diff --git a/modules-mls.conf b/modules-mls.conf
index e95086b..3a7406e 100644
--- a/modules-mls.conf
+++ b/modules-mls.conf
@@ -1116,3 +1116,10 @@ courier = module
 # 
 rpcbind = module
 
+# Layer: services
+# Module: milter
+#
+# Milter mail filters
+# 
+milter = module
+
diff --git a/modules-targeted.conf b/modules-targeted.conf
index 1bbd635..045993d 100644
--- a/modules-targeted.conf
+++ b/modules-targeted.conf
@@ -1668,3 +1668,10 @@ courier = module
 # test package for eparis
 # 
 #slattach = base
+
+# Layer: services
+# Module: milter
+#
+# Milter mail filters
+# 
+milter = module
diff --git a/policy-20071130.patch b/policy-20071130.patch
index 2c7ed45..f22524b 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -1,12 +1,12 @@
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/failsafe_context serefpolicy-3.3.1/config/appconfig-mcs/failsafe_context
 --- nsaserefpolicy/config/appconfig-mcs/failsafe_context	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/failsafe_context	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/failsafe_context	2009-02-04 10:54:47.000000000 +0100
 @@ -1 +1 @@
 -sysadm_r:sysadm_t:s0
 +system_r:unconfined_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts serefpolicy-3.3.1/config/appconfig-mcs/guest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/guest_u_default_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/guest_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/guest_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,6 @@
 +system_r:local_login_t:s0	guest_r:guest_t:s0
 +system_r:remote_login_t:s0	guest_r:guest_t:s0
@@ -16,7 +16,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/guest_u
 +guest_r:guest_t:s0		guest_r:guest_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_default_contexts serefpolicy-3.3.1/config/appconfig-mcs/root_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/root_default_contexts	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/root_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/root_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -1,11 +1,7 @@
  system_r:crond_t:s0		unconfined_r:unconfined_t:s0 sysadm_r:sysadm_crond_t:s0 staff_r:staff_crond_t:s0 user_r:user_crond_t:s0
  system_r:local_login_t:s0	unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
@@ -32,7 +32,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/root_de
 +system_r:sshd_t:s0		unconfined_r:unconfined_t:s0 sysadm_r:sysadm_t:s0 staff_r:staff_t:s0 user_r:user_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts serefpolicy-3.3.1/config/appconfig-mcs/staff_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/staff_u_default_contexts	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/staff_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/staff_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -5,6 +5,8 @@
  system_r:xdm_t:s0		staff_r:staff_t:s0
  staff_r:staff_su_t:s0		staff_r:staff_t:s0
@@ -44,7 +44,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/staff_u
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts serefpolicy-3.3.1/config/appconfig-mcs/unconfined_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/unconfined_u_default_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/unconfined_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/unconfined_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,11 @@
 +system_r:crond_t:s0		unconfined_r:unconfined_t:s0
 +system_r:initrc_t:s0		unconfined_r:unconfined_t:s0
@@ -59,13 +59,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/unconfi
 +system_r:xdm_t:s0		unconfined_r:unconfined_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/userhelper_context serefpolicy-3.3.1/config/appconfig-mcs/userhelper_context
 --- nsaserefpolicy/config/appconfig-mcs/userhelper_context	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/userhelper_context	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/userhelper_context	2009-02-04 10:54:47.000000000 +0100
 @@ -1 +1 @@
 -system_u:sysadm_r:sysadm_t:s0
 +system_u:system_r:unconfined_t:s0	
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts serefpolicy-3.3.1/config/appconfig-mcs/user_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/user_u_default_contexts	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/user_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/user_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -5,4 +5,5 @@
  system_r:xdm_t:s0		user_r:user_t:s0
  user_r:user_su_t:s0		user_r:user_t:s0
@@ -75,7 +75,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/user_u_
 +user_r:user_t:s0		user_r:user_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/x_contexts serefpolicy-3.3.1/config/appconfig-mcs/x_contexts
 --- nsaserefpolicy/config/appconfig-mcs/x_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/x_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/x_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,188 @@
 +#
 +# Config file for XSELinux extension
@@ -267,7 +267,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/x_conte
 +event *					system_u:object_r:default_xevent_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts serefpolicy-3.3.1/config/appconfig-mcs/xguest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mcs/xguest_u_default_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mcs/xguest_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mcs/xguest_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,7 @@
 +system_r:local_login_t	xguest_r:xguest_t:s0
 +system_r:remote_login_t	xguest_r:xguest_t:s0
@@ -278,7 +278,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mcs/xguest_
 +xguest_r:xguest_t:s0	xguest_r:xguest_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts serefpolicy-3.3.1/config/appconfig-mls/guest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-mls/guest_u_default_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mls/guest_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mls/guest_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,4 @@
 +system_r:local_login_t:s0	guest_r:guest_t:s0
 +system_r:remote_login_t:s0	guest_r:guest_t:s0
@@ -286,7 +286,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/guest_u
 +system_r:crond_t:s0		guest_r:guest_crond_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/x_contexts serefpolicy-3.3.1/config/appconfig-mls/x_contexts
 --- nsaserefpolicy/config/appconfig-mls/x_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-mls/x_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-mls/x_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,188 @@
 +#
 +# Config file for XSELinux extension
@@ -478,7 +478,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-mls/x_conte
 +event *					system_u:object_r:default_xevent_t:s0
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/guest_u_default_contexts serefpolicy-3.3.1/config/appconfig-standard/guest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-standard/guest_u_default_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-standard/guest_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-standard/guest_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,4 @@
 +system_r:local_login_t	guest_r:guest_t
 +system_r:remote_login_t	guest_r:guest_t
@@ -486,7 +486,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/gu
 +system_r:crond_t	guest_r:guest_crond_t
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/root_default_contexts serefpolicy-3.3.1/config/appconfig-standard/root_default_contexts
 --- nsaserefpolicy/config/appconfig-standard/root_default_contexts	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-standard/root_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-standard/root_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -1,11 +1,7 @@
  system_r:crond_t	unconfined_r:unconfined_t sysadm_r:sysadm_crond_t staff_r:staff_crond_t user_r:user_crond_t
  system_r:local_login_t  unconfined_r:unconfined_t sysadm_r:sysadm_t staff_r:staff_t user_r:user_t
@@ -502,7 +502,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/ro
 +system_r:sshd_t	unconfined_r:unconfined_t sysadm_r:sysadm_t staff_r:staff_t user_r:user_t
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/x_contexts serefpolicy-3.3.1/config/appconfig-standard/x_contexts
 --- nsaserefpolicy/config/appconfig-standard/x_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-standard/x_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-standard/x_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,188 @@
 +#
 +# Config file for XSELinux extension
@@ -694,7 +694,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/x_
 +event *					system_u:object_r:default_xevent_t
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/xguest_u_default_contexts serefpolicy-3.3.1/config/appconfig-standard/xguest_u_default_contexts
 --- nsaserefpolicy/config/appconfig-standard/xguest_u_default_contexts	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/config/appconfig-standard/xguest_u_default_contexts	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/config/appconfig-standard/xguest_u_default_contexts	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,5 @@
 +system_r:local_login_t	xguest_r:xguest_t
 +system_r:remote_login_t	xguest_r:xguest_t
@@ -703,7 +703,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/config/appconfig-standard/xg
 +system_r:xdm_t		xguest_r:xguest_t
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/global_booleans.xml serefpolicy-3.3.1/doc/global_booleans.xml
 --- nsaserefpolicy/doc/global_booleans.xml	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/global_booleans.xml	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/global_booleans.xml	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,25 @@
 +<bool name="secure_mode" dftval="false">
 +<desc>
@@ -732,7 +732,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/global_booleans.xml sere
 +</bool>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/global_tunables.xml serefpolicy-3.3.1/doc/global_tunables.xml
 --- nsaserefpolicy/doc/global_tunables.xml	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/global_tunables.xml	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/global_tunables.xml	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,124 @@
 +<tunable name="allow_execheap" dftval="false">
 +<desc>
@@ -860,7 +860,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/global_tunables.xml sere
 +</tunable>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_acct.html serefpolicy-3.3.1/doc/html/admin_acct.html
 --- nsaserefpolicy/doc/html/admin_acct.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_acct.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_acct.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,376 @@
 +<html>
 +<head>
@@ -1240,7 +1240,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_acct.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_alsa.html serefpolicy-3.3.1/doc/html/admin_alsa.html
 --- nsaserefpolicy/doc/html/admin_alsa.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_alsa.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_alsa.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,418 @@
 +<html>
 +<head>
@@ -1662,7 +1662,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_alsa.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_amanda.html serefpolicy-3.3.1/doc/html/admin_amanda.html
 --- nsaserefpolicy/doc/html/admin_amanda.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_amanda.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_amanda.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,581 @@
 +<html>
 +<head>
@@ -2247,7 +2247,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_amanda.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_amtu.html serefpolicy-3.3.1/doc/html/admin_amtu.html
 --- nsaserefpolicy/doc/html/admin_amtu.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_amtu.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_amtu.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,329 @@
 +<html>
 +<head>
@@ -2580,7 +2580,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_amtu.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_anaconda.html serefpolicy-3.3.1/doc/html/admin_anaconda.html
 --- nsaserefpolicy/doc/html/admin_anaconda.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_anaconda.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_anaconda.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,202 @@
 +<html>
 +<head>
@@ -2786,7 +2786,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_anaconda.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_apt.html serefpolicy-3.3.1/doc/html/admin_apt.html
 --- nsaserefpolicy/doc/html/admin_apt.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_apt.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_apt.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,581 @@
 +<html>
 +<head>
@@ -3371,7 +3371,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_apt.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_backup.html serefpolicy-3.3.1/doc/html/admin_backup.html
 --- nsaserefpolicy/doc/html/admin_backup.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_backup.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_backup.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,329 @@
 +<html>
 +<head>
@@ -3704,7 +3704,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_backup.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_bootloader.html serefpolicy-3.3.1/doc/html/admin_bootloader.html
 --- nsaserefpolicy/doc/html/admin_bootloader.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_bootloader.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_bootloader.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,500 @@
 +<html>
 +<head>
@@ -4208,7 +4208,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_bootloader.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_brctl.html serefpolicy-3.3.1/doc/html/admin_brctl.html
 --- nsaserefpolicy/doc/html/admin_brctl.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_brctl.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_brctl.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,250 @@
 +<html>
 +<head>
@@ -4462,7 +4462,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_brctl.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_certwatch.html serefpolicy-3.3.1/doc/html/admin_certwatch.html
 --- nsaserefpolicy/doc/html/admin_certwatch.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_certwatch.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_certwatch.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,412 @@
 +<html>
 +<head>
@@ -4878,7 +4878,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_certwatch.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_consoletype.html serefpolicy-3.3.1/doc/html/admin_consoletype.html
 --- nsaserefpolicy/doc/html/admin_consoletype.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_consoletype.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_consoletype.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,373 @@
 +<html>
 +<head>
@@ -5255,7 +5255,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_consoletype.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_ddcprobe.html serefpolicy-3.3.1/doc/html/admin_ddcprobe.html
 --- nsaserefpolicy/doc/html/admin_ddcprobe.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_ddcprobe.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_ddcprobe.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,329 @@
 +<html>
 +<head>
@@ -5588,7 +5588,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_ddcprobe.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_dmesg.html serefpolicy-3.3.1/doc/html/admin_dmesg.html
 --- nsaserefpolicy/doc/html/admin_dmesg.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_dmesg.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_dmesg.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,292 @@
 +<html>
 +<head>
@@ -5884,7 +5884,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_dmesg.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_dmidecode.html serefpolicy-3.3.1/doc/html/admin_dmidecode.html
 --- nsaserefpolicy/doc/html/admin_dmidecode.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_dmidecode.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_dmidecode.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,329 @@
 +<html>
 +<head>
@@ -6217,7 +6217,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_dmidecode.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_dpkg.html serefpolicy-3.3.1/doc/html/admin_dpkg.html
 --- nsaserefpolicy/doc/html/admin_dpkg.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_dpkg.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_dpkg.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -6928,7 +6928,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_dpkg.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_firstboot.html serefpolicy-3.3.1/doc/html/admin_firstboot.html
 --- nsaserefpolicy/doc/html/admin_firstboot.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_firstboot.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_firstboot.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,543 @@
 +<html>
 +<head>
@@ -7475,7 +7475,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_firstboot.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin.html serefpolicy-3.3.1/doc/html/admin.html
 --- nsaserefpolicy/doc/html/admin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,411 @@
 +<html>
 +<head>
@@ -7890,7 +7890,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin.html serefpol
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_kismet.html serefpolicy-3.3.1/doc/html/admin_kismet.html
 --- nsaserefpolicy/doc/html/admin_kismet.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_kismet.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_kismet.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,751 @@
 +<html>
 +<head>
@@ -8645,7 +8645,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_kismet.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_kudzu.html serefpolicy-3.3.1/doc/html/admin_kudzu.html
 --- nsaserefpolicy/doc/html/admin_kudzu.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_kudzu.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_kudzu.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,371 @@
 +<html>
 +<head>
@@ -9020,7 +9020,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_kudzu.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_logrotate.html serefpolicy-3.3.1/doc/html/admin_logrotate.html
 --- nsaserefpolicy/doc/html/admin_logrotate.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_logrotate.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_logrotate.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,497 @@
 +<html>
 +<head>
@@ -9521,7 +9521,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_logrotate.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_logwatch.html serefpolicy-3.3.1/doc/html/admin_logwatch.html
 --- nsaserefpolicy/doc/html/admin_logwatch.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_logwatch.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_logwatch.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,292 @@
 +<html>
 +<head>
@@ -9817,7 +9817,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_logwatch.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_mrtg.html serefpolicy-3.3.1/doc/html/admin_mrtg.html
 --- nsaserefpolicy/doc/html/admin_mrtg.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_mrtg.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_mrtg.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,250 @@
 +<html>
 +<head>
@@ -10071,7 +10071,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_mrtg.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_netutils.html serefpolicy-3.3.1/doc/html/admin_netutils.html
 --- nsaserefpolicy/doc/html/admin_netutils.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_netutils.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_netutils.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,1005 @@
 +<html>
 +<head>
@@ -11080,7 +11080,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_netutils.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_portage.html serefpolicy-3.3.1/doc/html/admin_portage.html
 --- nsaserefpolicy/doc/html/admin_portage.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_portage.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_portage.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,587 @@
 +<html>
 +<head>
@@ -11671,7 +11671,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_portage.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_prelink.html serefpolicy-3.3.1/doc/html/admin_prelink.html
 --- nsaserefpolicy/doc/html/admin_prelink.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_prelink.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_prelink.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,497 @@
 +<html>
 +<head>
@@ -12172,7 +12172,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_prelink.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_quota.html serefpolicy-3.3.1/doc/html/admin_quota.html
 --- nsaserefpolicy/doc/html/admin_quota.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_quota.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_quota.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,415 @@
 +<html>
 +<head>
@@ -12591,7 +12591,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_quota.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_readahead.html serefpolicy-3.3.1/doc/html/admin_readahead.html
 --- nsaserefpolicy/doc/html/admin_readahead.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_readahead.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_readahead.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,202 @@
 +<html>
 +<head>
@@ -12797,7 +12797,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_readahead.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_rpm.html serefpolicy-3.3.1/doc/html/admin_rpm.html
 --- nsaserefpolicy/doc/html/admin_rpm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_rpm.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_rpm.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,1365 @@
 +<html>
 +<head>
@@ -14166,7 +14166,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_rpm.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_sudo.html serefpolicy-3.3.1/doc/html/admin_sudo.html
 --- nsaserefpolicy/doc/html/admin_sudo.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_sudo.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_sudo.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,301 @@
 +<html>
 +<head>
@@ -14471,7 +14471,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_sudo.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_su.html serefpolicy-3.3.1/doc/html/admin_su.html
 --- nsaserefpolicy/doc/html/admin_su.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_su.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_su.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,439 @@
 +<html>
 +<head>
@@ -14914,7 +14914,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_su.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_sxid.html serefpolicy-3.3.1/doc/html/admin_sxid.html
 --- nsaserefpolicy/doc/html/admin_sxid.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_sxid.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_sxid.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,251 @@
 +<html>
 +<head>
@@ -15169,7 +15169,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_sxid.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_tmpreaper.html serefpolicy-3.3.1/doc/html/admin_tmpreaper.html
 --- nsaserefpolicy/doc/html/admin_tmpreaper.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_tmpreaper.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_tmpreaper.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,250 @@
 +<html>
 +<head>
@@ -15423,7 +15423,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_tmpreaper.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_tripwire.html serefpolicy-3.3.1/doc/html/admin_tripwire.html
 --- nsaserefpolicy/doc/html/admin_tripwire.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_tripwire.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_tripwire.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,704 @@
 +<html>
 +<head>
@@ -16131,7 +16131,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_tripwire.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_tzdata.html serefpolicy-3.3.1/doc/html/admin_tzdata.html
 --- nsaserefpolicy/doc/html/admin_tzdata.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_tzdata.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_tzdata.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,328 @@
 +<html>
 +<head>
@@ -16463,7 +16463,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_tzdata.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_updfstab.html serefpolicy-3.3.1/doc/html/admin_updfstab.html
 --- nsaserefpolicy/doc/html/admin_updfstab.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_updfstab.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_updfstab.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,250 @@
 +<html>
 +<head>
@@ -16717,7 +16717,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_updfstab.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_usbmodules.html serefpolicy-3.3.1/doc/html/admin_usbmodules.html
 --- nsaserefpolicy/doc/html/admin_usbmodules.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_usbmodules.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_usbmodules.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,330 @@
 +<html>
 +<head>
@@ -17051,7 +17051,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_usbmodules.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_usermanage.html serefpolicy-3.3.1/doc/html/admin_usermanage.html
 --- nsaserefpolicy/doc/html/admin_usermanage.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_usermanage.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_usermanage.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,899 @@
 +<html>
 +<head>
@@ -17954,7 +17954,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_usermanage.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_vbetool.html serefpolicy-3.3.1/doc/html/admin_vbetool.html
 --- nsaserefpolicy/doc/html/admin_vbetool.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_vbetool.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_vbetool.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,250 @@
 +<html>
 +<head>
@@ -18208,7 +18208,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_vbetool.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_vpn.html serefpolicy-3.3.1/doc/html/admin_vpn.html
 --- nsaserefpolicy/doc/html/admin_vpn.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/admin_vpn.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/admin_vpn.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,498 @@
 +<html>
 +<head>
@@ -18710,7 +18710,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/admin_vpn.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_ada.html serefpolicy-3.3.1/doc/html/apps_ada.html
 --- nsaserefpolicy/doc/html/apps_ada.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_ada.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_ada.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,314 @@
 +<html>
 +<head>
@@ -19028,7 +19028,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_ada.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_authbind.html serefpolicy-3.3.1/doc/html/apps_authbind.html
 --- nsaserefpolicy/doc/html/apps_authbind.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_authbind.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_authbind.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,235 @@
 +<html>
 +<head>
@@ -19267,7 +19267,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_authbind.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_awstats.html serefpolicy-3.3.1/doc/html/apps_awstats.html
 --- nsaserefpolicy/doc/html/apps_awstats.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_awstats.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_awstats.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,280 @@
 +<html>
 +<head>
@@ -19551,7 +19551,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_awstats.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_calamaris.html serefpolicy-3.3.1/doc/html/apps_calamaris.html
 --- nsaserefpolicy/doc/html/apps_calamaris.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_calamaris.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_calamaris.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,235 @@
 +<html>
 +<head>
@@ -19790,7 +19790,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_calamaris.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_cdrecord.html serefpolicy-3.3.1/doc/html/apps_cdrecord.html
 --- nsaserefpolicy/doc/html/apps_cdrecord.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_cdrecord.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_cdrecord.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,311 @@
 +<html>
 +<head>
@@ -20105,7 +20105,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_cdrecord.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_ethereal.html serefpolicy-3.3.1/doc/html/apps_ethereal.html
 --- nsaserefpolicy/doc/html/apps_ethereal.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_ethereal.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_ethereal.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,555 @@
 +<html>
 +<head>
@@ -20664,7 +20664,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_ethereal.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_evolution.html serefpolicy-3.3.1/doc/html/apps_evolution.html
 --- nsaserefpolicy/doc/html/apps_evolution.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_evolution.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_evolution.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,540 @@
 +<html>
 +<head>
@@ -21208,7 +21208,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_evolution.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_games.html serefpolicy-3.3.1/doc/html/apps_games.html
 --- nsaserefpolicy/doc/html/apps_games.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_games.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_games.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,336 @@
 +<html>
 +<head>
@@ -21548,7 +21548,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_games.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_gift.html serefpolicy-3.3.1/doc/html/apps_gift.html
 --- nsaserefpolicy/doc/html/apps_gift.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_gift.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_gift.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,285 @@
 +<html>
 +<head>
@@ -21837,7 +21837,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_gift.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_gnome.html serefpolicy-3.3.1/doc/html/apps_gnome.html
 --- nsaserefpolicy/doc/html/apps_gnome.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_gnome.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_gnome.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,725 @@
 +<html>
 +<head>
@@ -22566,7 +22566,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_gnome.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_gpg.html serefpolicy-3.3.1/doc/html/apps_gpg.html
 --- nsaserefpolicy/doc/html/apps_gpg.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_gpg.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_gpg.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,428 @@
 +<html>
 +<head>
@@ -22998,7 +22998,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_gpg.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps.html serefpolicy-3.3.1/doc/html/apps.html
 --- nsaserefpolicy/doc/html/apps.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,364 @@
 +<html>
 +<head>
@@ -23366,7 +23366,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps.html serefpoli
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_irc.html serefpolicy-3.3.1/doc/html/apps_irc.html
 --- nsaserefpolicy/doc/html/apps_irc.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_irc.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_irc.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,285 @@
 +<html>
 +<head>
@@ -23655,7 +23655,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_irc.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_java.html serefpolicy-3.3.1/doc/html/apps_java.html
 --- nsaserefpolicy/doc/html/apps_java.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_java.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_java.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,685 @@
 +<html>
 +<head>
@@ -24344,7 +24344,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_java.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_livecd.html serefpolicy-3.3.1/doc/html/apps_livecd.html
 --- nsaserefpolicy/doc/html/apps_livecd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_livecd.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_livecd.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,314 @@
 +<html>
 +<head>
@@ -24662,7 +24662,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_livecd.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_loadkeys.html serefpolicy-3.3.1/doc/html/apps_loadkeys.html
 --- nsaserefpolicy/doc/html/apps_loadkeys.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_loadkeys.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_loadkeys.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,355 @@
 +<html>
 +<head>
@@ -25021,7 +25021,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_loadkeys.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_lockdev.html serefpolicy-3.3.1/doc/html/apps_lockdev.html
 --- nsaserefpolicy/doc/html/apps_lockdev.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_lockdev.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_lockdev.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,286 @@
 +<html>
 +<head>
@@ -25311,7 +25311,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_lockdev.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_mono.html serefpolicy-3.3.1/doc/html/apps_mono.html
 --- nsaserefpolicy/doc/html/apps_mono.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_mono.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_mono.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,493 @@
 +<html>
 +<head>
@@ -25808,7 +25808,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_mono.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_mozilla.html serefpolicy-3.3.1/doc/html/apps_mozilla.html
 --- nsaserefpolicy/doc/html/apps_mozilla.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_mozilla.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_mozilla.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,708 @@
 +<html>
 +<head>
@@ -26520,7 +26520,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_mozilla.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_mplayer.html serefpolicy-3.3.1/doc/html/apps_mplayer.html
 --- nsaserefpolicy/doc/html/apps_mplayer.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_mplayer.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_mplayer.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,503 @@
 +<html>
 +<head>
@@ -27027,7 +27027,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_mplayer.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_nsplugin.html serefpolicy-3.3.1/doc/html/apps_nsplugin.html
 --- nsaserefpolicy/doc/html/apps_nsplugin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_nsplugin.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_nsplugin.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,941 @@
 +<html>
 +<head>
@@ -27972,7 +27972,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_nsplugin.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_openoffice.html serefpolicy-3.3.1/doc/html/apps_openoffice.html
 --- nsaserefpolicy/doc/html/apps_openoffice.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_openoffice.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_openoffice.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,380 @@
 +<html>
 +<head>
@@ -28356,7 +28356,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_openoffice.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_rssh.html serefpolicy-3.3.1/doc/html/apps_rssh.html
 --- nsaserefpolicy/doc/html/apps_rssh.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_rssh.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_rssh.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,342 @@
 +<html>
 +<head>
@@ -28702,7 +28702,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_rssh.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_screen.html serefpolicy-3.3.1/doc/html/apps_screen.html
 --- nsaserefpolicy/doc/html/apps_screen.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_screen.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_screen.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,285 @@
 +<html>
 +<head>
@@ -28991,7 +28991,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_screen.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_slocate.html serefpolicy-3.3.1/doc/html/apps_slocate.html
 --- nsaserefpolicy/doc/html/apps_slocate.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_slocate.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_slocate.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,277 @@
 +<html>
 +<head>
@@ -29272,7 +29272,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_slocate.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_thunderbird.html serefpolicy-3.3.1/doc/html/apps_thunderbird.html
 --- nsaserefpolicy/doc/html/apps_thunderbird.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_thunderbird.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_thunderbird.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,357 @@
 +<html>
 +<head>
@@ -29633,7 +29633,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_thunderbird.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_tvtime.html serefpolicy-3.3.1/doc/html/apps_tvtime.html
 --- nsaserefpolicy/doc/html/apps_tvtime.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_tvtime.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_tvtime.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,285 @@
 +<html>
 +<head>
@@ -29922,7 +29922,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_tvtime.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_uml.html serefpolicy-3.3.1/doc/html/apps_uml.html
 --- nsaserefpolicy/doc/html/apps_uml.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_uml.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_uml.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,377 @@
 +<html>
 +<head>
@@ -30303,7 +30303,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_uml.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_userhelper.html serefpolicy-3.3.1/doc/html/apps_userhelper.html
 --- nsaserefpolicy/doc/html/apps_userhelper.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_userhelper.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_userhelper.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,480 @@
 +<html>
 +<head>
@@ -30787,7 +30787,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_userhelper.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_usernetctl.html serefpolicy-3.3.1/doc/html/apps_usernetctl.html
 --- nsaserefpolicy/doc/html/apps_usernetctl.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_usernetctl.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_usernetctl.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,314 @@
 +<html>
 +<head>
@@ -31105,7 +31105,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_usernetctl.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_vmware.html serefpolicy-3.3.1/doc/html/apps_vmware.html
 --- nsaserefpolicy/doc/html/apps_vmware.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_vmware.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_vmware.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,419 @@
 +<html>
 +<head>
@@ -31528,7 +31528,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_vmware.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_webalizer.html serefpolicy-3.3.1/doc/html/apps_webalizer.html
 --- nsaserefpolicy/doc/html/apps_webalizer.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_webalizer.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_webalizer.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,314 @@
 +<html>
 +<head>
@@ -31846,7 +31846,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_webalizer.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_wine.html serefpolicy-3.3.1/doc/html/apps_wine.html
 --- nsaserefpolicy/doc/html/apps_wine.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_wine.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_wine.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,409 @@
 +<html>
 +<head>
@@ -32259,7 +32259,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_wine.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_yam.html serefpolicy-3.3.1/doc/html/apps_yam.html
 --- nsaserefpolicy/doc/html/apps_yam.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/apps_yam.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/apps_yam.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,356 @@
 +<html>
 +<head>
@@ -32619,7 +32619,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/apps_yam.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/booleans.html serefpolicy-3.3.1/doc/html/booleans.html
 --- nsaserefpolicy/doc/html/booleans.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/booleans.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/booleans.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,948 @@
 +<html>
 +<head>
@@ -33571,7 +33571,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/booleans.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/global_booleans.html serefpolicy-3.3.1/doc/html/global_booleans.html
 --- nsaserefpolicy/doc/html/global_booleans.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/global_booleans.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/global_booleans.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,936 @@
 +<html>
 +<head>
@@ -34511,7 +34511,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/global_booleans.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/global_tunables.html serefpolicy-3.3.1/doc/html/global_tunables.html
 --- nsaserefpolicy/doc/html/global_tunables.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/global_tunables.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/global_tunables.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,1139 @@
 +<html>
 +<head>
@@ -35654,7 +35654,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/global_tunables.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/index.html serefpolicy-3.3.1/doc/html/index.html
 --- nsaserefpolicy/doc/html/index.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/index.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/index.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,2465 @@
 +<html>
 +<head>
@@ -38123,7 +38123,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/index.html serefpol
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/interfaces.html serefpolicy-3.3.1/doc/html/interfaces.html
 --- nsaserefpolicy/doc/html/interfaces.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/interfaces.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/interfaces.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,163031 @@
 +<html>
 +<head>
@@ -201158,7 +201158,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/interfaces.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_corecommands.html serefpolicy-3.3.1/doc/html/kernel_corecommands.html
 --- nsaserefpolicy/doc/html/kernel_corecommands.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_corecommands.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_corecommands.html	2009-02-04 10:54:47.000000000 +0100
 @@ -0,0 +1,2396 @@
 +<html>
 +<head>
@@ -203558,7 +203558,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_corecommands
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_corenetwork.html serefpolicy-3.3.1/doc/html/kernel_corenetwork.html
 --- nsaserefpolicy/doc/html/kernel_corenetwork.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_corenetwork.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_corenetwork.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,138688 @@
 +<html>
 +<head>
@@ -342250,7 +342250,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_corenetwork.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_devices.html serefpolicy-3.3.1/doc/html/kernel_devices.html
 --- nsaserefpolicy/doc/html/kernel_devices.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_devices.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_devices.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,8446 @@
 +<html>
 +<head>
@@ -350700,7 +350700,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_devices.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_domain.html serefpolicy-3.3.1/doc/html/kernel_domain.html
