users/logadm.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.8/policy/modules/users/logadm.te	2007-10-29 23:59:29.000000000 -0400
-@@ -0,0 +1,12 @@
++++ serefpolicy-3.0.8/policy/modules/users/logadm.te	2007-11-17 06:46:41.000000000 -0500
+@@ -0,0 +1,11 @@
 +policy_module(logadm,1.0.0)
 +
 +########################################
@@ -20246,8 +20248,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.
 +
 +allow logadm_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
 +
-+logging_syslog_admin(logadm, logadm_t, logadm_r)
-+logging_audit_admin(logadm, logadm_t, logadm_r)
++logging_admin(logadm_t, logadm_r, { logadm_tty_device_t logadm_devpts_t })
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/metadata.xml serefpolicy-3.0.8/policy/modules/users/metadata.xml
 --- nsaserefpolicy/policy/modules/users/metadata.xml	1969-12-31 19:00:00.000000000 -0500
 +++ serefpolicy-3.0.8/policy/modules/users/metadata.xml	2007-10-29 23:59:29.000000000 -0400
@@ -20265,7 +20266,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.
 +## <summary>Policy for webadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.te serefpolicy-3.0.8/policy/modules/users/webadm.te
 --- nsaserefpolicy/policy/modules/users/webadm.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.0.8/policy/modules/users/webadm.te	2007-10-29 23:59:29.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/users/webadm.te	2007-11-17 06:49:48.000000000 -0500
 @@ -0,0 +1,42 @@
 +policy_module(webadm,1.0.0)
 +
@@ -20275,6 +20276,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.
 +#
 +
 +userdom_base_user_template(webadm)
++
 +allow webadm_t self:capability { dac_override dac_read_search kill sys_ptrace sys_nice };
 +
 +bool webadm_read_user_files false;
@@ -20292,7 +20294,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.
 +}
 +
 +files_dontaudit_search_all_dirs(webadm_t)
-+files_manage_generic_locks(webadm_t)
 +files_list_var(webadm_t)
 +selinux_get_enforce_mode(webadm_t)
 +seutil_domtrans_setfiles(webadm_t)
@@ -20302,7 +20303,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.
 +userdom_dontaudit_search_sysadm_home_dirs(webadm_t)
 +userdom_dontaudit_search_generic_user_home_dirs(webadm_t)
 +
-+apache_admin(webadm, webadm_t, webadm_r)
++apache_admin(webadm_t, webadm_r, { webadm_tty_device_t webadm_devpts_t })
 +
 +gen_require(`
 +	type gadmin_t;
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 6175a98..96d97f1 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 56%{?dist}
+Release: 57%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -380,6 +380,13 @@ exit 0
 %endif
 
 %changelog
+* Fri Nov 16 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-57
+- Allow lvm to search mnt
+- Add booleans for xguest account
+      xguest_mount_media
+      xguest_connect_network
+      xguest_use_bluetooth
+
 * Thu Nov 15 2007 Dan Walsh <dwalsh@redhat.com> 3.0.8-56
 - Remove /usr/sbin/gdm label
 - Label gstreamer codecs in homedir as textrel_shlib_t