 --- nsaserefpolicy/doc/html/kernel_domain.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_domain.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_domain.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2865 @@
 +<html>
 +<head>
@@ -353569,7 +353569,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_domain.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_files.html serefpolicy-3.3.1/doc/html/kernel_files.html
 --- nsaserefpolicy/doc/html/kernel_files.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_files.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_files.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,11323 @@
 +<html>
 +<head>
@@ -364896,7 +364896,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_files.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_filesystem.html serefpolicy-3.3.1/doc/html/kernel_filesystem.html
 --- nsaserefpolicy/doc/html/kernel_filesystem.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_filesystem.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_filesystem.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,8765 @@
 +<html>
 +<head>
@@ -373665,7 +373665,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_filesystem.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel.html serefpolicy-3.3.1/doc/html/kernel.html
 --- nsaserefpolicy/doc/html/kernel.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,208 @@
 +<html>
 +<head>
@@ -373877,7 +373877,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel.html serefpo
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_kernel.html serefpolicy-3.3.1/doc/html/kernel_kernel.html
 --- nsaserefpolicy/doc/html/kernel_kernel.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_kernel.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_kernel.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,5734 @@
 +<html>
 +<head>
@@ -379615,7 +379615,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_kernel.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_mcs.html serefpolicy-3.3.1/doc/html/kernel_mcs.html
 --- nsaserefpolicy/doc/html/kernel_mcs.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_mcs.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_mcs.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,263 @@
 +<html>
 +<head>
@@ -379882,7 +379882,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_mcs.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_mls.html serefpolicy-3.3.1/doc/html/kernel_mls.html
 --- nsaserefpolicy/doc/html/kernel_mls.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_mls.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_mls.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2111 @@
 +<html>
 +<head>
@@ -381997,7 +381997,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_mls.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_selinux.html serefpolicy-3.3.1/doc/html/kernel_selinux.html
 --- nsaserefpolicy/doc/html/kernel_selinux.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_selinux.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_selinux.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1163 @@
 +<html>
 +<head>
@@ -383164,7 +383164,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_selinux.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_storage.html serefpolicy-3.3.1/doc/html/kernel_storage.html
 --- nsaserefpolicy/doc/html/kernel_storage.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_storage.html	2009-01-30 11:10:04.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_storage.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1774 @@
 +<html>
 +<head>
@@ -384942,7 +384942,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_storage.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_terminal.html serefpolicy-3.3.1/doc/html/kernel_terminal.html
 --- nsaserefpolicy/doc/html/kernel_terminal.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/kernel_terminal.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/kernel_terminal.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2536 @@
 +<html>
 +<head>
@@ -387482,7 +387482,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/kernel_terminal.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_afs.html serefpolicy-3.3.1/doc/html/services_afs.html
 --- nsaserefpolicy/doc/html/services_afs.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_afs.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_afs.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -388024,7 +388024,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_afs.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_aide.html serefpolicy-3.3.1/doc/html/services_aide.html
 --- nsaserefpolicy/doc/html/services_aide.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_aide.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_aide.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,743 @@
 +<html>
 +<head>
@@ -388771,7 +388771,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_aide.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_amavis.html serefpolicy-3.3.1/doc/html/services_amavis.html
 --- nsaserefpolicy/doc/html/services_amavis.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_amavis.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_amavis.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1084 @@
 +<html>
 +<head>
@@ -389859,7 +389859,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_amavis.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_apache.html serefpolicy-3.3.1/doc/html/services_apache.html
 --- nsaserefpolicy/doc/html/services_apache.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_apache.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_apache.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2954 @@
 +<html>
 +<head>
@@ -392817,7 +392817,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_apache.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_apcupsd.html serefpolicy-3.3.1/doc/html/services_apcupsd.html
 --- nsaserefpolicy/doc/html/services_apcupsd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_apcupsd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_apcupsd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,918 @@
 +<html>
 +<head>
@@ -393739,7 +393739,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_apcupsd.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_apm.html serefpolicy-3.3.1/doc/html/services_apm.html
 --- nsaserefpolicy/doc/html/services_apm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_apm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_apm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,796 @@
 +<html>
 +<head>
@@ -394539,7 +394539,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_apm.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_arpwatch.html serefpolicy-3.3.1/doc/html/services_arpwatch.html
 --- nsaserefpolicy/doc/html/services_arpwatch.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_arpwatch.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_arpwatch.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,876 @@
 +<html>
 +<head>
@@ -395419,7 +395419,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_arpwatch.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_asterisk.html serefpolicy-3.3.1/doc/html/services_asterisk.html
 --- nsaserefpolicy/doc/html/services_asterisk.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_asterisk.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_asterisk.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -396088,7 +396088,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_asterisk.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_audioentropy.html serefpolicy-3.3.1/doc/html/services_audioentropy.html
 --- nsaserefpolicy/doc/html/services_audioentropy.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_audioentropy.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_audioentropy.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -396630,7 +396630,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_audioentro
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_automount.html serefpolicy-3.3.1/doc/html/services_automount.html
 --- nsaserefpolicy/doc/html/services_automount.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_automount.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_automount.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,918 @@
 +<html>
 +<head>
@@ -397552,7 +397552,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_automount.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_avahi.html serefpolicy-3.3.1/doc/html/services_avahi.html
 --- nsaserefpolicy/doc/html/services_avahi.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_avahi.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_avahi.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,960 @@
 +<html>
 +<head>
@@ -398516,7 +398516,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_avahi.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_bind.html serefpolicy-3.3.1/doc/html/services_bind.html
 --- nsaserefpolicy/doc/html/services_bind.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_bind.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_bind.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1360 @@
 +<html>
 +<head>
@@ -399880,7 +399880,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_bind.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_bitlbee.html serefpolicy-3.3.1/doc/html/services_bitlbee.html
 --- nsaserefpolicy/doc/html/services_bitlbee.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_bitlbee.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_bitlbee.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -400591,7 +400591,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_bitlbee.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_bluetooth.html serefpolicy-3.3.1/doc/html/services_bluetooth.html
 --- nsaserefpolicy/doc/html/services_bluetooth.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_bluetooth.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_bluetooth.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1055 @@
 +<html>
 +<head>
@@ -401650,7 +401650,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_bluetooth.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_canna.html serefpolicy-3.3.1/doc/html/services_canna.html
 --- nsaserefpolicy/doc/html/services_canna.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_canna.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_canna.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -402361,7 +402361,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_canna.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ccs.html serefpolicy-3.3.1/doc/html/services_ccs.html
 --- nsaserefpolicy/doc/html/services_ccs.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ccs.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ccs.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,712 @@
 +<html>
 +<head>
@@ -403077,7 +403077,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ccs.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cipe.html serefpolicy-3.3.1/doc/html/services_cipe.html
 --- nsaserefpolicy/doc/html/services_cipe.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cipe.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cipe.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -403619,7 +403619,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cipe.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_clamav.html serefpolicy-3.3.1/doc/html/services_clamav.html
 --- nsaserefpolicy/doc/html/services_clamav.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_clamav.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_clamav.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,960 @@
 +<html>
 +<head>
@@ -404583,7 +404583,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_clamav.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_clockspeed.html serefpolicy-3.3.1/doc/html/services_clockspeed.html
 --- nsaserefpolicy/doc/html/services_clockspeed.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_clockspeed.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_clockspeed.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,664 @@
 +<html>
 +<head>
@@ -405251,7 +405251,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_clockspeed
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_comsat.html serefpolicy-3.3.1/doc/html/services_comsat.html
 --- nsaserefpolicy/doc/html/services_comsat.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_comsat.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_comsat.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -405793,7 +405793,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_comsat.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_consolekit.html serefpolicy-3.3.1/doc/html/services_consolekit.html
 --- nsaserefpolicy/doc/html/services_consolekit.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_consolekit.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_consolekit.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,671 @@
 +<html>
 +<head>
@@ -406468,7 +406468,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_consolekit
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_courier.html serefpolicy-3.3.1/doc/html/services_courier.html
 --- nsaserefpolicy/doc/html/services_courier.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_courier.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_courier.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,849 @@
 +<html>
 +<head>
@@ -407321,7 +407321,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_courier.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cpucontrol.html serefpolicy-3.3.1/doc/html/services_cpucontrol.html
 --- nsaserefpolicy/doc/html/services_cpucontrol.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cpucontrol.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cpucontrol.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -407911,7 +407911,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cpucontrol
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cron.html serefpolicy-3.3.1/doc/html/services_cron.html
 --- nsaserefpolicy/doc/html/services_cron.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cron.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cron.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1500 @@
 +<html>
 +<head>
@@ -409415,7 +409415,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cron.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cups.html serefpolicy-3.3.1/doc/html/services_cups.html
 --- nsaserefpolicy/doc/html/services_cups.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cups.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cups.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1298 @@
 +<html>
 +<head>
@@ -410717,7 +410717,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cups.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cvs.html serefpolicy-3.3.1/doc/html/services_cvs.html
 --- nsaserefpolicy/doc/html/services_cvs.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cvs.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cvs.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,774 @@
 +<html>
 +<head>
@@ -411495,7 +411495,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cvs.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cyphesis.html serefpolicy-3.3.1/doc/html/services_cyphesis.html
 --- nsaserefpolicy/doc/html/services_cyphesis.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cyphesis.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cyphesis.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -412085,7 +412085,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cyphesis.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cyrus.html serefpolicy-3.3.1/doc/html/services_cyrus.html
 --- nsaserefpolicy/doc/html/services_cyrus.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_cyrus.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_cyrus.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,750 @@
 +<html>
 +<head>
@@ -412839,7 +412839,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_cyrus.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dante.html serefpolicy-3.3.1/doc/html/services_dante.html
 --- nsaserefpolicy/doc/html/services_dante.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dante.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dante.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -413381,7 +413381,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dante.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dbskk.html serefpolicy-3.3.1/doc/html/services_dbskk.html
 --- nsaserefpolicy/doc/html/services_dbskk.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dbskk.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dbskk.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -413923,7 +413923,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dbskk.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dbus.html serefpolicy-3.3.1/doc/html/services_dbus.html
 --- nsaserefpolicy/doc/html/services_dbus.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dbus.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dbus.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1326 @@
 +<html>
 +<head>
@@ -415253,7 +415253,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dbus.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dcc.html serefpolicy-3.3.1/doc/html/services_dcc.html
 --- nsaserefpolicy/doc/html/services_dcc.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dcc.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dcc.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,991 @@
 +<html>
 +<head>
@@ -416248,7 +416248,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dcc.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ddclient.html serefpolicy-3.3.1/doc/html/services_ddclient.html
 --- nsaserefpolicy/doc/html/services_ddclient.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ddclient.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ddclient.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -416959,7 +416959,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ddclient.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dhcp.html serefpolicy-3.3.1/doc/html/services_dhcp.html
 --- nsaserefpolicy/doc/html/services_dhcp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dhcp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dhcp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,708 @@
 +<html>
 +<head>
@@ -417671,7 +417671,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dhcp.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dictd.html serefpolicy-3.3.1/doc/html/services_dictd.html
 --- nsaserefpolicy/doc/html/services_dictd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dictd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dictd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,708 @@
 +<html>
 +<head>
@@ -418383,7 +418383,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dictd.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_distcc.html serefpolicy-3.3.1/doc/html/services_distcc.html
 --- nsaserefpolicy/doc/html/services_distcc.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_distcc.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_distcc.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -418925,7 +418925,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_distcc.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_djbdns.html serefpolicy-3.3.1/doc/html/services_djbdns.html
 --- nsaserefpolicy/doc/html/services_djbdns.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_djbdns.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_djbdns.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,587 @@
 +<html>
 +<head>
@@ -419516,7 +419516,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_djbdns.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dnsmasq.html serefpolicy-3.3.1/doc/html/services_dnsmasq.html
 --- nsaserefpolicy/doc/html/services_dnsmasq.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dnsmasq.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dnsmasq.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,833 @@
 +<html>
 +<head>
@@ -420353,7 +420353,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dnsmasq.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dovecot.html serefpolicy-3.3.1/doc/html/services_dovecot.html
 --- nsaserefpolicy/doc/html/services_dovecot.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_dovecot.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_dovecot.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,833 @@
 +<html>
 +<head>
@@ -421190,7 +421190,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_dovecot.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_exim.html serefpolicy-3.3.1/doc/html/services_exim.html
 --- nsaserefpolicy/doc/html/services_exim.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_exim.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_exim.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1025 @@
 +<html>
 +<head>
@@ -422219,7 +422219,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_exim.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_fail2ban.html serefpolicy-3.3.1/doc/html/services_fail2ban.html
 --- nsaserefpolicy/doc/html/services_fail2ban.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_fail2ban.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_fail2ban.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,834 @@
 +<html>
 +<head>
@@ -423057,7 +423057,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_fail2ban.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_fetchmail.html serefpolicy-3.3.1/doc/html/services_fetchmail.html
 --- nsaserefpolicy/doc/html/services_fetchmail.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_fetchmail.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_fetchmail.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,623 @@
 +<html>
 +<head>
@@ -423684,7 +423684,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_fetchmail.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_finger.html serefpolicy-3.3.1/doc/html/services_finger.html
 --- nsaserefpolicy/doc/html/services_finger.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_finger.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_finger.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,628 @@
 +<html>
 +<head>
@@ -424316,7 +424316,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_finger.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ftp.html serefpolicy-3.3.1/doc/html/services_ftp.html
 --- nsaserefpolicy/doc/html/services_ftp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ftp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ftp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1111 @@
 +<html>
 +<head>
@@ -425431,7 +425431,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ftp.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gamin.html serefpolicy-3.3.1/doc/html/services_gamin.html
 --- nsaserefpolicy/doc/html/services_gamin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_gamin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_gamin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,670 @@
 +<html>
 +<head>
@@ -426105,7 +426105,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gamin.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gatekeeper.html serefpolicy-3.3.1/doc/html/services_gatekeeper.html
 --- nsaserefpolicy/doc/html/services_gatekeeper.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_gatekeeper.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_gatekeeper.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -426647,7 +426647,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gatekeeper
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gnomeclock.html serefpolicy-3.3.1/doc/html/services_gnomeclock.html
 --- nsaserefpolicy/doc/html/services_gnomeclock.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_gnomeclock.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_gnomeclock.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,708 @@
 +<html>
 +<head>
@@ -427359,7 +427359,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gnomeclock
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gpm.html serefpolicy-3.3.1/doc/html/services_gpm.html
 --- nsaserefpolicy/doc/html/services_gpm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_gpm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_gpm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,717 @@
 +<html>
 +<head>
@@ -428080,7 +428080,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_gpm.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_hal.html serefpolicy-3.3.1/doc/html/services_hal.html
 --- nsaserefpolicy/doc/html/services_hal.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_hal.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_hal.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1307 @@
 +<html>
 +<head>
@@ -429391,7 +429391,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_hal.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_howl.html serefpolicy-3.3.1/doc/html/services_howl.html
 --- nsaserefpolicy/doc/html/services_howl.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_howl.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_howl.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -429981,7 +429981,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_howl.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services.html serefpolicy-3.3.1/doc/html/services.html
 --- nsaserefpolicy/doc/html/services.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1311 @@
 +<html>
 +<head>
@@ -431296,7 +431296,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_i18n_input.html serefpolicy-3.3.1/doc/html/services_i18n_input.html
 --- nsaserefpolicy/doc/html/services_i18n_input.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_i18n_input.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_i18n_input.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -431886,7 +431886,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_i18n_input
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_imaze.html serefpolicy-3.3.1/doc/html/services_imaze.html
 --- nsaserefpolicy/doc/html/services_imaze.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_imaze.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_imaze.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -432428,7 +432428,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_imaze.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_inetd.html serefpolicy-3.3.1/doc/html/services_inetd.html
 --- nsaserefpolicy/doc/html/services_inetd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_inetd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_inetd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1005 @@
 +<html>
 +<head>
@@ -433437,7 +433437,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_inetd.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_inn.html serefpolicy-3.3.1/doc/html/services_inn.html
 --- nsaserefpolicy/doc/html/services_inn.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_inn.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_inn.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1045 @@
 +<html>
 +<head>
@@ -434486,7 +434486,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_inn.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ircd.html serefpolicy-3.3.1/doc/html/services_ircd.html
 --- nsaserefpolicy/doc/html/services_ircd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ircd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ircd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -435028,7 +435028,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ircd.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_irqbalance.html serefpolicy-3.3.1/doc/html/services_irqbalance.html
 --- nsaserefpolicy/doc/html/services_irqbalance.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_irqbalance.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_irqbalance.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -435570,7 +435570,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_irqbalance
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_jabber.html serefpolicy-3.3.1/doc/html/services_jabber.html
 --- nsaserefpolicy/doc/html/services_jabber.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_jabber.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_jabber.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -436281,7 +436281,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_jabber.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_kerberos.html serefpolicy-3.3.1/doc/html/services_kerberos.html
 --- nsaserefpolicy/doc/html/services_kerberos.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_kerberos.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_kerberos.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1240 @@
 +<html>
 +<head>
@@ -437525,7 +437525,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_kerberos.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_kerneloops.html serefpolicy-3.3.1/doc/html/services_kerneloops.html
 --- nsaserefpolicy/doc/html/services_kerneloops.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_kerneloops.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_kerneloops.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,835 @@
 +<html>
 +<head>
@@ -438364,7 +438364,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_kerneloops
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ktalk.html serefpolicy-3.3.1/doc/html/services_ktalk.html
 --- nsaserefpolicy/doc/html/services_ktalk.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ktalk.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ktalk.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -438906,7 +438906,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ktalk.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ldap.html serefpolicy-3.3.1/doc/html/services_ldap.html
 --- nsaserefpolicy/doc/html/services_ldap.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ldap.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ldap.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,834 @@
 +<html>
 +<head>
@@ -439744,7 +439744,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ldap.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_lpd.html serefpolicy-3.3.1/doc/html/services_lpd.html
 --- nsaserefpolicy/doc/html/services_lpd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_lpd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_lpd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1165 @@
 +<html>
 +<head>
@@ -440913,7 +440913,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_lpd.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mailman.html serefpolicy-3.3.1/doc/html/services_mailman.html
 --- nsaserefpolicy/doc/html/services_mailman.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_mailman.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_mailman.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1194 @@
 +<html>
 +<head>
@@ -442111,7 +442111,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mailman.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mailscanner.html serefpolicy-3.3.1/doc/html/services_mailscanner.html
 --- nsaserefpolicy/doc/html/services_mailscanner.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_mailscanner.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_mailscanner.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,671 @@
 +<html>
 +<head>
@@ -442786,7 +442786,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mailscanne
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_monop.html serefpolicy-3.3.1/doc/html/services_monop.html
 --- nsaserefpolicy/doc/html/services_monop.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_monop.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_monop.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -443328,7 +443328,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_monop.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mta.html serefpolicy-3.3.1/doc/html/services_mta.html
 --- nsaserefpolicy/doc/html/services_mta.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_mta.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_mta.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2262 @@
 +<html>
 +<head>
@@ -445594,7 +445594,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mta.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_munin.html serefpolicy-3.3.1/doc/html/services_munin.html
 --- nsaserefpolicy/doc/html/services_munin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_munin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_munin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,921 @@
 +<html>
 +<head>
@@ -446519,7 +446519,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_munin.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mysql.html serefpolicy-3.3.1/doc/html/services_mysql.html
 --- nsaserefpolicy/doc/html/services_mysql.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_mysql.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_mysql.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1002 @@
 +<html>
 +<head>
@@ -447525,7 +447525,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_mysql.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nagios.html serefpolicy-3.3.1/doc/html/services_nagios.html
 --- nsaserefpolicy/doc/html/services_nagios.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_nagios.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_nagios.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,794 @@
 +<html>
 +<head>
@@ -448323,7 +448323,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nagios.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nessus.html serefpolicy-3.3.1/doc/html/services_nessus.html
 --- nsaserefpolicy/doc/html/services_nessus.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_nessus.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_nessus.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -448913,7 +448913,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nessus.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_networkmanager.html serefpolicy-3.3.1/doc/html/services_networkmanager.html
 --- nsaserefpolicy/doc/html/services_networkmanager.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_networkmanager.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_networkmanager.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,882 @@
 +<html>
 +<head>
@@ -449799,7 +449799,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_networkman
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nis.html serefpolicy-3.3.1/doc/html/services_nis.html
 --- nsaserefpolicy/doc/html/services_nis.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_nis.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_nis.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1184 @@
 +<html>
 +<head>
@@ -450987,7 +450987,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nis.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nscd.html serefpolicy-3.3.1/doc/html/services_nscd.html
 --- nsaserefpolicy/doc/html/services_nscd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_nscd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_nscd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1167 @@
 +<html>
 +<head>
@@ -452158,7 +452158,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nscd.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nsd.html serefpolicy-3.3.1/doc/html/services_nsd.html
 --- nsaserefpolicy/doc/html/services_nsd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_nsd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_nsd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,628 @@
 +<html>
 +<head>
@@ -452790,7 +452790,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nsd.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ntop.html serefpolicy-3.3.1/doc/html/services_ntop.html
 --- nsaserefpolicy/doc/html/services_ntop.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ntop.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ntop.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -453332,7 +453332,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ntop.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ntp.html serefpolicy-3.3.1/doc/html/services_ntp.html
 --- nsaserefpolicy/doc/html/services_ntp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ntp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ntp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,791 @@
 +<html>
 +<head>
@@ -454127,7 +454127,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ntp.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nx.html serefpolicy-3.3.1/doc/html/services_nx.html
 --- nsaserefpolicy/doc/html/services_nx.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_nx.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_nx.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -454717,7 +454717,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_nx.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_oav.html serefpolicy-3.3.1/doc/html/services_oav.html
 --- nsaserefpolicy/doc/html/services_oav.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_oav.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_oav.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -455386,7 +455386,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_oav.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_oddjob.html serefpolicy-3.3.1/doc/html/services_oddjob.html
 --- nsaserefpolicy/doc/html/services_oddjob.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_oddjob.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_oddjob.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,814 @@
 +<html>
 +<head>
@@ -456204,7 +456204,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_oddjob.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_openca.html serefpolicy-3.3.1/doc/html/services_openca.html
 --- nsaserefpolicy/doc/html/services_openca.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_openca.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_openca.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,713 @@
 +<html>
 +<head>
@@ -456921,7 +456921,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_openca.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_openct.html serefpolicy-3.3.1/doc/html/services_openct.html
 --- nsaserefpolicy/doc/html/services_openct.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_openct.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_openct.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,754 @@
 +<html>
 +<head>
@@ -457679,7 +457679,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_openct.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_openvpn.html serefpolicy-3.3.1/doc/html/services_openvpn.html
 --- nsaserefpolicy/doc/html/services_openvpn.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_openvpn.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_openvpn.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,979 @@
 +<html>
 +<head>
@@ -458662,7 +458662,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_openvpn.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pcscd.html serefpolicy-3.3.1/doc/html/services_pcscd.html
 --- nsaserefpolicy/doc/html/services_pcscd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_pcscd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_pcscd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,670 @@
 +<html>
 +<head>
@@ -459336,7 +459336,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pcscd.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pegasus.html serefpolicy-3.3.1/doc/html/services_pegasus.html
 --- nsaserefpolicy/doc/html/services_pegasus.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_pegasus.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_pegasus.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -459878,7 +459878,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pegasus.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_perdition.html serefpolicy-3.3.1/doc/html/services_perdition.html
 --- nsaserefpolicy/doc/html/services_perdition.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_perdition.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_perdition.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -460468,7 +460468,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_perdition.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pki.html serefpolicy-3.3.1/doc/html/services_pki.html
 --- nsaserefpolicy/doc/html/services_pki.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_pki.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_pki.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1364 @@
 +<html>
 +<head>
@@ -461836,7 +461836,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pki.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_podsleuth.html serefpolicy-3.3.1/doc/html/services_podsleuth.html
 --- nsaserefpolicy/doc/html/services_podsleuth.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_podsleuth.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_podsleuth.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -462505,7 +462505,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_podsleuth.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_polkit.html serefpolicy-3.3.1/doc/html/services_polkit.html
 --- nsaserefpolicy/doc/html/services_polkit.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_polkit.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_polkit.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1014 @@
 +<html>
 +<head>
@@ -463523,7 +463523,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_polkit.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_portmap.html serefpolicy-3.3.1/doc/html/services_portmap.html
 --- nsaserefpolicy/doc/html/services_portmap.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_portmap.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_portmap.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,792 @@
 +<html>
 +<head>
@@ -464319,7 +464319,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_portmap.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_portslave.html serefpolicy-3.3.1/doc/html/services_portslave.html
 --- nsaserefpolicy/doc/html/services_portslave.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_portslave.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_portslave.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -464909,7 +464909,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_portslave.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postfix.html serefpolicy-3.3.1/doc/html/services_postfix.html
 --- nsaserefpolicy/doc/html/services_postfix.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_postfix.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_postfix.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1774 @@
 +<html>
 +<head>
@@ -466687,7 +466687,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postfix.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postfixpolicyd.html serefpolicy-3.3.1/doc/html/services_postfixpolicyd.html
 --- nsaserefpolicy/doc/html/services_postfixpolicyd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_postfixpolicyd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_postfixpolicyd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -467356,7 +467356,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postfixpol
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postgresql.html serefpolicy-3.3.1/doc/html/services_postgresql.html
 --- nsaserefpolicy/doc/html/services_postgresql.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_postgresql.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_postgresql.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1371 @@
 +<html>
 +<head>
@@ -468731,7 +468731,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postgresql
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postgrey.html serefpolicy-3.3.1/doc/html/services_postgrey.html
 --- nsaserefpolicy/doc/html/services_postgrey.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_postgrey.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_postgrey.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,749 @@
 +<html>
 +<head>
@@ -469484,7 +469484,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_postgrey.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ppp.html serefpolicy-3.3.1/doc/html/services_ppp.html
 --- nsaserefpolicy/doc/html/services_ppp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ppp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ppp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1414 @@
 +<html>
 +<head>
@@ -470902,7 +470902,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ppp.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_prelude.html serefpolicy-3.3.1/doc/html/services_prelude.html
 --- nsaserefpolicy/doc/html/services_prelude.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_prelude.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_prelude.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,917 @@
 +<html>
 +<head>
@@ -471823,7 +471823,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_prelude.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_privoxy.html serefpolicy-3.3.1/doc/html/services_privoxy.html
 --- nsaserefpolicy/doc/html/services_privoxy.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_privoxy.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_privoxy.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -472492,7 +472492,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_privoxy.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_procmail.html serefpolicy-3.3.1/doc/html/services_procmail.html
 --- nsaserefpolicy/doc/html/services_procmail.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_procmail.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_procmail.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,712 @@
 +<html>
 +<head>
@@ -473208,7 +473208,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_procmail.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_publicfile.html serefpolicy-3.3.1/doc/html/services_publicfile.html
 --- nsaserefpolicy/doc/html/services_publicfile.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_publicfile.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_publicfile.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -473750,7 +473750,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_publicfile
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pxe.html serefpolicy-3.3.1/doc/html/services_pxe.html
 --- nsaserefpolicy/doc/html/services_pxe.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_pxe.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_pxe.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -474292,7 +474292,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pxe.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pyzor.html serefpolicy-3.3.1/doc/html/services_pyzor.html
 --- nsaserefpolicy/doc/html/services_pyzor.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_pyzor.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_pyzor.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,856 @@
 +<html>
 +<head>
@@ -475152,7 +475152,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_pyzor.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_qmail.html serefpolicy-3.3.1/doc/html/services_qmail.html
 --- nsaserefpolicy/doc/html/services_qmail.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_qmail.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_qmail.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,887 @@
 +<html>
 +<head>
@@ -476043,7 +476043,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_qmail.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_radius.html serefpolicy-3.3.1/doc/html/services_radius.html
 --- nsaserefpolicy/doc/html/services_radius.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_radius.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_radius.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -476754,7 +476754,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_radius.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_radvd.html serefpolicy-3.3.1/doc/html/services_radvd.html
 --- nsaserefpolicy/doc/html/services_radvd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_radvd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_radvd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -477423,7 +477423,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_radvd.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_razor.html serefpolicy-3.3.1/doc/html/services_razor.html
 --- nsaserefpolicy/doc/html/services_razor.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_razor.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_razor.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,854 @@
 +<html>
 +<head>
@@ -478281,7 +478281,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_razor.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rdisc.html serefpolicy-3.3.1/doc/html/services_rdisc.html
 --- nsaserefpolicy/doc/html/services_rdisc.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rdisc.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rdisc.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -478871,7 +478871,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rdisc.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_remotelogin.html serefpolicy-3.3.1/doc/html/services_remotelogin.html
 --- nsaserefpolicy/doc/html/services_remotelogin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_remotelogin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_remotelogin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,628 @@
 +<html>
 +<head>
@@ -479503,7 +479503,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_remotelogi
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_resmgr.html serefpolicy-3.3.1/doc/html/services_resmgr.html
 --- nsaserefpolicy/doc/html/services_resmgr.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_resmgr.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_resmgr.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,587 @@
 +<html>
 +<head>
@@ -480094,7 +480094,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_resmgr.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rhgb.html serefpolicy-3.3.1/doc/html/services_rhgb.html
 --- nsaserefpolicy/doc/html/services_rhgb.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rhgb.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rhgb.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1007 @@
 +<html>
 +<head>
@@ -481105,7 +481105,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rhgb.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ricci.html serefpolicy-3.3.1/doc/html/services_ricci.html
 --- nsaserefpolicy/doc/html/services_ricci.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ricci.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ricci.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,924 @@
 +<html>
 +<head>
@@ -482033,7 +482033,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ricci.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rlogin.html serefpolicy-3.3.1/doc/html/services_rlogin.html
 --- nsaserefpolicy/doc/html/services_rlogin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rlogin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rlogin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -482623,7 +482623,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rlogin.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_roundup.html serefpolicy-3.3.1/doc/html/services_roundup.html
 --- nsaserefpolicy/doc/html/services_roundup.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_roundup.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_roundup.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,665 @@
 +<html>
 +<head>
@@ -483292,7 +483292,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_roundup.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rpcbind.html serefpolicy-3.3.1/doc/html/services_rpcbind.html
 --- nsaserefpolicy/doc/html/services_rpcbind.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rpcbind.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rpcbind.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,876 @@
 +<html>
 +<head>
@@ -484172,7 +484172,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rpcbind.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rpc.html serefpolicy-3.3.1/doc/html/services_rpc.html
 --- nsaserefpolicy/doc/html/services_rpc.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rpc.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rpc.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1275 @@
 +<html>
 +<head>
@@ -485451,7 +485451,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rpc.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rshd.html serefpolicy-3.3.1/doc/html/services_rshd.html
 --- nsaserefpolicy/doc/html/services_rshd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rshd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rshd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -486041,7 +486041,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rshd.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rsync.html serefpolicy-3.3.1/doc/html/services_rsync.html
 --- nsaserefpolicy/doc/html/services_rsync.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rsync.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rsync.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,815 @@
 +<html>
 +<head>
@@ -486860,7 +486860,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rsync.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rwho.html serefpolicy-3.3.1/doc/html/services_rwho.html
 --- nsaserefpolicy/doc/html/services_rwho.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_rwho.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_rwho.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,918 @@
 +<html>
 +<head>
@@ -487782,7 +487782,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_rwho.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_samba.html serefpolicy-3.3.1/doc/html/services_samba.html
 --- nsaserefpolicy/doc/html/services_samba.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_samba.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_samba.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2301 @@
 +<html>
 +<head>
@@ -490087,7 +490087,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_samba.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_sasl.html serefpolicy-3.3.1/doc/html/services_sasl.html
 --- nsaserefpolicy/doc/html/services_sasl.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_sasl.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_sasl.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,731 @@
 +<html>
 +<head>
@@ -490822,7 +490822,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_sasl.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_sendmail.html serefpolicy-3.3.1/doc/html/services_sendmail.html
 --- nsaserefpolicy/doc/html/services_sendmail.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_sendmail.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_sendmail.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1123 @@
 +<html>
 +<head>
@@ -491949,7 +491949,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_sendmail.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_setroubleshoot.html serefpolicy-3.3.1/doc/html/services_setroubleshoot.html
 --- nsaserefpolicy/doc/html/services_setroubleshoot.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_setroubleshoot.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_setroubleshoot.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,749 @@
 +<html>
 +<head>
@@ -492702,7 +492702,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_setroubles
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_slattach.html serefpolicy-3.3.1/doc/html/services_slattach.html
 --- nsaserefpolicy/doc/html/services_slattach.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_slattach.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_slattach.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -493292,7 +493292,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_slattach.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_slrnpull.html serefpolicy-3.3.1/doc/html/services_slrnpull.html
 --- nsaserefpolicy/doc/html/services_slrnpull.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_slrnpull.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_slrnpull.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,629 @@
 +<html>
 +<head>
@@ -493925,7 +493925,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_slrnpull.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_smartmon.html serefpolicy-3.3.1/doc/html/services_smartmon.html
 --- nsaserefpolicy/doc/html/services_smartmon.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_smartmon.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_smartmon.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -494636,7 +494636,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_smartmon.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_snmp.html serefpolicy-3.3.1/doc/html/services_snmp.html
 --- nsaserefpolicy/doc/html/services_snmp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_snmp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_snmp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,875 @@
 +<html>
 +<head>
@@ -495515,7 +495515,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_snmp.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_snort.html serefpolicy-3.3.1/doc/html/services_snort.html
 --- nsaserefpolicy/doc/html/services_snort.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_snort.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_snort.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,753 @@
 +<html>
 +<head>
@@ -496272,7 +496272,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_snort.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_soundserver.html serefpolicy-3.3.1/doc/html/services_soundserver.html
 --- nsaserefpolicy/doc/html/services_soundserver.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_soundserver.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_soundserver.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -496983,7 +496983,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_soundserve
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_spamassassin.html serefpolicy-3.3.1/doc/html/services_spamassassin.html
 --- nsaserefpolicy/doc/html/services_spamassassin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_spamassassin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_spamassassin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1567 @@
 +<html>
 +<head>
@@ -498554,7 +498554,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_spamassass
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_speedtouch.html serefpolicy-3.3.1/doc/html/services_speedtouch.html
 --- nsaserefpolicy/doc/html/services_speedtouch.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_speedtouch.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_speedtouch.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -499096,7 +499096,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_speedtouch
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_squid.html serefpolicy-3.3.1/doc/html/services_squid.html
 --- nsaserefpolicy/doc/html/services_squid.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_squid.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_squid.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1028 @@
 +<html>
 +<head>
@@ -500128,7 +500128,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_squid.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ssh.html serefpolicy-3.3.1/doc/html/services_ssh.html
 --- nsaserefpolicy/doc/html/services_ssh.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ssh.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ssh.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1335 @@
 +<html>
 +<head>
@@ -501467,7 +501467,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ssh.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_stunnel.html serefpolicy-3.3.1/doc/html/services_stunnel.html
 --- nsaserefpolicy/doc/html/services_stunnel.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_stunnel.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_stunnel.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,604 @@
 +<html>
 +<head>
@@ -502075,7 +502075,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_stunnel.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_sysstat.html serefpolicy-3.3.1/doc/html/services_sysstat.html
 --- nsaserefpolicy/doc/html/services_sysstat.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_sysstat.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_sysstat.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -502665,7 +502665,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_sysstat.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_tcpd.html serefpolicy-3.3.1/doc/html/services_tcpd.html
 --- nsaserefpolicy/doc/html/services_tcpd.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_tcpd.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_tcpd.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,647 @@
 +<html>
 +<head>
@@ -503316,7 +503316,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_tcpd.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_telnet.html serefpolicy-3.3.1/doc/html/services_telnet.html
 --- nsaserefpolicy/doc/html/services_telnet.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_telnet.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_telnet.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -503858,7 +503858,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_telnet.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_tftp.html serefpolicy-3.3.1/doc/html/services_tftp.html
 --- nsaserefpolicy/doc/html/services_tftp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_tftp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_tftp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,648 @@
 +<html>
 +<head>
@@ -504510,7 +504510,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_tftp.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_timidity.html serefpolicy-3.3.1/doc/html/services_timidity.html
 --- nsaserefpolicy/doc/html/services_timidity.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_timidity.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_timidity.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -505052,7 +505052,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_timidity.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_tor.html serefpolicy-3.3.1/doc/html/services_tor.html
 --- nsaserefpolicy/doc/html/services_tor.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_tor.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_tor.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,707 @@
 +<html>
 +<head>
@@ -505763,7 +505763,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_tor.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_transproxy.html serefpolicy-3.3.1/doc/html/services_transproxy.html
 --- nsaserefpolicy/doc/html/services_transproxy.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_transproxy.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_transproxy.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -506305,7 +506305,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_transproxy
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ucspitcp.html serefpolicy-3.3.1/doc/html/services_ucspitcp.html
 --- nsaserefpolicy/doc/html/services_ucspitcp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_ucspitcp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_ucspitcp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,608 @@
 +<html>
 +<head>
@@ -506917,7 +506917,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_ucspitcp.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_uptime.html serefpolicy-3.3.1/doc/html/services_uptime.html
 --- nsaserefpolicy/doc/html/services_uptime.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_uptime.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_uptime.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -507459,7 +507459,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_uptime.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_uucp.html serefpolicy-3.3.1/doc/html/services_uucp.html
 --- nsaserefpolicy/doc/html/services_uucp.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_uucp.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_uucp.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,751 @@
 +<html>
 +<head>
@@ -508214,7 +508214,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_uucp.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_uwimap.html serefpolicy-3.3.1/doc/html/services_uwimap.html
 --- nsaserefpolicy/doc/html/services_uwimap.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_uwimap.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_uwimap.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -508804,7 +508804,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_uwimap.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_w3c.html serefpolicy-3.3.1/doc/html/services_w3c.html
 --- nsaserefpolicy/doc/html/services_w3c.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_w3c.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_w3c.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,586 @@
 +<html>
 +<head>
@@ -509394,7 +509394,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_w3c.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_watchdog.html serefpolicy-3.3.1/doc/html/services_watchdog.html
 --- nsaserefpolicy/doc/html/services_watchdog.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_watchdog.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_watchdog.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -509936,7 +509936,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_watchdog.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_xfs.html serefpolicy-3.3.1/doc/html/services_xfs.html
 --- nsaserefpolicy/doc/html/services_xfs.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_xfs.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_xfs.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,672 @@
 +<html>
 +<head>
@@ -510612,7 +510612,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_xfs.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_xprint.html serefpolicy-3.3.1/doc/html/services_xprint.html
 --- nsaserefpolicy/doc/html/services_xprint.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_xprint.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_xprint.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,538 @@
 +<html>
 +<head>
@@ -511154,7 +511154,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_xprint.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_xserver.html serefpolicy-3.3.1/doc/html/services_xserver.html
 --- nsaserefpolicy/doc/html/services_xserver.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_xserver.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_xserver.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3783 @@
 +<html>
 +<head>
@@ -514941,7 +514941,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_xserver.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_zabbix.html serefpolicy-3.3.1/doc/html/services_zabbix.html
 --- nsaserefpolicy/doc/html/services_zabbix.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_zabbix.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_zabbix.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,834 @@
 +<html>
 +<head>
@@ -515779,7 +515779,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_zabbix.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_zebra.html serefpolicy-3.3.1/doc/html/services_zebra.html
 --- nsaserefpolicy/doc/html/services_zebra.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/services_zebra.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/services_zebra.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,731 @@
 +<html>
 +<head>
@@ -516514,7 +516514,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/services_zebra.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/style.css serefpolicy-3.3.1/doc/html/style.css
 --- nsaserefpolicy/doc/html/style.css	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/style.css	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/style.css	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,216 @@
 +body {
 +	margin:0px;
@@ -516734,7 +516734,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/style.css serefpoli
 +body>#Menu {width:160px;}
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_application.html serefpolicy-3.3.1/doc/html/system_application.html
 --- nsaserefpolicy/doc/html/system_application.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_application.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_application.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,417 @@
 +<html>
 +<head>
@@ -517155,7 +517155,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_application.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_authlogin.html serefpolicy-3.3.1/doc/html/system_authlogin.html
 --- nsaserefpolicy/doc/html/system_authlogin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_authlogin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_authlogin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3362 @@
 +<html>
 +<head>
@@ -520521,7 +520521,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_authlogin.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_clock.html serefpolicy-3.3.1/doc/html/system_clock.html
 --- nsaserefpolicy/doc/html/system_clock.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_clock.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_clock.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,434 @@
 +<html>
 +<head>
@@ -520959,7 +520959,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_clock.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_daemontools.html serefpolicy-3.3.1/doc/html/system_daemontools.html
 --- nsaserefpolicy/doc/html/system_daemontools.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_daemontools.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_daemontools.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,503 @@
 +<html>
 +<head>
@@ -521466,7 +521466,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_daemontools.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_fstools.html serefpolicy-3.3.1/doc/html/system_fstools.html
 --- nsaserefpolicy/doc/html/system_fstools.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_fstools.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_fstools.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,562 @@
 +<html>
 +<head>
@@ -522032,7 +522032,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_fstools.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_getty.html serefpolicy-3.3.1/doc/html/system_getty.html
 --- nsaserefpolicy/doc/html/system_getty.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_getty.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_getty.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,397 @@
 +<html>
 +<head>
@@ -522433,7 +522433,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_getty.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_hostname.html serefpolicy-3.3.1/doc/html/system_hostname.html
 --- nsaserefpolicy/doc/html/system_hostname.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_hostname.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_hostname.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,350 @@
 +<html>
 +<head>
@@ -522787,7 +522787,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_hostname.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_hotplug.html serefpolicy-3.3.1/doc/html/system_hotplug.html
 --- nsaserefpolicy/doc/html/system_hotplug.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_hotplug.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_hotplug.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,570 @@
 +<html>
 +<head>
@@ -523361,7 +523361,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_hotplug.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system.html serefpolicy-3.3.1/doc/html/system.html
 --- nsaserefpolicy/doc/html/system.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,350 @@
 +<html>
 +<head>
@@ -523715,7 +523715,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system.html serefpo
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_init.html serefpolicy-3.3.1/doc/html/system_init.html
 --- nsaserefpolicy/doc/html/system_init.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_init.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_init.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3317 @@
 +<html>
 +<head>
@@ -527036,7 +527036,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_init.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_ipsec.html serefpolicy-3.3.1/doc/html/system_ipsec.html
 --- nsaserefpolicy/doc/html/system_ipsec.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_ipsec.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_ipsec.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,728 @@
 +<html>
 +<head>
@@ -527768,7 +527768,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_ipsec.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_iptables.html serefpolicy-3.3.1/doc/html/system_iptables.html
 --- nsaserefpolicy/doc/html/system_iptables.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_iptables.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_iptables.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,350 @@
 +<html>
 +<head>
@@ -528122,7 +528122,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_iptables.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_iscsi.html serefpolicy-3.3.1/doc/html/system_iscsi.html
 --- nsaserefpolicy/doc/html/system_iscsi.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_iscsi.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_iscsi.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,229 @@
 +<html>
 +<head>
@@ -528355,7 +528355,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_iscsi.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_libraries.html serefpolicy-3.3.1/doc/html/system_libraries.html
 --- nsaserefpolicy/doc/html/system_libraries.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_libraries.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_libraries.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1300 @@
 +<html>
 +<head>
@@ -529659,7 +529659,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_libraries.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_locallogin.html serefpolicy-3.3.1/doc/html/system_locallogin.html
 --- nsaserefpolicy/doc/html/system_locallogin.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_locallogin.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_locallogin.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,481 @@
 +<html>
 +<head>
@@ -530144,7 +530144,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_locallogin.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_logging.html serefpolicy-3.3.1/doc/html/system_logging.html
 --- nsaserefpolicy/doc/html/system_logging.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_logging.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_logging.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2281 @@
 +<html>
 +<head>
@@ -532429,7 +532429,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_logging.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_lvm.html serefpolicy-3.3.1/doc/html/system_lvm.html
 --- nsaserefpolicy/doc/html/system_lvm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_lvm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_lvm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,391 @@
 +<html>
 +<head>
@@ -532824,7 +532824,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_lvm.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_miscfiles.html serefpolicy-3.3.1/doc/html/system_miscfiles.html
 --- nsaserefpolicy/doc/html/system_miscfiles.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_miscfiles.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_miscfiles.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1282 @@
 +<html>
 +<head>
@@ -534110,7 +534110,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_miscfiles.ht
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_modutils.html serefpolicy-3.3.1/doc/html/system_modutils.html
 --- nsaserefpolicy/doc/html/system_modutils.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_modutils.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_modutils.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,889 @@
 +<html>
 +<head>
@@ -535003,7 +535003,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_modutils.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_mount.html serefpolicy-3.3.1/doc/html/system_mount.html
 --- nsaserefpolicy/doc/html/system_mount.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_mount.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_mount.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,595 @@
 +<html>
 +<head>
@@ -535602,7 +535602,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_mount.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_netlabel.html serefpolicy-3.3.1/doc/html/system_netlabel.html
 --- nsaserefpolicy/doc/html/system_netlabel.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_netlabel.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_netlabel.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,308 @@
 +<html>
 +<head>
@@ -535914,7 +535914,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_netlabel.htm
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_pcmcia.html serefpolicy-3.3.1/doc/html/system_pcmcia.html
 --- nsaserefpolicy/doc/html/system_pcmcia.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_pcmcia.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_pcmcia.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,562 @@
 +<html>
 +<head>
@@ -536480,7 +536480,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_pcmcia.html 
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_qemu.html serefpolicy-3.3.1/doc/html/system_qemu.html
 --- nsaserefpolicy/doc/html/system_qemu.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_qemu.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_qemu.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,864 @@
 +<html>
 +<head>
@@ -537348,7 +537348,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_qemu.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_raid.html serefpolicy-3.3.1/doc/html/system_raid.html
 --- nsaserefpolicy/doc/html/system_raid.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_raid.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_raid.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,281 @@
 +<html>
 +<head>
@@ -537633,7 +537633,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_raid.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_selinuxutil.html serefpolicy-3.3.1/doc/html/system_selinuxutil.html
 --- nsaserefpolicy/doc/html/system_selinuxutil.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_selinuxutil.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_selinuxutil.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3130 @@
 +<html>
 +<head>
@@ -540767,7 +540767,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_selinuxutil.
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_setrans.html serefpolicy-3.3.1/doc/html/system_setrans.html
 --- nsaserefpolicy/doc/html/system_setrans.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_setrans.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_setrans.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,271 @@
 +<html>
 +<head>
@@ -541042,7 +541042,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_setrans.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_sysnetwork.html serefpolicy-3.3.1/doc/html/system_sysnetwork.html
 --- nsaserefpolicy/doc/html/system_sysnetwork.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_sysnetwork.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_sysnetwork.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1543 @@
 +<html>
 +<head>
@@ -542589,7 +542589,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_sysnetwork.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_udev.html serefpolicy-3.3.1/doc/html/system_udev.html
 --- nsaserefpolicy/doc/html/system_udev.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_udev.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_udev.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,525 @@
 +<html>
 +<head>
@@ -543118,7 +543118,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_udev.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_unconfined.html serefpolicy-3.3.1/doc/html/system_unconfined.html
 --- nsaserefpolicy/doc/html/system_unconfined.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_unconfined.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_unconfined.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1875 @@
 +<html>
 +<head>
@@ -544997,7 +544997,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_unconfined.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_userdomain.html serefpolicy-3.3.1/doc/html/system_userdomain.html
 --- nsaserefpolicy/doc/html/system_userdomain.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_userdomain.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_userdomain.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,12383 @@
 +<html>
 +<head>
@@ -557384,7 +557384,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_userdomain.h
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_virt.html serefpolicy-3.3.1/doc/html/system_virt.html
 --- nsaserefpolicy/doc/html/system_virt.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_virt.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_virt.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,896 @@
 +<html>
 +<head>
@@ -558284,7 +558284,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_virt.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_xen.html serefpolicy-3.3.1/doc/html/system_xen.html
 --- nsaserefpolicy/doc/html/system_xen.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/system_xen.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/system_xen.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,679 @@
 +<html>
 +<head>
@@ -558967,7 +558967,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/system_xen.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/templates.html serefpolicy-3.3.1/doc/html/templates.html
 --- nsaserefpolicy/doc/html/templates.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/templates.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/templates.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,8469 @@
 +<html>
 +<head>
@@ -567440,7 +567440,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/templates.html sere
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/tunables.html serefpolicy-3.3.1/doc/html/tunables.html
 --- nsaserefpolicy/doc/html/tunables.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/tunables.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/tunables.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3167 @@
 +<html>
 +<head>
@@ -570611,7 +570611,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/tunables.html seref
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_auditadm.html serefpolicy-3.3.1/doc/html/users_auditadm.html
 --- nsaserefpolicy/doc/html/users_auditadm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_auditadm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_auditadm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -570727,7 +570727,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_auditadm.html
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_guest.html serefpolicy-3.3.1/doc/html/users_guest.html
 --- nsaserefpolicy/doc/html/users_guest.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_guest.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_guest.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -570843,7 +570843,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_guest.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users.html serefpolicy-3.3.1/doc/html/users.html
 --- nsaserefpolicy/doc/html/users.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,161 @@
 +<html>
 +<head>
@@ -571008,7 +571008,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users.html serefpol
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_logadm.html serefpolicy-3.3.1/doc/html/users_logadm.html
 --- nsaserefpolicy/doc/html/users_logadm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_logadm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_logadm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -571124,7 +571124,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_logadm.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_secadm.html serefpolicy-3.3.1/doc/html/users_secadm.html
 --- nsaserefpolicy/doc/html/users_secadm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_secadm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_secadm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -571240,7 +571240,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_secadm.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_staff.html serefpolicy-3.3.1/doc/html/users_staff.html
 --- nsaserefpolicy/doc/html/users_staff.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_staff.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_staff.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -571356,7 +571356,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_staff.html se
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_user.html serefpolicy-3.3.1/doc/html/users_user.html
 --- nsaserefpolicy/doc/html/users_user.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_user.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_user.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -571472,7 +571472,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_user.html ser
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_webadm.html serefpolicy-3.3.1/doc/html/users_webadm.html
 --- nsaserefpolicy/doc/html/users_webadm.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_webadm.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_webadm.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,112 @@
 +<html>
 +<head>
@@ -571588,7 +571588,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_webadm.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_xguest.html serefpolicy-3.3.1/doc/html/users_xguest.html
 --- nsaserefpolicy/doc/html/users_xguest.html	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/doc/html/users_xguest.html	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/doc/html/users_xguest.html	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,166 @@
 +<html>
 +<head>
@@ -571758,7 +571758,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/doc/html/users_xguest.html s
 +</html>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.3.1/Makefile
 --- nsaserefpolicy/Makefile	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/Makefile	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/Makefile	2009-02-04 10:54:48.000000000 +0100
 @@ -235,7 +235,7 @@
  appdir := $(contextpath)
  user_default_contexts := $(wildcard config/appconfig-$(TYPE)/*_default_contexts)
@@ -571814,7 +571814,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.3.1/M
  	$(verbose) $(INSTALL) -m 644 $< $@
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/ftpd_selinux.8 serefpolicy-3.3.1/man/man8/ftpd_selinux.8
 --- nsaserefpolicy/man/man8/ftpd_selinux.8	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/man/man8/ftpd_selinux.8	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/man/man8/ftpd_selinux.8	2009-02-04 10:54:48.000000000 +0100
 @@ -1,52 +1,65 @@
 -.TH  "ftpd_selinux"  "8"  "17 Jan 2005" "dwalsh@redhat.com" "ftpd Selinux Policy documentation"
 +.TH  "ftpd_selinux"  "8"  "17 Jan 2005" "dwalsh@redhat.com" "ftpd SELinux policy documentation"
@@ -571922,7 +571922,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/ftpd_selinux.8 sere
 +selinux(8), ftpd(8), setsebool(8), semanage(8), restorecon(8)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/httpd_selinux.8 serefpolicy-3.3.1/man/man8/httpd_selinux.8
 --- nsaserefpolicy/man/man8/httpd_selinux.8	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/man/man8/httpd_selinux.8	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/man/man8/httpd_selinux.8	2009-02-04 10:54:48.000000000 +0100
 @@ -22,23 +22,19 @@
  .EX
  httpd_sys_content_t 
@@ -571954,7 +571954,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/man/man8/httpd_selinux.8 ser
  .EE 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/flask/access_vectors serefpolicy-3.3.1/policy/flask/access_vectors
 --- nsaserefpolicy/policy/flask/access_vectors	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/flask/access_vectors	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/flask/access_vectors	2009-02-04 10:54:48.000000000 +0100
 @@ -125,6 +125,7 @@
  	reparent
  	search
@@ -572241,7 +572241,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/flask/access_vectors 
 +}
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/flask/security_classes serefpolicy-3.3.1/policy/flask/security_classes
 --- nsaserefpolicy/policy/flask/security_classes	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/flask/security_classes	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/flask/security_classes	2009-02-04 10:54:48.000000000 +0100
 @@ -50,21 +50,19 @@
  # passwd/chfn/chsh
  class passwd			# userspace
@@ -572290,7 +572290,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/flask/security_classe
  # FLASK
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables serefpolicy-3.3.1/policy/global_tunables
 --- nsaserefpolicy/policy/global_tunables	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/global_tunables	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/global_tunables	2009-02-04 10:54:48.000000000 +0100
 @@ -34,7 +34,7 @@
  
  ## <desc>
@@ -572331,7 +572331,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/global_tunables seref
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mls serefpolicy-3.3.1/policy/mls
 --- nsaserefpolicy/policy/mls	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/mls	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/mls	2009-02-04 10:54:48.000000000 +0100
 @@ -371,78 +371,53 @@
  
  
@@ -572613,7 +572613,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/mls serefpolicy-3.3.1
  #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te serefpolicy-3.3.1/policy/modules/admin/alsa.te
 --- nsaserefpolicy/policy/modules/admin/alsa.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/alsa.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/alsa.te	2009-02-04 10:54:48.000000000 +0100
 @@ -48,6 +48,7 @@
  
  files_search_home(alsa_t)
@@ -572624,7 +572624,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/alsa.te
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.fc serefpolicy-3.3.1/policy/modules/admin/amanda.fc
 --- nsaserefpolicy/policy/modules/admin/amanda.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/amanda.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/amanda.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,6 +3,7 @@
  /etc/amanda/.*/tapelist(/.*)?		gen_context(system_u:object_r:amanda_data_t,s0)
  /etc/amandates				gen_context(system_u:object_r:amanda_amandates_t,s0)
@@ -572635,7 +572635,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.te serefpolicy-3.3.1/policy/modules/admin/amanda.te
 --- nsaserefpolicy/policy/modules/admin/amanda.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/amanda.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/amanda.te	2009-02-04 10:54:48.000000000 +0100
 @@ -82,8 +82,9 @@
  allow amanda_t amanda_config_t:file { getattr read };
  
@@ -572685,7 +572685,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/amanda.
  libs_use_shared_libs(amanda_recover_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anaconda.te serefpolicy-3.3.1/policy/modules/admin/anaconda.te
 --- nsaserefpolicy/policy/modules/admin/anaconda.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/anaconda.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/anaconda.te	2009-02-04 10:54:48.000000000 +0100
 @@ -31,15 +31,14 @@
  modutils_domtrans_insmod(anaconda_t)
  
@@ -572708,7 +572708,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/anacond
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.if serefpolicy-3.3.1/policy/modules/admin/bootloader.if
 --- nsaserefpolicy/policy/modules/admin/bootloader.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/bootloader.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/bootloader.if	2009-02-04 10:54:48.000000000 +0100
 @@ -49,6 +49,10 @@
  
  	role $2 types bootloader_t;
@@ -572722,7 +572722,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloa
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloader.te serefpolicy-3.3.1/policy/modules/admin/bootloader.te
 --- nsaserefpolicy/policy/modules/admin/bootloader.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/bootloader.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/bootloader.te	2009-02-04 10:54:48.000000000 +0100
 @@ -215,3 +215,7 @@
  	userdom_dontaudit_search_staff_home_dirs(bootloader_t)
  	userdom_dontaudit_search_sysadm_home_dirs(bootloader_t)
@@ -572733,7 +572733,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/bootloa
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/brctl.te serefpolicy-3.3.1/policy/modules/admin/brctl.te
 --- nsaserefpolicy/policy/modules/admin/brctl.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/brctl.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/brctl.te	2009-02-04 10:54:48.000000000 +0100
 @@ -33,6 +33,8 @@
  
  files_read_etc_files(brctl_t)
@@ -572745,7 +572745,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/brctl.t
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/certwatch.te serefpolicy-3.3.1/policy/modules/admin/certwatch.te
 --- nsaserefpolicy/policy/modules/admin/certwatch.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/certwatch.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/certwatch.te	2009-02-04 10:54:48.000000000 +0100
 @@ -18,6 +18,9 @@
  
  files_read_etc_files(certwatch_t)
@@ -572758,7 +572758,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/certwat
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/consoletype.te serefpolicy-3.3.1/policy/modules/admin/consoletype.te
 --- nsaserefpolicy/policy/modules/admin/consoletype.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/consoletype.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/consoletype.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,9 +8,11 @@
  
  type consoletype_t;
@@ -572784,7 +572784,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/console
  init_use_fds(consoletype_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/firstboot.if serefpolicy-3.3.1/policy/modules/admin/firstboot.if
 --- nsaserefpolicy/policy/modules/admin/firstboot.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/firstboot.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/firstboot.if	2009-02-04 10:54:48.000000000 +0100
 @@ -141,4 +141,6 @@
  	')
  
@@ -572794,7 +572794,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/firstbo
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/firstboot.te serefpolicy-3.3.1/policy/modules/admin/firstboot.te
 --- nsaserefpolicy/policy/modules/admin/firstboot.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/firstboot.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/firstboot.te	2009-02-04 10:54:48.000000000 +0100
 @@ -35,9 +35,6 @@
  
  allow firstboot_t firstboot_etc_t:file { getattr read };
@@ -572843,7 +572843,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/firstbo
  ') dnl end TODO
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.fc serefpolicy-3.3.1/policy/modules/admin/kismet.fc
 --- nsaserefpolicy/policy/modules/admin/kismet.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/kismet.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/kismet.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,4 @@
 +/usr/bin/kismet			--	gen_context(system_u:object_r:kismet_exec_t,s0)
 +/var/lib/kismet(/.*)?			gen_context(system_u:object_r:kismet_var_lib_t,s0)
@@ -572851,7 +572851,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +/var/run/kismet_server.pid	--	gen_context(system_u:object_r:kismet_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.if serefpolicy-3.3.1/policy/modules/admin/kismet.if
 --- nsaserefpolicy/policy/modules/admin/kismet.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/kismet.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/kismet.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,252 @@
 +## <summary>Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.</summary>
 +
@@ -573107,7 +573107,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.te serefpolicy-3.3.1/policy/modules/admin/kismet.te
 --- nsaserefpolicy/policy/modules/admin/kismet.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/kismet.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/kismet.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,77 @@
 +
 +policy_module(kismet, 1.0.2)
@@ -573188,7 +573188,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kudzu.te serefpolicy-3.3.1/policy/modules/admin/kudzu.te
 --- nsaserefpolicy/policy/modules/admin/kudzu.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/kudzu.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/kudzu.te	2009-02-04 10:54:48.000000000 +0100
 @@ -21,8 +21,8 @@
  # Local policy
  #
@@ -573249,7 +573249,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kudzu.t
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logrotate.te serefpolicy-3.3.1/policy/modules/admin/logrotate.te
 --- nsaserefpolicy/policy/modules/admin/logrotate.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/logrotate.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/logrotate.te	2009-02-04 10:54:48.000000000 +0100
 @@ -96,9 +96,11 @@
  files_read_etc_files(logrotate_t)
  files_read_etc_runtime_files(logrotate_t)
@@ -573273,7 +573273,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logrota
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logwatch.te serefpolicy-3.3.1/policy/modules/admin/logwatch.te
 --- nsaserefpolicy/policy/modules/admin/logwatch.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/logwatch.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/logwatch.te	2009-02-04 10:54:48.000000000 +0100
 @@ -43,6 +43,8 @@
  kernel_read_fs_sysctls(logwatch_t)
  kernel_read_kernel_sysctls(logwatch_t)
@@ -573332,7 +573332,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logwatc
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/mrtg.te serefpolicy-3.3.1/policy/modules/admin/mrtg.te
 --- nsaserefpolicy/policy/modules/admin/mrtg.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/mrtg.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/mrtg.te	2009-02-04 10:54:48.000000000 +0100
 @@ -78,6 +78,7 @@
  dev_read_urand(mrtg_t)
  
@@ -573398,7 +573398,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/mrtg.te
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutils.if serefpolicy-3.3.1/policy/modules/admin/netutils.if
 --- nsaserefpolicy/policy/modules/admin/netutils.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/netutils.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/netutils.if	2009-02-04 10:54:48.000000000 +0100
 @@ -124,6 +124,24 @@
  
  ########################################
@@ -573426,7 +573426,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutil
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutils.te serefpolicy-3.3.1/policy/modules/admin/netutils.te
 --- nsaserefpolicy/policy/modules/admin/netutils.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/netutils.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/netutils.te	2009-02-04 10:54:48.000000000 +0100
 @@ -50,6 +50,7 @@
  files_tmp_filetrans(netutils_t, netutils_tmp_t, { file dir })
  
@@ -573549,7 +573549,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/netutil
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/prelink.te serefpolicy-3.3.1/policy/modules/admin/prelink.te
 --- nsaserefpolicy/policy/modules/admin/prelink.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/prelink.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/prelink.te	2009-02-04 10:54:48.000000000 +0100
 @@ -26,7 +26,7 @@
  # Local policy
  #
@@ -573609,7 +573609,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/prelink
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahead.te serefpolicy-3.3.1/policy/modules/admin/readahead.te
 --- nsaserefpolicy/policy/modules/admin/readahead.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/readahead.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/readahead.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,7 +22,7 @@
  # Local policy
  #
@@ -573621,7 +573621,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/readahe
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.fc serefpolicy-3.3.1/policy/modules/admin/rpm.fc
 --- nsaserefpolicy/policy/modules/admin/rpm.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/rpm.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/rpm.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,5 @@
  
 +/usr/bin/rpm 			--	gen_context(system_u:object_r:rpm_exec_t,s0)
@@ -573658,7 +573658,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.fc 
  ifdef(`distro_suse', `
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.if serefpolicy-3.3.1/policy/modules/admin/rpm.if
 --- nsaserefpolicy/policy/modules/admin/rpm.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/rpm.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/rpm.if	2009-02-04 10:54:48.000000000 +0100
 @@ -152,6 +152,24 @@
  
  ########################################
@@ -573948,7 +573948,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.if 
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.te serefpolicy-3.3.1/policy/modules/admin/rpm.te
 --- nsaserefpolicy/policy/modules/admin/rpm.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/rpm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/rpm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -31,6 +31,9 @@
  files_type(rpm_var_lib_t)
  typealias rpm_var_lib_t alias var_lib_rpm_t;
@@ -574100,7 +574100,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/rpm.te 
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/sudo.if serefpolicy-3.3.1/policy/modules/admin/sudo.if
 --- nsaserefpolicy/policy/modules/admin/sudo.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/sudo.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/sudo.if	2009-02-04 10:54:48.000000000 +0100
 @@ -55,7 +55,7 @@
  	#
  
@@ -574210,7 +574210,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/sudo.if
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if serefpolicy-3.3.1/policy/modules/admin/su.if
 --- nsaserefpolicy/policy/modules/admin/su.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/su.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/su.if	2009-02-04 10:54:48.000000000 +0100
 @@ -41,15 +41,13 @@
  
  	allow $2 $1_su_t:process signal;
@@ -574371,7 +574371,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/su.if s
  #######################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreaper.te serefpolicy-3.3.1/policy/modules/admin/tmpreaper.te
 --- nsaserefpolicy/policy/modules/admin/tmpreaper.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/tmpreaper.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/tmpreaper.te	2009-02-04 10:54:48.000000000 +0100
 @@ -26,8 +26,12 @@
  files_read_etc_files(tmpreaper_t)
  files_read_var_lib_files(tmpreaper_t)
@@ -574422,7 +574422,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/tmpreap
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/usermanage.te serefpolicy-3.3.1/policy/modules/admin/usermanage.te
 --- nsaserefpolicy/policy/modules/admin/usermanage.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/usermanage.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/usermanage.te	2009-02-04 10:54:48.000000000 +0100
 @@ -97,6 +97,7 @@
  
  # allow checking if a shell is executable
@@ -574499,7 +574499,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/userman
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vbetool.te serefpolicy-3.3.1/policy/modules/admin/vbetool.te
 --- nsaserefpolicy/policy/modules/admin/vbetool.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/vbetool.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/vbetool.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,6 +23,9 @@
  dev_rwx_zero(vbetool_t)
  dev_read_sysfs(vbetool_t)
@@ -574521,7 +574521,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vbetool
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.fc serefpolicy-3.3.1/policy/modules/admin/vpn.fc
 --- nsaserefpolicy/policy/modules/admin/vpn.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/vpn.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/vpn.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -6,6 +6,7 @@
  #
  # /usr
@@ -574532,7 +574532,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.fc 
  /var/run/vpnc(/.*)?		gen_context(system_u:object_r:vpnc_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.if serefpolicy-3.3.1/policy/modules/admin/vpn.if
 --- nsaserefpolicy/policy/modules/admin/vpn.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/vpn.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/vpn.if	2009-02-04 10:54:48.000000000 +0100
 @@ -15,7 +15,7 @@
  		type vpnc_t, vpnc_exec_t;
  	')
@@ -574597,7 +574597,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.if 
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.te serefpolicy-3.3.1/policy/modules/admin/vpn.te
 --- nsaserefpolicy/policy/modules/admin/vpn.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/admin/vpn.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/admin/vpn.te	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,5 @@
  
 -policy_module(vpn,1.7.1)
@@ -574638,7 +574638,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/vpn.te 
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal.fc serefpolicy-3.3.1/policy/modules/apps/ethereal.fc
 --- nsaserefpolicy/policy/modules/apps/ethereal.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/ethereal.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/ethereal.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,4 @@
 -HOME_DIR/\.ethereal(/.*)? 		gen_context(system_u:object_r:ROLE_ethereal_home_t,s0)
 +HOME_DIR/\.ethereal(/.*)? 		gen_context(system_u:object_r:user_ethereal_home_t,s0)
@@ -574647,7 +574647,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal
  /usr/sbin/tethereal.*		--	gen_context(system_u:object_r:tethereal_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal.if serefpolicy-3.3.1/policy/modules/apps/ethereal.if
 --- nsaserefpolicy/policy/modules/apps/ethereal.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/ethereal.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/ethereal.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,6 +35,7 @@
  template(`ethereal_per_role_template',`
  
@@ -574705,7 +574705,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal
  #######################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal.te serefpolicy-3.3.1/policy/modules/apps/ethereal.te
 --- nsaserefpolicy/policy/modules/apps/ethereal.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/ethereal.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/ethereal.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,13 @@
  type tethereal_tmp_t;
  files_tmp_file(tethereal_tmp_t)
@@ -574722,7 +574722,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/ethereal
  # Tethereal policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/evolution.fc serefpolicy-3.3.1/policy/modules/apps/evolution.fc
 --- nsaserefpolicy/policy/modules/apps/evolution.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/evolution.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/evolution.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -2,13 +2,13 @@
  # HOME_DIR/
  #
@@ -574742,7 +574742,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/evolutio
  # /usr
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/evolution.if serefpolicy-3.3.1/policy/modules/apps/evolution.if
 --- nsaserefpolicy/policy/modules/apps/evolution.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/evolution.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/evolution.if	2009-02-04 10:54:48.000000000 +0100
 @@ -247,7 +247,7 @@
  
  	mta_read_config($1_evolution_t)
@@ -574781,7 +574781,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/evolutio
  		nscd_socket_use($1_evolution_webcal_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/games.if serefpolicy-3.3.1/policy/modules/apps/games.if
 --- nsaserefpolicy/policy/modules/apps/games.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/games.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/games.if	2009-02-04 10:54:48.000000000 +0100
 @@ -146,7 +146,7 @@
  	')
  
@@ -574817,7 +574817,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/games.if
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gift.fc serefpolicy-3.3.1/policy/modules/apps/gift.fc
 --- nsaserefpolicy/policy/modules/apps/gift.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gift.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gift.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,4 @@
 -HOME_DIR/\.giFT(/.*)?			gen_context(system_u:object_r:ROLE_gift_home_t,s0)
 +HOME_DIR/\.giFT(/.*)?			gen_context(system_u:object_r:user_gift_home_t,s0)
@@ -574826,7 +574826,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gift.fc 
  /usr/(local/)?bin/giftd		--	gen_context(system_u:object_r:giftd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gift.if serefpolicy-3.3.1/policy/modules/apps/gift.if
 --- nsaserefpolicy/policy/modules/apps/gift.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gift.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gift.if	2009-02-04 10:54:48.000000000 +0100
 @@ -43,9 +43,9 @@
  	application_domain($1_gift_t,gift_exec_t)
  	role $3 types $1_gift_t;
@@ -574900,7 +574900,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gift.if 
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gift.te serefpolicy-3.3.1/policy/modules/apps/gift.te
 --- nsaserefpolicy/policy/modules/apps/gift.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gift.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gift.te	2009-02-04 10:54:48.000000000 +0100
 @@ -11,3 +11,7 @@
  
  type giftd_exec_t;
@@ -574911,7 +574911,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gift.te 
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.fc serefpolicy-3.3.1/policy/modules/apps/gnome.fc
 --- nsaserefpolicy/policy/modules/apps/gnome.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gnome.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gnome.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,8 +1,8 @@
 -HOME_DIR/\.config/gtk-.*	gen_context(system_u:object_r:ROLE_gnome_home_t,s0)
 -HOME_DIR/\.gconf(d)?(/.*)?	gen_context(system_u:object_r:ROLE_gconf_home_t,s0)
@@ -574928,7 +574928,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.fc
  /usr/libexec/gconfd-2 	--	gen_context(system_u:object_r:gconfd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.if serefpolicy-3.3.1/policy/modules/apps/gnome.if
 --- nsaserefpolicy/policy/modules/apps/gnome.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gnome.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gnome.if	2009-02-04 10:54:48.000000000 +0100
 @@ -33,9 +33,60 @@
  ## </param>
  #
@@ -575164,7 +575164,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.if
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te serefpolicy-3.3.1/policy/modules/apps/gnome.te
 --- nsaserefpolicy/policy/modules/apps/gnome.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gnome.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gnome.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,8 +8,19 @@
  
  attribute gnomedomain;
@@ -575190,7 +575190,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gnome.te
 +typealias user_gconf_tmp_t alias unconfined_gconf_tmp_t;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.fc serefpolicy-3.3.1/policy/modules/apps/gpg.fc
 --- nsaserefpolicy/policy/modules/apps/gpg.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gpg.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gpg.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,9 +1,9 @@
 -HOME_DIR/\.gnupg(/.+)?		gen_context(system_u:object_r:ROLE_gpg_secret_t,s0)
 +HOME_DIR/\.gnupg(/.+)?		gen_context(system_u:object_r:user_gpg_secret_t,s0)
@@ -575207,7 +575207,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.fc s
 +/usr/lib(64)?/gnupg/gpgkeys.* --	gen_context(system_u:object_r:gpg_helper_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.if serefpolicy-3.3.1/policy/modules/apps/gpg.if
 --- nsaserefpolicy/policy/modules/apps/gpg.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gpg.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gpg.if	2009-02-04 10:54:48.000000000 +0100
 @@ -38,6 +38,10 @@
  	gen_require(`
  		type gpg_exec_t, gpg_helper_exec_t;
@@ -575533,7 +575533,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.if s
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te serefpolicy-3.3.1/policy/modules/apps/gpg.te
 --- nsaserefpolicy/policy/modules/apps/gpg.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/gpg.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/gpg.te	2009-02-04 10:54:48.000000000 +0100
 @@ -7,15 +7,243 @@
  #
  
@@ -575784,7 +575784,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.fc serefpolicy-3.3.1/policy/modules/apps/irc.fc
 --- nsaserefpolicy/policy/modules/apps/irc.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/irc.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/irc.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,7 +1,7 @@
  #
  # /home
@@ -575796,7 +575796,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.fc s
  # /usr
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.if serefpolicy-3.3.1/policy/modules/apps/irc.if
 --- nsaserefpolicy/policy/modules/apps/irc.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/irc.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/irc.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,6 +35,7 @@
  template(`irc_per_role_template',`
  	gen_require(`
@@ -575853,7 +575853,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.if s
  	domtrans_pattern($2,irc_exec_t,$1_irc_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.te serefpolicy-3.3.1/policy/modules/apps/irc.te
 --- nsaserefpolicy/policy/modules/apps/irc.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/irc.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/irc.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,3 +8,10 @@
  
  type irc_exec_t;
@@ -575867,7 +575867,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/irc.te s
 +	
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc serefpolicy-3.3.1/policy/modules/apps/java.fc
 --- nsaserefpolicy/policy/modules/apps/java.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/java.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/java.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,14 +3,15 @@
  #
  /opt/(.*/)?bin/java[^/]* --	gen_context(system_u:object_r:java_exec_t,s0)
@@ -575901,7 +575901,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc 
 +/usr/bin/octave-[^/]*  	--	gen_context(system_u:object_r:java_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if serefpolicy-3.3.1/policy/modules/apps/java.if
 --- nsaserefpolicy/policy/modules/apps/java.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/java.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/java.if	2009-02-04 10:54:48.000000000 +0100
 @@ -32,7 +32,7 @@
  ##	</summary>
  ## </param>
@@ -576169,7 +576169,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if 
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.te serefpolicy-3.3.1/policy/modules/apps/java.te
 --- nsaserefpolicy/policy/modules/apps/java.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/java.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/java.te	2009-02-04 10:54:48.000000000 +0100
 @@ -6,16 +6,10 @@
  # Declarations
  #
@@ -576222,13 +576222,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.te 
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.fc serefpolicy-3.3.1/policy/modules/apps/livecd.fc
 --- nsaserefpolicy/policy/modules/apps/livecd.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/livecd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/livecd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2 @@
 +
 +/usr/bin/livecd-creator	--	gen_context(system_u:object_r:livecd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.if serefpolicy-3.3.1/policy/modules/apps/livecd.if
 --- nsaserefpolicy/policy/modules/apps/livecd.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/livecd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/livecd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,56 @@
 +
 +## <summary>policy for livecd</summary>
@@ -576288,7 +576288,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.i
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.te serefpolicy-3.3.1/policy/modules/apps/livecd.te
 --- nsaserefpolicy/policy/modules/apps/livecd.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/livecd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/livecd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,22 @@
 +policy_module(livecd, 1.0.0)
 +
@@ -576314,7 +576314,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/livecd.t
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/loadkeys.te serefpolicy-3.3.1/policy/modules/apps/loadkeys.te
 --- nsaserefpolicy/policy/modules/apps/loadkeys.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/loadkeys.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/loadkeys.te	2009-02-04 10:54:48.000000000 +0100
 @@ -44,3 +44,7 @@
  optional_policy(`
  	nscd_dontaudit_search_pid(loadkeys_t)
@@ -576325,7 +576325,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/loadkeys
 +userdom_dontaudit_list_sysadm_home_dirs(loadkeys_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.if serefpolicy-3.3.1/policy/modules/apps/mono.if
 --- nsaserefpolicy/policy/modules/apps/mono.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mono.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mono.if	2009-02-04 10:54:48.000000000 +0100
 @@ -18,3 +18,122 @@
  	corecmd_search_bin($1)
  	domtrans_pattern($1, mono_exec_t, mono_t)
@@ -576451,7 +576451,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.if 
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.te serefpolicy-3.3.1/policy/modules/apps/mono.te
 --- nsaserefpolicy/policy/modules/apps/mono.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mono.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mono.te	2009-02-04 10:54:48.000000000 +0100
 @@ -15,7 +15,7 @@
  # Local policy
  #
@@ -576471,7 +576471,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.te 
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.fc serefpolicy-3.3.1/policy/modules/apps/mozilla.fc
 --- nsaserefpolicy/policy/modules/apps/mozilla.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mozilla.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mozilla.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,8 +1,8 @@
 -HOME_DIR/\.galeon(/.*)?			gen_context(system_u:object_r:ROLE_mozilla_home_t,s0)
 -HOME_DIR/\.java(/.*)?			gen_context(system_u:object_r:ROLE_mozilla_home_t,s0)
@@ -576502,7 +576502,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
 +/usr/lib64/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:mozilla_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.if serefpolicy-3.3.1/policy/modules/apps/mozilla.if
 --- nsaserefpolicy/policy/modules/apps/mozilla.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mozilla.if	2009-01-30 11:19:39.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mozilla.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,7 +35,10 @@
  template(`mozilla_per_role_template',`
  	gen_require(`
@@ -577003,7 +577003,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.te serefpolicy-3.3.1/policy/modules/apps/mozilla.te
 --- nsaserefpolicy/policy/modules/apps/mozilla.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mozilla.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mozilla.te	2009-02-04 10:54:48.000000000 +0100
 @@ -6,15 +6,19 @@
  # Declarations
  #
@@ -577033,7 +577033,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mplayer.fc serefpolicy-3.3.1/policy/modules/apps/mplayer.fc
 --- nsaserefpolicy/policy/modules/apps/mplayer.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mplayer.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mplayer.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,13 +1,8 @@
  #
 -# /etc
@@ -577051,7 +577051,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mplayer.
 +HOME_DIR/\.mplayer(/.*)?        gen_context(system_u:object_r:user_mplayer_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mplayer.if serefpolicy-3.3.1/policy/modules/apps/mplayer.if
 --- nsaserefpolicy/policy/modules/apps/mplayer.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mplayer.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mplayer.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,6 +35,7 @@
  template(`mplayer_per_role_template',`
  	gen_require(`
@@ -577202,7 +577202,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mplayer.
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mplayer.te serefpolicy-3.3.1/policy/modules/apps/mplayer.te
 --- nsaserefpolicy/policy/modules/apps/mplayer.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/mplayer.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/mplayer.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,3 +22,7 @@
  type mplayer_exec_t;
  corecmd_executable_file(mplayer_exec_t)
@@ -577213,7 +577213,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mplayer.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.fc serefpolicy-3.3.1/policy/modules/apps/nsplugin.fc
 --- nsaserefpolicy/policy/modules/apps/nsplugin.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/nsplugin.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/nsplugin.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,8 @@
 +
 +/usr/lib(64)?/nspluginwrapper/npviewer.bin	--	gen_context(system_u:object_r:nsplugin_exec_t,s0)
@@ -577225,7 +577225,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin
 +HOME_DIR/\.gstreamer-.*			gen_context(system_u:object_r:user_nsplugin_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.if serefpolicy-3.3.1/policy/modules/apps/nsplugin.if
 --- nsaserefpolicy/policy/modules/apps/nsplugin.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/nsplugin.if	2009-01-30 11:21:47.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/nsplugin.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,378 @@
 +
 +## <summary>policy for nsplugin</summary>
@@ -577607,7 +577607,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin.te serefpolicy-3.3.1/policy/modules/apps/nsplugin.te
 --- nsaserefpolicy/policy/modules/apps/nsplugin.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/nsplugin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/nsplugin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,235 @@
 +
 +policy_module(nsplugin,1.0.0)
@@ -577846,14 +577846,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/nsplugin
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.fc serefpolicy-3.3.1/policy/modules/apps/openoffice.fc
 --- nsaserefpolicy/policy/modules/apps/openoffice.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/openoffice.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/openoffice.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3 @@
 +/usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:openoffice_exec_t,s0)
 +/usr/lib64/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:openoffice_exec_t,s0)
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.if serefpolicy-3.3.1/policy/modules/apps/openoffice.if
 --- nsaserefpolicy/policy/modules/apps/openoffice.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/openoffice.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/openoffice.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,98 @@
 +## <summary>Openoffice</summary>
 +
@@ -577955,7 +577955,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffi
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffice.te serefpolicy-3.3.1/policy/modules/apps/openoffice.te
 --- nsaserefpolicy/policy/modules/apps/openoffice.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/openoffice.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/openoffice.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,14 @@
 +
 +policy_module(openoffice,1.0.0)
@@ -577973,7 +577973,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/openoffi
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.fc serefpolicy-3.3.1/policy/modules/apps/screen.fc
 --- nsaserefpolicy/policy/modules/apps/screen.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/screen.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/screen.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,7 +1,7 @@
  #
  # /home
@@ -577985,7 +577985,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.f
  # /usr
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.if serefpolicy-3.3.1/policy/modules/apps/screen.if
 --- nsaserefpolicy/policy/modules/apps/screen.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/screen.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/screen.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,6 +35,7 @@
  template(`screen_per_role_template',`
  	gen_require(`
@@ -578040,7 +578040,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.i
  	kernel_read_kernel_sysctls($1_screen_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.te serefpolicy-3.3.1/policy/modules/apps/screen.te
 --- nsaserefpolicy/policy/modules/apps/screen.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/screen.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/screen.te	2009-02-04 10:54:48.000000000 +0100
 @@ -11,3 +11,7 @@
  
  type screen_exec_t;
@@ -578051,7 +578051,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/screen.t
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/slocate.te serefpolicy-3.3.1/policy/modules/apps/slocate.te
 --- nsaserefpolicy/policy/modules/apps/slocate.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/slocate.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/slocate.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,7 +22,7 @@
  #
  
@@ -578071,7 +578071,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/slocate.
  files_read_etc_files(locate_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderbird.fc serefpolicy-3.3.1/policy/modules/apps/thunderbird.fc
 --- nsaserefpolicy/policy/modules/apps/thunderbird.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/thunderbird.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/thunderbird.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,4 +3,4 @@
  #
  /usr/bin/thunderbird.*			--	gen_context(system_u:object_r:thunderbird_exec_t,s0)
@@ -578080,7 +578080,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderb
 +HOME_DIR/\.thunderbird(/.*)?			gen_context(system_u:object_r:user_thunderbird_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderbird.if serefpolicy-3.3.1/policy/modules/apps/thunderbird.if
 --- nsaserefpolicy/policy/modules/apps/thunderbird.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/thunderbird.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/thunderbird.if	2009-02-04 10:54:48.000000000 +0100
 @@ -43,9 +43,9 @@
  	application_domain($1_thunderbird_t,thunderbird_exec_t)
  	role $3 types $1_thunderbird_t;
@@ -578139,7 +578139,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderb
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderbird.te serefpolicy-3.3.1/policy/modules/apps/thunderbird.te
 --- nsaserefpolicy/policy/modules/apps/thunderbird.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/thunderbird.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/thunderbird.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,3 +8,7 @@
  
  type thunderbird_exec_t;
@@ -578150,7 +578150,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/thunderb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/tvtime.if serefpolicy-3.3.1/policy/modules/apps/tvtime.if
 --- nsaserefpolicy/policy/modules/apps/tvtime.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/tvtime.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/tvtime.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,6 +35,7 @@
  template(`tvtime_per_role_template',`
  	gen_require(`
@@ -578228,7 +578228,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/tvtime.i
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/tvtime.te serefpolicy-3.3.1/policy/modules/apps/tvtime.te
 --- nsaserefpolicy/policy/modules/apps/tvtime.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/tvtime.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/tvtime.te	2009-02-04 10:54:48.000000000 +0100
 @@ -11,3 +11,9 @@
  
  type tvtime_dir_t;
@@ -578241,7 +578241,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/tvtime.t
 +files_tmp_file(user_tvtime_tmp_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/uml.fc serefpolicy-3.3.1/policy/modules/apps/uml.fc
 --- nsaserefpolicy/policy/modules/apps/uml.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/uml.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/uml.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,7 +1,7 @@
  #
  # HOME_DIR/
@@ -578253,7 +578253,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/uml.fc s
  # /usr
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/userhelper.if serefpolicy-3.3.1/policy/modules/apps/userhelper.if
 --- nsaserefpolicy/policy/modules/apps/userhelper.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/userhelper.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/userhelper.if	2009-02-04 10:54:48.000000000 +0100
 @@ -181,24 +181,6 @@
  		nscd_socket_use($1_userhelper_t)
  	')
@@ -578320,7 +578320,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/userhelp
  	allow $2 $1_userhelper_t:process sigchld;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/usernetctl.if serefpolicy-3.3.1/policy/modules/apps/usernetctl.if
 --- nsaserefpolicy/policy/modules/apps/usernetctl.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/usernetctl.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/usernetctl.if	2009-02-04 10:54:48.000000000 +0100
 @@ -63,4 +63,8 @@
  	optional_policy(`
  		modutils_run_insmod(usernetctl_t,$2,$3)
@@ -578332,7 +578332,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/usernetc
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/usernetctl.te serefpolicy-3.3.1/policy/modules/apps/usernetctl.te
 --- nsaserefpolicy/policy/modules/apps/usernetctl.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/usernetctl.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/usernetctl.te	2009-02-04 10:54:48.000000000 +0100
 @@ -49,15 +49,21 @@
  
  fs_search_auto_mountpoints(usernetctl_t)
@@ -578357,7 +578357,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/usernetc
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.fc serefpolicy-3.3.1/policy/modules/apps/vmware.fc
 --- nsaserefpolicy/policy/modules/apps/vmware.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/vmware.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/vmware.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,9 +1,9 @@
  #
  # HOME_DIR/
@@ -578408,7 +578408,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.f
 +/usr/lib/vmware-tools/sbin64/vmware.*	--	gen_context(system_u:object_r:vmware_host_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.if serefpolicy-3.3.1/policy/modules/apps/vmware.if
 --- nsaserefpolicy/policy/modules/apps/vmware.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/vmware.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/vmware.if	2009-02-04 10:54:48.000000000 +0100
 @@ -164,7 +164,7 @@
  	sysnet_dns_name_resolve($1_vmware_t)
  	sysnet_read_config($1_vmware_t)
@@ -578443,7 +578443,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.i
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.te serefpolicy-3.3.1/policy/modules/apps/vmware.te
 --- nsaserefpolicy/policy/modules/apps/vmware.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/vmware.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/vmware.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,17 +22,21 @@
  type vmware_var_run_t;
  files_pid_file(vmware_var_run_t)
@@ -578511,7 +578511,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/vmware.t
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.fc serefpolicy-3.3.1/policy/modules/apps/wine.fc
 --- nsaserefpolicy/policy/modules/apps/wine.fc	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/wine.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/wine.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,6 @@
  /usr/bin/wine			--	gen_context(system_u:object_r:wine_exec_t,s0)
  
@@ -578523,7 +578523,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.fc 
 +HOME_DIR/cxoffice/bin/wine.*	--	gen_context(system_u:object_r:wine_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.if serefpolicy-3.3.1/policy/modules/apps/wine.if
 --- nsaserefpolicy/policy/modules/apps/wine.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/wine.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/wine.if	2009-02-04 10:54:48.000000000 +0100
 @@ -49,3 +49,53 @@
  	role $2 types wine_t;
  	allow wine_t $3:chr_file rw_term_perms;
@@ -578580,7 +578580,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.if 
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.te serefpolicy-3.3.1/policy/modules/apps/wine.te
 --- nsaserefpolicy/policy/modules/apps/wine.te	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/apps/wine.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/apps/wine.te	2009-02-04 10:54:48.000000000 +0100
 @@ -9,6 +9,7 @@
  type wine_t;
  type wine_exec_t;
@@ -578612,7 +578612,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.te 
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corecommands.fc serefpolicy-3.3.1/policy/modules/kernel/corecommands.fc
 --- nsaserefpolicy/policy/modules/kernel/corecommands.fc	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/corecommands.fc	2009-01-30 15:50:10.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/corecommands.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -7,11 +7,11 @@
  /bin/d?ash			--	gen_context(system_u:object_r:shell_exec_t,s0)
  /bin/bash			--	gen_context(system_u:object_r:shell_exec_t,s0)
@@ -578730,7 +578730,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/coreco
 +/lib64/security/pam_krb5/pam_krb5_storetmp -- gen_context(system_u:object_r:bin_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corecommands.if serefpolicy-3.3.1/policy/modules/kernel/corecommands.if
 --- nsaserefpolicy/policy/modules/kernel/corecommands.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/corecommands.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/corecommands.if	2009-02-04 10:54:48.000000000 +0100
 @@ -875,6 +875,7 @@
  
  	read_lnk_files_pattern($1,bin_t,bin_t)
@@ -578741,7 +578741,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/coreco
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.if serefpolicy-3.3.1/policy/modules/kernel/corenetwork.if
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,60874 @@
 +#
 +# This is a generated file!  Instead of modifying this file, the
@@ -639619,7 +639619,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.if.in serefpolicy-3.3.1/policy/modules/kernel/corenetwork.if.in
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.if.in	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.if.in	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.if.in	2009-02-04 10:54:48.000000000 +0100
 @@ -1441,10 +1441,11 @@
  #
  interface(`corenet_tcp_bind_all_unreserved_ports',`
@@ -639650,7 +639650,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te serefpolicy-3.3.1/policy/modules/kernel/corenetwork.te
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,1754 @@
 +#
 +# This is a generated file!  Instead of modifying this file, the
@@ -641408,7 +641408,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
 +allow corenet_unconfined_type node_type:{ tcp_socket udp_socket rawip_socket } node_bind;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.3.1/policy/modules/kernel/corenetwork.te.in
 --- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.te.in	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/corenetwork.te.in	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,5 @@
  
 -policy_module(corenetwork,1.2.15)
@@ -641522,7 +641522,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
  network_port(xen, tcp,8002,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.fc serefpolicy-3.3.1/policy/modules/kernel/devices.fc
 --- nsaserefpolicy/policy/modules/kernel/devices.fc	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/devices.fc	2009-01-30 11:29:10.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/devices.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,7 +1,7 @@
  
  /dev			-d	gen_context(system_u:object_r:device_t,s0)
@@ -641651,7 +641651,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/device
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.if serefpolicy-3.3.1/policy/modules/kernel/devices.if
 --- nsaserefpolicy/policy/modules/kernel/devices.if	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/devices.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/devices.if	2009-02-04 10:54:48.000000000 +0100
 @@ -65,7 +65,7 @@
  
  	relabelfrom_dirs_pattern($1,device_t,device_node)
@@ -642078,7 +642078,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/device
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.te serefpolicy-3.3.1/policy/modules/kernel/devices.te
 --- nsaserefpolicy/policy/modules/kernel/devices.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/devices.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/devices.te	2009-02-04 10:54:48.000000000 +0100
 @@ -32,6 +32,12 @@
  type apm_bios_t;
  dev_node(apm_bios_t)
@@ -642146,7 +642146,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/device
  type power_device_t;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.if serefpolicy-3.3.1/policy/modules/kernel/domain.if
 --- nsaserefpolicy/policy/modules/kernel/domain.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/domain.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/domain.if	2009-02-04 10:54:48.000000000 +0100
 @@ -525,7 +525,7 @@
  	')
  
@@ -642196,7 +642196,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain
  ##	all protocols (TCP, UDP, etc)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.te serefpolicy-3.3.1/policy/modules/kernel/domain.te
 --- nsaserefpolicy/policy/modules/kernel/domain.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/domain.te	2009-01-30 14:32:50.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/domain.te	2009-02-04 10:54:48.000000000 +0100
 @@ -5,6 +5,13 @@
  #
  # Declarations
@@ -642271,7 +642271,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.fc serefpolicy-3.3.1/policy/modules/kernel/files.fc
 --- nsaserefpolicy/policy/modules/kernel/files.fc	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/files.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/files.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -32,6 +32,7 @@
  /boot/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
  /boot/lost\+found/.*		<<none>>
@@ -642282,7 +642282,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.
  # /emul
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.if serefpolicy-3.3.1/policy/modules/kernel/files.if
 --- nsaserefpolicy/policy/modules/kernel/files.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/files.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/files.if	2009-02-04 10:54:48.000000000 +0100
 @@ -110,6 +110,11 @@
  ## </param>
  #
@@ -642670,7 +642670,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.te serefpolicy-3.3.1/policy/modules/kernel/files.te
 --- nsaserefpolicy/policy/modules/kernel/files.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/files.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/files.te	2009-02-04 10:54:48.000000000 +0100
 @@ -50,11 +50,15 @@
  #
  # etc_t is the type of the system etc directories.
@@ -642710,7 +642710,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/files.
  #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.if serefpolicy-3.3.1/policy/modules/kernel/filesystem.if
 --- nsaserefpolicy/policy/modules/kernel/filesystem.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/filesystem.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/filesystem.if	2009-02-04 10:54:48.000000000 +0100
 @@ -310,6 +310,25 @@
  
  ########################################
@@ -643112,7 +643112,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesy
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesystem.te serefpolicy-3.3.1/policy/modules/kernel/filesystem.te
 --- nsaserefpolicy/policy/modules/kernel/filesystem.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/filesystem.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/filesystem.te	2009-02-04 10:54:48.000000000 +0100
 @@ -21,10 +21,11 @@
  
  # Use xattrs for the following filesystem types.
@@ -643176,7 +643176,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesy
  #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-3.3.1/policy/modules/kernel/kernel.if
 --- nsaserefpolicy/policy/modules/kernel/kernel.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/kernel.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/kernel.if	2009-02-04 10:54:48.000000000 +0100
 @@ -330,6 +330,11 @@
  
  	allow $1 self:capability sys_module;
@@ -643847,7 +643847,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.te serefpolicy-3.3.1/policy/modules/kernel/kernel.te
 --- nsaserefpolicy/policy/modules/kernel/kernel.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/kernel.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/kernel.te	2009-02-04 10:54:48.000000000 +0100
 @@ -45,6 +45,15 @@
  sid kernel gen_context(system_u:system_r:kernel_t,mls_systemhigh)
  
@@ -643940,7 +643940,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/mls.if serefpolicy-3.3.1/policy/modules/kernel/mls.if
 --- nsaserefpolicy/policy/modules/kernel/mls.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/mls.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/mls.if	2009-02-04 10:54:48.000000000 +0100
 @@ -612,6 +612,26 @@
  ########################################
  ## <summary>
@@ -643997,7 +643997,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/mls.if
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/selinux.if serefpolicy-3.3.1/policy/modules/kernel/selinux.if
 --- nsaserefpolicy/policy/modules/kernel/selinux.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/selinux.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/selinux.if	2009-02-04 10:54:48.000000000 +0100
 @@ -164,6 +164,7 @@
  		type security_t;
  	')
@@ -644118,7 +644118,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/selinu
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/selinux.te serefpolicy-3.3.1/policy/modules/kernel/selinux.te
 --- nsaserefpolicy/policy/modules/kernel/selinux.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/selinux.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/selinux.te	2009-02-04 10:54:48.000000000 +0100
 @@ -10,6 +10,7 @@
  attribute can_setenforce;
  attribute can_setsecparam;
@@ -644142,7 +644142,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/selinu
  neverallow ~{ selinux_unconfined_type can_setenforce } security_t:security setenforce;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storage.fc serefpolicy-3.3.1/policy/modules/kernel/storage.fc
 --- nsaserefpolicy/policy/modules/kernel/storage.fc	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/storage.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/storage.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -13,6 +13,7 @@
  /dev/cm20.*		-b	gen_context(system_u:object_r:removable_device_t,s0)
  /dev/dasd[^/]*		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
@@ -644178,7 +644178,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storag
  /dev/ataraid/.*		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storage.if serefpolicy-3.3.1/policy/modules/kernel/storage.if
 --- nsaserefpolicy/policy/modules/kernel/storage.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/storage.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/storage.if	2009-02-04 10:54:48.000000000 +0100
 @@ -81,6 +81,26 @@
  
  ########################################
@@ -644208,7 +644208,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storag
  ##	SELinux protections for filesystem objects, and
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-3.3.1/policy/modules/kernel/terminal.if
 --- nsaserefpolicy/policy/modules/kernel/terminal.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/kernel/terminal.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/kernel/terminal.if	2009-02-04 10:54:48.000000000 +0100
 @@ -525,11 +525,13 @@
  interface(`term_use_generic_ptys',`
  	gen_require(`
@@ -644237,7 +644237,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/termin
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/aide.if serefpolicy-3.3.1/policy/modules/services/aide.if
 --- nsaserefpolicy/policy/modules/services/aide.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/aide.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/aide.if	2009-02-04 10:54:48.000000000 +0100
 @@ -79,10 +79,12 @@
  
  	allow $1 aide_t:process { ptrace signal_perms };
@@ -644255,7 +644255,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/aide
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amavis.fc serefpolicy-3.3.1/policy/modules/services/amavis.fc
 --- nsaserefpolicy/policy/modules/services/amavis.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/amavis.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/amavis.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,6 +3,7 @@
  /etc/amavisd(/.*)?		--	gen_context(system_u:object_r:amavis_etc_t,s0)
  
@@ -644272,7 +644272,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amav
 +/etc/rc\.d/init\.d/amavis	--	gen_context(system_u:object_r:amavis_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amavis.if serefpolicy-3.3.1/policy/modules/services/amavis.if
 --- nsaserefpolicy/policy/modules/services/amavis.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/amavis.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/amavis.if	2009-02-04 10:54:48.000000000 +0100
 @@ -189,6 +189,25 @@
  
  ########################################
@@ -644346,7 +644346,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amav
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amavis.te serefpolicy-3.3.1/policy/modules/services/amavis.te
 --- nsaserefpolicy/policy/modules/services/amavis.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/amavis.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/amavis.te	2009-02-04 10:54:48.000000000 +0100
 @@ -13,7 +13,7 @@
  
  # configuration files
@@ -644377,7 +644377,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amav
  read_files_pattern(amavis_t,amavis_etc_t,amavis_etc_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.fc serefpolicy-3.3.1/policy/modules/services/apache.fc
 --- nsaserefpolicy/policy/modules/services/apache.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apache.fc	2009-01-30 11:13:39.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apache.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,28 +1,28 @@
 -HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_ROLE_content_t,s0)
 -
@@ -644474,7 +644474,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +/etc/rc\.d/init\.d/httpd	--	gen_context(system_u:object_r:httpd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.if serefpolicy-3.3.1/policy/modules/services/apache.if
 --- nsaserefpolicy/policy/modules/services/apache.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apache.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apache.if	2009-02-04 10:54:48.000000000 +0100
 @@ -13,21 +13,16 @@
  #
  template(`apache_content_template',`
@@ -645127,7 +645127,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.3.1/policy/modules/services/apache.te
 --- nsaserefpolicy/policy/modules/services/apache.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apache.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apache.te	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,8 @@
  # Declarations
  #
@@ -645769,7 +645769,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +manage_lnk_files_pattern(httpd_t,httpdcontent,httpd_rw_content)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcupsd.fc serefpolicy-3.3.1/policy/modules/services/apcupsd.fc
 --- nsaserefpolicy/policy/modules/services/apcupsd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apcupsd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apcupsd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -13,3 +13,5 @@
  /var/www/apcupsd/upsfstats\.cgi	--	gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
  /var/www/apcupsd/upsimage\.cgi	--	gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
@@ -645778,7 +645778,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcu
 +/etc/rc\.d/init\.d/apcupsd	--	gen_context(system_u:object_r:apcupsd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcupsd.if serefpolicy-3.3.1/policy/modules/services/apcupsd.if
 --- nsaserefpolicy/policy/modules/services/apcupsd.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apcupsd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apcupsd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -90,10 +90,102 @@
  ## </summary>
  ## </param>
@@ -645885,7 +645885,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcu
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcupsd.te serefpolicy-3.3.1/policy/modules/services/apcupsd.te
 --- nsaserefpolicy/policy/modules/services/apcupsd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apcupsd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apcupsd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,6 +22,9 @@
  type apcupsd_var_run_t;
  files_pid_file(apcupsd_var_run_t)
@@ -645910,7 +645910,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcu
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.te serefpolicy-3.3.1/policy/modules/services/apm.te
 --- nsaserefpolicy/policy/modules/services/apm.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/apm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/apm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -190,6 +190,10 @@
  	dbus_stub(apmd_t)
  
@@ -645924,7 +645924,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpwatch.fc serefpolicy-3.3.1/policy/modules/services/arpwatch.fc
 --- nsaserefpolicy/policy/modules/services/arpwatch.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/arpwatch.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/arpwatch.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -9,3 +9,5 @@
  #
  /var/arpwatch(/.*)?		gen_context(system_u:object_r:arpwatch_data_t,s0)
@@ -645933,7 +645933,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpw
 +/etc/rc\.d/init\.d/arpwatch	--	gen_context(system_u:object_r:arpwatch_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpwatch.if serefpolicy-3.3.1/policy/modules/services/arpwatch.if
 --- nsaserefpolicy/policy/modules/services/arpwatch.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/arpwatch.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/arpwatch.if	2009-02-04 10:54:48.000000000 +0100
 @@ -90,3 +90,73 @@
  
  	dontaudit $1 arpwatch_t:packet_socket { read write };
@@ -646010,7 +646010,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpw
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpwatch.te serefpolicy-3.3.1/policy/modules/services/arpwatch.te
 --- nsaserefpolicy/policy/modules/services/arpwatch.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/arpwatch.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/arpwatch.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,6 +19,9 @@
  type arpwatch_var_run_t;
  files_pid_file(arpwatch_var_run_t)
@@ -646023,7 +646023,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpw
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/asterisk.fc serefpolicy-3.3.1/policy/modules/services/asterisk.fc
 --- nsaserefpolicy/policy/modules/services/asterisk.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/asterisk.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/asterisk.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -6,3 +6,4 @@
  /var/log/asterisk(/.*)?		gen_context(system_u:object_r:asterisk_log_t,s0)
  /var/run/asterisk(/.*)?		gen_context(system_u:object_r:asterisk_var_run_t,s0)
@@ -646031,7 +646031,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/aste
 +/etc/rc\.d/init\.d/asterisk	--	gen_context(system_u:object_r:asterisk_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/asterisk.if serefpolicy-3.3.1/policy/modules/services/asterisk.if
 --- nsaserefpolicy/policy/modules/services/asterisk.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/asterisk.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/asterisk.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,83 @@
  ## <summary>Asterisk IP telephony server</summary>
 +
@@ -646118,7 +646118,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/aste
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/asterisk.te serefpolicy-3.3.1/policy/modules/services/asterisk.te
 --- nsaserefpolicy/policy/modules/services/asterisk.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/asterisk.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/asterisk.te	2009-02-04 10:54:48.000000000 +0100
 @@ -31,6 +31,9 @@
  type asterisk_var_run_t;
  files_pid_file(asterisk_var_run_t)
@@ -646131,7 +646131,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/aste
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.fc serefpolicy-3.3.1/policy/modules/services/automount.fc
 --- nsaserefpolicy/policy/modules/services/automount.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/automount.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/automount.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -12,4 +12,7 @@
  # /var
  #
@@ -646143,7 +646143,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/auto
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.if serefpolicy-3.3.1/policy/modules/services/automount.if
 --- nsaserefpolicy/policy/modules/services/automount.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/automount.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/automount.if	2009-02-04 10:54:48.000000000 +0100
 @@ -74,3 +74,109 @@
  
  	dontaudit $1 automount_tmp_t:dir getattr;
@@ -646256,7 +646256,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/auto
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/automount.te serefpolicy-3.3.1/policy/modules/services/automount.te
 --- nsaserefpolicy/policy/modules/services/automount.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/automount.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/automount.te	2009-02-04 11:09:17.000000000 +0100
 @@ -20,6 +20,9 @@
  files_tmp_file(automount_tmp_t)
  files_mountpoint(automount_tmp_t)
@@ -646326,18 +646326,19 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/auto
  libs_use_ld_so(automount_t)
  libs_use_shared_libs(automount_t)
  
-@@ -140,10 +156,6 @@
+@@ -139,10 +155,7 @@
+ 
  # Run mount in the mount_t domain.
  mount_domtrans(automount_t)
- 
+-
 -sysnet_dns_name_resolve(automount_t)
 -sysnet_use_ldap(automount_t)
 -sysnet_read_config(automount_t)
--
++mount_signal(automount_t)
+ 
  userdom_dontaudit_use_unpriv_user_fds(automount_t)
  userdom_dontaudit_search_sysadm_home_dirs(automount_t)
- 
-@@ -156,17 +168,18 @@
+@@ -156,17 +169,18 @@
  ')
  
  optional_policy(`
@@ -646361,7 +646362,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/auto
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avahi.fc serefpolicy-3.3.1/policy/modules/services/avahi.fc
 --- nsaserefpolicy/policy/modules/services/avahi.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/avahi.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/avahi.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,9 @@
 +/etc/rc\.d/init\.d/avahi.*	--	gen_context(system_u:object_r:avahi_initrc_exec_t,s0)
  
@@ -646374,7 +646375,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avah
  /var/run/avahi-daemon(/.*)? 		gen_context(system_u:object_r:avahi_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avahi.if serefpolicy-3.3.1/policy/modules/services/avahi.if
 --- nsaserefpolicy/policy/modules/services/avahi.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/avahi.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/avahi.if	2009-02-04 10:54:48.000000000 +0100
 @@ -2,6 +2,103 @@
  
  ########################################
@@ -646527,7 +646528,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avah
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avahi.te serefpolicy-3.3.1/policy/modules/services/avahi.te
 --- nsaserefpolicy/policy/modules/services/avahi.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/avahi.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/avahi.te	2009-02-04 10:54:48.000000000 +0100
 @@ -10,6 +10,12 @@
  type avahi_exec_t;
  init_daemon_domain(avahi_t,avahi_exec_t)
@@ -646579,7 +646580,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/avah
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.fc serefpolicy-3.3.1/policy/modules/services/bind.fc
 --- nsaserefpolicy/policy/modules/services/bind.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bind.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bind.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -49,3 +49,5 @@
  /var/named/chroot/var/log/named.*	--	gen_context(system_u:object_r:named_log_t,s0)
  /var/named/dynamic(/.*)?		gen_context(system_u:object_r:named_cache_t,s0)
@@ -646588,7 +646589,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind
 +/etc/rc\.d/init\.d/named	--	gen_context(system_u:object_r:named_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.if serefpolicy-3.3.1/policy/modules/services/bind.if
 --- nsaserefpolicy/policy/modules/services/bind.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bind.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bind.if	2009-02-04 10:54:48.000000000 +0100
 @@ -38,6 +38,42 @@
  
  ########################################
@@ -646729,7 +646730,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind.te serefpolicy-3.3.1/policy/modules/services/bind.te
 --- nsaserefpolicy/policy/modules/services/bind.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bind.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bind.te	2009-02-04 10:54:48.000000000 +0100
 @@ -53,6 +53,9 @@
  init_system_domain(ndc_t,ndc_exec_t)
  role system_r types ndc_t;
@@ -646768,7 +646769,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind
  domain_use_interactive_fds(ndc_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitlbee.fc serefpolicy-3.3.1/policy/modules/services/bitlbee.fc
 --- nsaserefpolicy/policy/modules/services/bitlbee.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bitlbee.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bitlbee.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,3 +1,6 @@
  /usr/sbin/bitlbee	--	gen_context(system_u:object_r:bitlbee_exec_t,s0)
  /etc/bitlbee(/.*)?		gen_context(system_u:object_r:bitlbee_conf_t,s0)
@@ -646778,7 +646779,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitl
 +/etc/rc\.d/init\.d/bitlbee	--	gen_context(system_u:object_r:bitlbee_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitlbee.if serefpolicy-3.3.1/policy/modules/services/bitlbee.if
 --- nsaserefpolicy/policy/modules/services/bitlbee.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bitlbee.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bitlbee.if	2009-02-04 10:54:48.000000000 +0100
 @@ -20,3 +20,70 @@
  	allow $1 bitlbee_conf_t:file { read getattr };
  ')
@@ -646852,7 +646853,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitl
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitlbee.te serefpolicy-3.3.1/policy/modules/services/bitlbee.te
 --- nsaserefpolicy/policy/modules/services/bitlbee.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bitlbee.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bitlbee.te	2009-02-04 10:54:48.000000000 +0100
 @@ -17,6 +17,12 @@
  type bitlbee_var_t;
  files_type(bitlbee_var_t)
@@ -646906,7 +646907,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bitl
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.fc serefpolicy-3.3.1/policy/modules/services/bluetooth.fc
 --- nsaserefpolicy/policy/modules/services/bluetooth.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bluetooth.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bluetooth.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -22,3 +22,8 @@
  #
  /var/lib/bluetooth(/.*)?	gen_context(system_u:object_r:bluetooth_var_lib_t,s0)
@@ -646918,7 +646919,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/blue
 +/etc/rc\.d/init\.d/pand	--	gen_context(system_u:object_r:bluetooth_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.if serefpolicy-3.3.1/policy/modules/services/bluetooth.if
 --- nsaserefpolicy/policy/modules/services/bluetooth.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bluetooth.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bluetooth.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,7 +35,7 @@
  template(`bluetooth_per_role_template',`
  	gen_require(`
@@ -647028,7 +647029,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/blue
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bluetooth.te serefpolicy-3.3.1/policy/modules/services/bluetooth.te
 --- nsaserefpolicy/policy/modules/services/bluetooth.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/bluetooth.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/bluetooth.te	2009-02-04 10:54:48.000000000 +0100
 @@ -32,19 +32,22 @@
  type bluetooth_var_run_t;
  files_pid_file(bluetooth_var_run_t)
@@ -647099,7 +647100,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/blue
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/canna.fc serefpolicy-3.3.1/policy/modules/services/canna.fc
 --- nsaserefpolicy/policy/modules/services/canna.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/canna.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/canna.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -20,3 +20,5 @@
  /var/run/\.iroha_unix	-d	gen_context(system_u:object_r:canna_var_run_t,s0)
  /var/run/\.iroha_unix/.* -s	gen_context(system_u:object_r:canna_var_run_t,s0)
@@ -647108,7 +647109,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cann
 +/etc/rc\.d/init\.d/canna	--	gen_context(system_u:object_r:canna_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/canna.if serefpolicy-3.3.1/policy/modules/services/canna.if
 --- nsaserefpolicy/policy/modules/services/canna.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/canna.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/canna.if	2009-02-04 10:54:48.000000000 +0100
 @@ -18,3 +18,74 @@
  	files_search_pids($1)
  	stream_connect_pattern($1,canna_var_run_t,canna_var_run_t,canna_t)
@@ -647186,7 +647187,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cann
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/canna.te serefpolicy-3.3.1/policy/modules/services/canna.te
 --- nsaserefpolicy/policy/modules/services/canna.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/canna.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/canna.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,6 +19,9 @@
  type canna_var_run_t;
  files_pid_file(canna_var_run_t)
@@ -647199,7 +647200,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cann
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.fc serefpolicy-3.3.1/policy/modules/services/clamav.fc
 --- nsaserefpolicy/policy/modules/services/clamav.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/clamav.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/clamav.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -5,16 +5,18 @@
  /usr/bin/freshclam		--	gen_context(system_u:object_r:freshclam_exec_t,s0)
  
@@ -647226,7 +647227,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
 +/etc/rc\.d/init\.d/clamd-wrapper	--	gen_context(system_u:object_r:clamd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.if serefpolicy-3.3.1/policy/modules/services/clamav.if
 --- nsaserefpolicy/policy/modules/services/clamav.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/clamav.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/clamav.if	2009-02-04 10:54:48.000000000 +0100
 @@ -38,6 +38,27 @@
  
  ########################################
@@ -647374,7 +647375,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.te serefpolicy-3.3.1/policy/modules/services/clamav.te
 --- nsaserefpolicy/policy/modules/services/clamav.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/clamav.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/clamav.te	2009-02-04 10:54:48.000000000 +0100
 @@ -13,7 +13,7 @@
  
  # configuration files
@@ -647464,7 +647465,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.fc serefpolicy-3.3.1/policy/modules/services/consolekit.fc
 --- nsaserefpolicy/policy/modules/services/consolekit.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/consolekit.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/consolekit.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,3 +1,6 @@
  /usr/sbin/console-kit-daemon	--	gen_context(system_u:object_r:consolekit_exec_t,s0)
  
@@ -647474,7 +647475,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cons
 +/var/log/ConsoleKit(/.*)?	gen_context(system_u:object_r:consolekit_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.if serefpolicy-3.3.1/policy/modules/services/consolekit.if
 --- nsaserefpolicy/policy/modules/services/consolekit.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/consolekit.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/consolekit.if	2009-02-04 10:54:48.000000000 +0100
 @@ -38,3 +38,24 @@
  	allow $1 consolekit_t:dbus send_msg;
  	allow consolekit_t $1:dbus send_msg;
@@ -647502,7 +647503,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cons
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.3.1/policy/modules/services/consolekit.te
 --- nsaserefpolicy/policy/modules/services/consolekit.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/consolekit.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/consolekit.te	2009-02-04 10:54:48.000000000 +0100
 @@ -13,6 +13,9 @@
  type consolekit_var_run_t;
  files_pid_file(consolekit_var_run_t)
@@ -647620,7 +647621,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cons
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.fc serefpolicy-3.3.1/policy/modules/services/courier.fc
 --- nsaserefpolicy/policy/modules/services/courier.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/courier.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/courier.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,5 @@
  /etc/courier(/.*)?				gen_context(system_u:object_r:courier_etc_t,s0)
 +/etc/authlib(/.*)?				gen_context(system_u:object_r:courier_etc_t,s0)
@@ -647656,7 +647657,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cour
 +/var/spool/authdaemon(/.*)?		gen_context(system_u:object_r:courier_spool_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.if serefpolicy-3.3.1/policy/modules/services/courier.if
 --- nsaserefpolicy/policy/modules/services/courier.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/courier.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/courier.if	2009-02-04 10:54:48.000000000 +0100
 @@ -123,3 +123,77 @@
  
  	domtrans_pattern($1, courier_pop_exec_t, courier_pop_t)
@@ -647737,7 +647738,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cour
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.te serefpolicy-3.3.1/policy/modules/services/courier.te
 --- nsaserefpolicy/policy/modules/services/courier.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/courier.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/courier.te	2009-02-04 10:54:48.000000000 +0100
 @@ -9,7 +9,10 @@
  courier_domain_template(authdaemon)
  
@@ -647770,7 +647771,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cour
  # Calendar (PCP) local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.fc serefpolicy-3.3.1/policy/modules/services/cron.fc
 --- nsaserefpolicy/policy/modules/services/cron.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cron.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cron.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -17,6 +17,8 @@
  /var/run/fcron\.fifo		-s	gen_context(system_u:object_r:crond_var_run_t,s0)
  /var/run/fcron\.pid		--	gen_context(system_u:object_r:crond_var_run_t,s0)
@@ -647787,7 +647788,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron
 +/var/lib/misc(/.*)?			gen_context(system_u:object_r:system_crond_var_lib_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.if serefpolicy-3.3.1/policy/modules/services/cron.if
 --- nsaserefpolicy/policy/modules/services/cron.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cron.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cron.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,38 +35,24 @@
  #
  template(`cron_per_role_template',`
@@ -648142,7 +648143,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-3.3.1/policy/modules/services/cron.te
 --- nsaserefpolicy/policy/modules/services/cron.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cron.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cron.te	2009-02-04 10:54:48.000000000 +0100
 @@ -12,14 +12,6 @@
  
  ## <desc>
@@ -648420,7 +648421,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron
 -') dnl end TODO
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.fc serefpolicy-3.3.1/policy/modules/services/cups.fc
 --- nsaserefpolicy/policy/modules/services/cups.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cups.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cups.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,24 +8,35 @@
  /etc/cups/ppd/.*	--	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
  /etc/cups/ppds\.dat	--	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
@@ -648492,7 +648493,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 +/usr/lib/cups/backend/cups-pdf	--	gen_context(system_u:object_r:cups_pdf_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.if serefpolicy-3.3.1/policy/modules/services/cups.if
 --- nsaserefpolicy/policy/modules/services/cups.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cups.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cups.if	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,30 @@
  
  ########################################
@@ -648652,7 +648653,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.3.1/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cups.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cups.te	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,9 @@
  type cupsd_etc_t;
  files_config_file(cupsd_etc_t)
@@ -649049,7 +649050,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.fc serefpolicy-3.3.1/policy/modules/services/cvs.fc
 --- nsaserefpolicy/policy/modules/services/cvs.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cvs.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cvs.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -5,3 +5,6 @@
  
  /var/cvs(/.*)?		gen_context(system_u:object_r:cvs_data_t,s0)
@@ -649059,7 +649060,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.
 +/var/www/cgi-bin/cvsweb\.cgi	--	gen_context(system_u:object_r:httpd_cvs_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.if serefpolicy-3.3.1/policy/modules/services/cvs.if
 --- nsaserefpolicy/policy/modules/services/cvs.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cvs.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cvs.if	2009-02-04 10:54:48.000000000 +0100
 @@ -36,3 +36,72 @@
  
  	can_exec($1,cvs_exec_t)
@@ -649135,7 +649136,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.te serefpolicy-3.3.1/policy/modules/services/cvs.te
 --- nsaserefpolicy/policy/modules/services/cvs.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cvs.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cvs.te	2009-02-04 10:54:48.000000000 +0100
 @@ -28,6 +28,9 @@
  type cvs_var_run_t;
  files_pid_file(cvs_var_run_t)
@@ -649191,7 +649192,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.
 +files_tmp_filetrans(httpd_cvs_script_t, cvs_tmp_t, { file dir })
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyphesis.fc serefpolicy-3.3.1/policy/modules/services/cyphesis.fc
 --- nsaserefpolicy/policy/modules/services/cyphesis.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cyphesis.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cyphesis.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,6 @@
 +
 +/usr/bin/cyphesis		--	gen_context(system_u:object_r:cyphesis_exec_t,s0)
@@ -649201,7 +649202,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyph
 +/var/run/cyphesis(/.*)?		gen_context(system_u:object_r:cyphesis_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyphesis.if serefpolicy-3.3.1/policy/modules/services/cyphesis.if
 --- nsaserefpolicy/policy/modules/services/cyphesis.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cyphesis.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cyphesis.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,19 @@
 +## <summary>policy for cyphesis</summary>
 +
@@ -649224,7 +649225,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyph
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyphesis.te serefpolicy-3.3.1/policy/modules/services/cyphesis.te
 --- nsaserefpolicy/policy/modules/services/cyphesis.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cyphesis.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cyphesis.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,92 @@
 +policy_module(cyphesis,1.0.0)
 +
@@ -649320,7 +649321,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyph
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyrus.fc serefpolicy-3.3.1/policy/modules/services/cyrus.fc
 --- nsaserefpolicy/policy/modules/services/cyrus.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cyrus.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cyrus.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -2,3 +2,5 @@
  /usr/lib(64)?/cyrus-imapd/cyrus-master	--	gen_context(system_u:object_r:cyrus_exec_t,s0)
  
@@ -649329,7 +649330,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyru
 +/etc/rc\.d/init\.d/cyrus	--	gen_context(system_u:object_r:cyrus_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyrus.if serefpolicy-3.3.1/policy/modules/services/cyrus.if
 --- nsaserefpolicy/policy/modules/services/cyrus.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cyrus.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cyrus.if	2009-02-04 10:54:48.000000000 +0100
 @@ -39,3 +39,74 @@
  	files_search_var_lib($1)
  	stream_connect_pattern($1,cyrus_var_lib_t,cyrus_var_lib_t,cyrus_t)
@@ -649407,7 +649408,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyru
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyrus.te serefpolicy-3.3.1/policy/modules/services/cyrus.te
 --- nsaserefpolicy/policy/modules/services/cyrus.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/cyrus.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/cyrus.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,6 +19,9 @@
  type cyrus_var_run_t;
  files_pid_file(cyrus_var_run_t)
@@ -649420,7 +649421,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyru
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.fc serefpolicy-3.3.1/policy/modules/services/dbus.fc
 --- nsaserefpolicy/policy/modules/services/dbus.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dbus.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dbus.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,6 +4,9 @@
  /usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:system_dbusd_exec_t,s0)
  /bin/dbus-daemon 	--	gen_context(system_u:object_r:system_dbusd_exec_t,s0)
@@ -649433,7 +649434,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
  /var/run/dbus(/.*)?		gen_context(system_u:object_r:system_dbusd_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.3.1/policy/modules/services/dbus.if
 --- nsaserefpolicy/policy/modules/services/dbus.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dbus.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dbus.if	2009-02-04 10:54:48.000000000 +0100
 @@ -53,6 +53,7 @@
  	gen_require(`
  		type system_dbusd_exec_t, system_dbusd_t, dbusd_etc_t;
@@ -649722,7 +649723,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.3.1/policy/modules/services/dbus.te
 --- nsaserefpolicy/policy/modules/services/dbus.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dbus.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dbus.te	2009-02-04 10:54:48.000000000 +0100
 @@ -9,9 +9,10 @@
  #
  # Delcarations
@@ -649845,7 +649846,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.if serefpolicy-3.3.1/policy/modules/services/dcc.if
 --- nsaserefpolicy/policy/modules/services/dcc.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dcc.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dcc.if	2009-02-04 10:54:48.000000000 +0100
 @@ -72,6 +72,24 @@
  
  ########################################
@@ -649873,7 +649874,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.te serefpolicy-3.3.1/policy/modules/services/dcc.te
 --- nsaserefpolicy/policy/modules/services/dcc.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dcc.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dcc.te	2009-02-04 10:54:48.000000000 +0100
 @@ -105,6 +105,8 @@
  files_read_etc_files(cdcc_t)
  files_read_etc_runtime_files(cdcc_t)
@@ -650035,7 +650036,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ddclient.fc serefpolicy-3.3.1/policy/modules/services/ddclient.fc
 --- nsaserefpolicy/policy/modules/services/ddclient.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ddclient.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ddclient.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -9,3 +9,5 @@
  /var/log/ddtcd\.log.*	--	gen_context(system_u:object_r:ddclient_log_t,s0)
  /var/run/ddclient\.pid	--	gen_context(system_u:object_r:ddclient_var_run_t,s0)
@@ -650044,7 +650045,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ddcl
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ddclient.if serefpolicy-3.3.1/policy/modules/services/ddclient.if
 --- nsaserefpolicy/policy/modules/services/ddclient.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ddclient.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ddclient.if	2009-02-04 10:54:48.000000000 +0100
 @@ -18,3 +18,81 @@
  	corecmd_search_bin($1)
  	domtrans_pattern($1, ddclient_exec_t, ddclient_t)
@@ -650129,7 +650130,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ddcl
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ddclient.te serefpolicy-3.3.1/policy/modules/services/ddclient.te
 --- nsaserefpolicy/policy/modules/services/ddclient.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ddclient.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ddclient.te	2009-02-04 10:54:48.000000000 +0100
 @@ -11,7 +11,7 @@
  init_daemon_domain(ddclient_t,ddclient_exec_t)
  
@@ -650151,7 +650152,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ddcl
  # Declarations
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp.fc serefpolicy-3.3.1/policy/modules/services/dhcp.fc
 --- nsaserefpolicy/policy/modules/services/dhcp.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dhcp.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dhcp.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -5,3 +5,6 @@
  /var/lib/dhcp(3)?/dhcpd\.leases.* --	gen_context(system_u:object_r:dhcpd_state_t,s0)
  
@@ -650161,7 +650162,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp.if serefpolicy-3.3.1/policy/modules/services/dhcp.if
 --- nsaserefpolicy/policy/modules/services/dhcp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dhcp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dhcp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -19,3 +19,71 @@
  	sysnet_search_dhcp_state($1)
  	allow $1 dhcpd_state_t:file setattr;
@@ -650236,7 +650237,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp.te serefpolicy-3.3.1/policy/modules/services/dhcp.te
 --- nsaserefpolicy/policy/modules/services/dhcp.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dhcp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dhcp.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,18 +19,20 @@
  type dhcpd_var_run_t;
  files_pid_file(dhcpd_var_run_t)
@@ -650302,7 +650303,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dhcp
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dictd.fc serefpolicy-3.3.1/policy/modules/services/dictd.fc
 --- nsaserefpolicy/policy/modules/services/dictd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dictd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dictd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,3 +4,6 @@
  /usr/sbin/dictd		--	gen_context(system_u:object_r:dictd_exec_t,s0)
  
@@ -650312,7 +650313,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dict
 +/etc/rc\.d/init\.d/dictd	--	gen_context(system_u:object_r:dictd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dictd.if serefpolicy-3.3.1/policy/modules/services/dictd.if
 --- nsaserefpolicy/policy/modules/services/dictd.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dictd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dictd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -14,3 +14,73 @@
  interface(`dictd_tcp_connect',`
  	refpolicywarn(`$0($*) has been deprecated.')
@@ -650389,7 +650390,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dict
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dictd.te serefpolicy-3.3.1/policy/modules/services/dictd.te
 --- nsaserefpolicy/policy/modules/services/dictd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dictd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dictd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,12 @@
  type dictd_var_lib_t alias var_lib_dictd_t;
  files_type(dictd_var_lib_t)
@@ -650415,7 +650416,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dict
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsmasq.fc serefpolicy-3.3.1/policy/modules/services/dnsmasq.fc
 --- nsaserefpolicy/policy/modules/services/dnsmasq.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dnsmasq.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dnsmasq.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,7 @@
  /usr/sbin/dnsmasq		--	gen_context(system_u:object_r:dnsmasq_exec_t,s0)
  
@@ -650426,7 +650427,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsm
 +/etc/rc\.d/init\.d/dnsmasq	--	gen_context(system_u:object_r:dnsmasq_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsmasq.if serefpolicy-3.3.1/policy/modules/services/dnsmasq.if
 --- nsaserefpolicy/policy/modules/services/dnsmasq.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dnsmasq.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dnsmasq.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,144 @@
  ## <summary>dnsmasq DNS forwarder and DHCP server</summary>
 +
@@ -650574,7 +650575,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsm
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsmasq.te serefpolicy-3.3.1/policy/modules/services/dnsmasq.te
 --- nsaserefpolicy/policy/modules/services/dnsmasq.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dnsmasq.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dnsmasq.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,9 @@
  type dnsmasq_var_run_t;
  files_pid_file(dnsmasq_var_run_t)
@@ -650622,7 +650623,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dnsm
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.fc serefpolicy-3.3.1/policy/modules/services/dovecot.fc
 --- nsaserefpolicy/policy/modules/services/dovecot.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dovecot.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dovecot.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -17,23 +17,24 @@
  
  ifdef(`distro_debian', `
@@ -650655,7 +650656,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dove
 +/etc/rc\.d/init\.d/dovecot	--	gen_context(system_u:object_r:dovecot_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.if serefpolicy-3.3.1/policy/modules/services/dovecot.if
 --- nsaserefpolicy/policy/modules/services/dovecot.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dovecot.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dovecot.if	2009-02-04 10:54:48.000000000 +0100
 @@ -21,7 +21,46 @@
  
  ########################################
@@ -650796,7 +650797,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dove
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-3.3.1/policy/modules/services/dovecot.te
 --- nsaserefpolicy/policy/modules/services/dovecot.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/dovecot.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/dovecot.te	2009-02-04 10:54:48.000000000 +0100
 @@ -15,6 +15,15 @@
  domain_entry_file(dovecot_auth_t,dovecot_auth_exec_t)
  role system_r types dovecot_auth_t;
@@ -650953,7 +650954,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dove
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/exim.if serefpolicy-3.3.1/policy/modules/services/exim.if
 --- nsaserefpolicy/policy/modules/services/exim.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/exim.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/exim.if	2009-02-04 10:54:48.000000000 +0100
 @@ -97,6 +97,26 @@
  
  ########################################
@@ -651007,7 +651008,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/exim
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/exim.te serefpolicy-3.3.1/policy/modules/services/exim.te
 --- nsaserefpolicy/policy/modules/services/exim.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/exim.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/exim.te	2009-02-04 10:54:48.000000000 +0100
 @@ -21,9 +21,20 @@
  ## </desc>
  gen_tunable(exim_manage_user_files,false)
@@ -651196,7 +651197,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/exim
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.fc serefpolicy-3.3.1/policy/modules/services/fail2ban.fc
 --- nsaserefpolicy/policy/modules/services/fail2ban.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/fail2ban.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/fail2ban.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,3 +1,8 @@
  /usr/bin/fail2ban	--	gen_context(system_u:object_r:fail2ban_exec_t,s0)
 +/usr/bin/fail2ban-server --	gen_context(system_u:object_r:fail2ban_exec_t,s0)
@@ -651209,7 +651210,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.if serefpolicy-3.3.1/policy/modules/services/fail2ban.if
 --- nsaserefpolicy/policy/modules/services/fail2ban.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/fail2ban.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/fail2ban.if	2009-02-04 10:54:48.000000000 +0100
 @@ -78,3 +78,68 @@
  	files_search_pids($1)
  	allow $1 fail2ban_var_run_t:file read_file_perms;
@@ -651281,7 +651282,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.te serefpolicy-3.3.1/policy/modules/services/fail2ban.te
 --- nsaserefpolicy/policy/modules/services/fail2ban.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/fail2ban.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/fail2ban.te	2009-02-04 10:54:48.000000000 +0100
 @@ -18,6 +18,9 @@
  type fail2ban_var_run_t;
  files_pid_file(fail2ban_var_run_t)
@@ -651355,7 +651356,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetchmail.fc serefpolicy-3.3.1/policy/modules/services/fetchmail.fc
 --- nsaserefpolicy/policy/modules/services/fetchmail.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/fetchmail.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/fetchmail.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -17,3 +17,4 @@
  
  /var/run/fetchmail/.*		--	gen_context(system_u:object_r:fetchmail_var_run_t,s0)
@@ -651363,7 +651364,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetc
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetchmail.if serefpolicy-3.3.1/policy/modules/services/fetchmail.if
 --- nsaserefpolicy/policy/modules/services/fetchmail.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/fetchmail.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/fetchmail.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,44 @@
  ## <summary>Remote-mail retrieval and forwarding utility</summary>
 +
@@ -651411,7 +651412,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetc
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetchmail.te serefpolicy-3.3.1/policy/modules/services/fetchmail.te
 --- nsaserefpolicy/policy/modules/services/fetchmail.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/fetchmail.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/fetchmail.te	2009-02-04 10:54:48.000000000 +0100
 @@ -14,7 +14,7 @@
  files_pid_file(fetchmail_var_run_t)
  
@@ -651434,7 +651435,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetc
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.fc serefpolicy-3.3.1/policy/modules/services/ftp.fc
 --- nsaserefpolicy/policy/modules/services/ftp.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ftp.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ftp.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -27,3 +27,6 @@
  /var/log/vsftpd.*	--	gen_context(system_u:object_r:xferlog_t,s0)
  /var/log/xferlog.*	--	gen_context(system_u:object_r:xferlog_t,s0)
@@ -651444,7 +651445,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
 +/etc/rc\.d/init\.d/proftpd	--	gen_context(system_u:object_r:ftp_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.if serefpolicy-3.3.1/policy/modules/services/ftp.if
 --- nsaserefpolicy/policy/modules/services/ftp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ftp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ftp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -28,11 +28,13 @@
  		type ftpd_t;
  	')
@@ -651563,7 +651564,25 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-3.3.1/policy/modules/services/ftp.te
 --- nsaserefpolicy/policy/modules/services/ftp.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ftp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ftp.te	2009-02-04 10:56:21.000000000 +0100
+@@ -26,7 +26,7 @@
+ ## <desc>
+ ## <p>
+ ## Allow ftp servers to use cifs
+-## used for public file transfer services.
++## for public file transfer services.
+ ## </p>
+ ## </desc>
+ gen_tunable(allow_ftpd_use_cifs,false)
+@@ -34,7 +34,7 @@
+ ## <desc>
+ ## <p>
+ ## Allow ftp servers to use nfs
+-## used for public file transfer services.
++## for public file transfer services.
+ ## </p>
+ ## </desc>
+ gen_tunable(allow_ftpd_use_nfs,false)
 @@ -75,6 +75,9 @@
  type xferlog_t;
  logging_log_file(xferlog_t)
@@ -651644,13 +651663,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gamin.fc serefpolicy-3.3.1/policy/modules/services/gamin.fc
 --- nsaserefpolicy/policy/modules/services/gamin.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gamin.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gamin.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2 @@
 +
 +/usr/libexec/gam_server	--	gen_context(system_u:object_r:gamin_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gamin.if serefpolicy-3.3.1/policy/modules/services/gamin.if
 --- nsaserefpolicy/policy/modules/services/gamin.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gamin.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gamin.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,57 @@
 +
 +## <summary>policy for gamin</summary>
@@ -651711,7 +651730,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gami
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gamin.te serefpolicy-3.3.1/policy/modules/services/gamin.te
 --- nsaserefpolicy/policy/modules/services/gamin.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gamin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gamin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,42 @@
 +policy_module(gamin,1.0.0)
 +
@@ -651757,14 +651776,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gami
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.fc serefpolicy-3.3.1/policy/modules/services/gnomeclock.fc
 --- nsaserefpolicy/policy/modules/services/gnomeclock.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3 @@
 +
 +/usr/libexec/gnome-clock-applet-mechanism	--	gen_context(system_u:object_r:gnomeclock_exec_t,s0)
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.if serefpolicy-3.3.1/policy/modules/services/gnomeclock.if
 --- nsaserefpolicy/policy/modules/services/gnomeclock.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,75 @@
 +
 +## <summary>policy for gnomeclock</summary>
@@ -651843,7 +651862,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnom
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnomeclock.te serefpolicy-3.3.1/policy/modules/services/gnomeclock.te
 --- nsaserefpolicy/policy/modules/services/gnomeclock.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gnomeclock.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,55 @@
 +policy_module(gnomeclock,1.0.0)
 +########################################
@@ -651902,7 +651921,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gnom
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gpm.te serefpolicy-3.3.1/policy/modules/services/gpm.te
 --- nsaserefpolicy/policy/modules/services/gpm.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/gpm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/gpm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -41,8 +41,8 @@
  allow gpm_t gpm_var_run_t:file manage_file_perms;
  files_pid_filetrans(gpm_t,gpm_var_run_t,file)
@@ -651916,7 +651935,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/gpm.
  kernel_read_kernel_sysctls(gpm_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.fc serefpolicy-3.3.1/policy/modules/services/hal.fc
 --- nsaserefpolicy/policy/modules/services/hal.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/hal.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/hal.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,6 +8,8 @@
  /usr/libexec/hal-hotplug-map 		--	gen_context(system_u:object_r:hald_exec_t,s0)
  /usr/libexec/hal-system-sonypic	 	--	gen_context(system_u:object_r:hald_sonypic_exec_t,s0)
@@ -651944,7 +651963,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.if serefpolicy-3.3.1/policy/modules/services/hal.if
 --- nsaserefpolicy/policy/modules/services/hal.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/hal.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/hal.if	2009-02-04 10:54:48.000000000 +0100
 @@ -302,3 +302,42 @@
  	files_search_pids($1)
  	allow $1 hald_var_run_t:file rw_file_perms;
@@ -651990,7 +652009,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.3.1/policy/modules/services/hal.te
 --- nsaserefpolicy/policy/modules/services/hal.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/hal.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/hal.te	2009-02-04 10:54:48.000000000 +0100
 @@ -49,6 +49,9 @@
  type hald_var_lib_t;
  files_type(hald_var_lib_t)
@@ -652231,7 +652250,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inetd.fc serefpolicy-3.3.1/policy/modules/services/inetd.fc
 --- nsaserefpolicy/policy/modules/services/inetd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/inetd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/inetd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,6 +1,8 @@
  
  /usr/sbin/identd	--	gen_context(system_u:object_r:inetd_child_exec_t,s0)
@@ -652243,7 +652262,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inet
  /usr/sbin/xinetd	--	gen_context(system_u:object_r:inetd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inetd.if serefpolicy-3.3.1/policy/modules/services/inetd.if
 --- nsaserefpolicy/policy/modules/services/inetd.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/inetd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/inetd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -115,6 +115,10 @@
  
  	allow $1 inetd_t:tcp_socket rw_stream_socket_perms;
@@ -652257,7 +652276,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inet
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inetd.te serefpolicy-3.3.1/policy/modules/services/inetd.te
 --- nsaserefpolicy/policy/modules/services/inetd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/inetd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/inetd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -30,6 +30,10 @@
  type inetd_child_var_run_t;
  files_pid_file(inetd_child_var_run_t)
@@ -652313,7 +652332,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inet
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.fc serefpolicy-3.3.1/policy/modules/services/inn.fc
 --- nsaserefpolicy/policy/modules/services/inn.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/inn.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/inn.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -64,3 +64,5 @@
  /var/run/news(/.*)?	 		gen_context(system_u:object_r:innd_var_run_t,s0)
  
@@ -652322,7 +652341,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.
 +/etc/rc\.d/init\.d/innd		--	gen_context(system_u:object_r:innd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.if serefpolicy-3.3.1/policy/modules/services/inn.if
 --- nsaserefpolicy/policy/modules/services/inn.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/inn.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/inn.if	2009-02-04 10:54:48.000000000 +0100
 @@ -54,8 +54,7 @@
  	')
  
@@ -652416,7 +652435,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.te serefpolicy-3.3.1/policy/modules/services/inn.te
 --- nsaserefpolicy/policy/modules/services/inn.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/inn.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/inn.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,7 +22,10 @@
  files_pid_file(innd_var_run_t)
  
@@ -652431,7 +652450,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.
  #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/jabber.fc serefpolicy-3.3.1/policy/modules/services/jabber.fc
 --- nsaserefpolicy/policy/modules/services/jabber.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/jabber.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/jabber.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -2,3 +2,4 @@
  
  /var/lib/jabber(/.*)?		gen_context(system_u:object_r:jabberd_var_lib_t,s0)
@@ -652439,7 +652458,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/jabb
 +/etc/rc\.d/init\.d/jabber	--	gen_context(system_u:object_r:jabber_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/jabber.if serefpolicy-3.3.1/policy/modules/services/jabber.if
 --- nsaserefpolicy/policy/modules/services/jabber.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/jabber.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/jabber.if	2009-02-04 10:54:48.000000000 +0100
 @@ -13,3 +13,73 @@
  interface(`jabber_tcp_connect',`
  	refpolicywarn(`$0($*) has been deprecated.')
@@ -652516,7 +652535,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/jabb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/jabber.te serefpolicy-3.3.1/policy/modules/services/jabber.te
 --- nsaserefpolicy/policy/modules/services/jabber.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/jabber.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/jabber.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,6 +19,9 @@
  type jabberd_var_run_t;
  files_pid_file(jabberd_var_run_t)
@@ -652529,7 +652548,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/jabb
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.fc serefpolicy-3.3.1/policy/modules/services/kerberos.fc
 --- nsaserefpolicy/policy/modules/services/kerberos.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/kerberos.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/kerberos.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -7,12 +7,22 @@
  
  /usr/(local/)?(kerberos/)?sbin/krb5kdc -- gen_context(system_u:object_r:krb5kdc_exec_t,s0)
@@ -652555,7 +652574,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerb
 +/etc/rc\.d/init\.d/krb5kdc	--	gen_context(system_u:object_r:kerberos_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.if serefpolicy-3.3.1/policy/modules/services/kerberos.if
 --- nsaserefpolicy/policy/modules/services/kerberos.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/kerberos.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/kerberos.if	2009-02-04 10:54:48.000000000 +0100
 @@ -23,6 +23,25 @@
  
  ########################################
@@ -652840,7 +652859,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerberos.te serefpolicy-3.3.1/policy/modules/services/kerberos.te
 --- nsaserefpolicy/policy/modules/services/kerberos.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/kerberos.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/kerberos.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,7 @@
  type kadmind_t;
  type kadmind_exec_t;
@@ -653032,7 +653051,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerb
 +kerberos_use(kpropd_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerneloops.fc serefpolicy-3.3.1/policy/modules/services/kerneloops.fc
 --- nsaserefpolicy/policy/modules/services/kerneloops.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/kerneloops.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/kerneloops.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,4 @@
 +
 +/usr/sbin/kerneloops	--	gen_context(system_u:object_r:kerneloops_exec_t,s0)
@@ -653040,7 +653059,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kern
 +/etc/rc\.d/init\.d/kerneloops	--	gen_context(system_u:object_r:kerneloops_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerneloops.if serefpolicy-3.3.1/policy/modules/services/kerneloops.if
 --- nsaserefpolicy/policy/modules/services/kerneloops.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/kerneloops.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/kerneloops.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,140 @@
 +
 +## <summary>policy for kerneloops</summary>
@@ -653184,7 +653203,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kern
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kerneloops.te serefpolicy-3.3.1/policy/modules/services/kerneloops.te
 --- nsaserefpolicy/policy/modules/services/kerneloops.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/kerneloops.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/kerneloops.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,63 @@
 +policy_module(kerneloops,1.0.0)
 +
@@ -653251,7 +653270,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/kern
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap.fc serefpolicy-3.3.1/policy/modules/services/ldap.fc
 --- nsaserefpolicy/policy/modules/services/ldap.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ldap.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ldap.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -14,3 +14,5 @@
  /var/run/openldap(/.*)?		gen_context(system_u:object_r:slapd_var_run_t,s0)
  /var/run/slapd\.args	--	gen_context(system_u:object_r:slapd_var_run_t,s0)
@@ -653260,7 +653279,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap
 +/etc/rc\.d/init\.d/ldap	--	gen_context(system_u:object_r:ldap_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap.if serefpolicy-3.3.1/policy/modules/services/ldap.if
 --- nsaserefpolicy/policy/modules/services/ldap.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ldap.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ldap.if	2009-02-04 10:54:48.000000000 +0100
 @@ -73,3 +73,80 @@
  	allow $1 slapd_var_run_t:sock_file write;
  	allow $1 slapd_t:unix_stream_socket connectto;
@@ -653344,7 +653363,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap.te serefpolicy-3.3.1/policy/modules/services/ldap.te
 --- nsaserefpolicy/policy/modules/services/ldap.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ldap.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ldap.te	2009-02-04 10:54:48.000000000 +0100
 @@ -31,6 +31,9 @@
  type slapd_var_run_t;
  files_pid_file(slapd_var_run_t)
@@ -653357,7 +653376,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lpd.fc serefpolicy-3.3.1/policy/modules/services/lpd.fc
 --- nsaserefpolicy/policy/modules/services/lpd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/lpd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/lpd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,6 +3,8 @@
  #
  /dev/printer		-s	gen_context(system_u:object_r:printer_t,s0)
@@ -653385,7 +653404,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lpd.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lpd.if serefpolicy-3.3.1/policy/modules/services/lpd.if
 --- nsaserefpolicy/policy/modules/services/lpd.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/lpd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/lpd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -336,10 +336,8 @@
  	')
  
@@ -653400,7 +653419,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/lpd.
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.fc serefpolicy-3.3.1/policy/modules/services/mailman.fc
 --- nsaserefpolicy/policy/modules/services/mailman.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mailman.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mailman.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -31,3 +31,4 @@
  /var/lock/mailman(/.*)?			gen_context(system_u:object_r:mailman_lock_t,s0)
  /var/spool/mailman(/.*)?		gen_context(system_u:object_r:mailman_data_t,s0)
@@ -653408,7 +653427,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail
 +/usr/lib/mailman/mail/mailman --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.if serefpolicy-3.3.1/policy/modules/services/mailman.if
 --- nsaserefpolicy/policy/modules/services/mailman.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mailman.if	2009-01-30 11:22:35.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mailman.if	2009-02-04 10:54:48.000000000 +0100
 @@ -31,6 +31,12 @@
  	allow mailman_$1_t self:tcp_socket create_stream_socket_perms;
  	allow mailman_$1_t self:udp_socket create_socket_perms;
@@ -653466,7 +653485,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.te serefpolicy-3.3.1/policy/modules/services/mailman.te
 --- nsaserefpolicy/policy/modules/services/mailman.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mailman.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mailman.te	2009-02-04 10:54:48.000000000 +0100
 @@ -53,10 +53,9 @@
  	apache_use_fds(mailman_cgi_t)
  	apache_dontaudit_append_log(mailman_cgi_t)
@@ -653514,13 +653533,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailscanner.fc serefpolicy-3.3.1/policy/modules/services/mailscanner.fc
 --- nsaserefpolicy/policy/modules/services/mailscanner.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mailscanner.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mailscanner.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2 @@
 +/var/spool/MailScanner(/.*)?	gen_context(system_u:object_r:mailscanner_spool_t,s0)
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailscanner.if serefpolicy-3.3.1/policy/modules/services/mailscanner.if
 --- nsaserefpolicy/policy/modules/services/mailscanner.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mailscanner.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mailscanner.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,59 @@
 +## <summary>Anti-Virus and Anti-Spam Filter</summary>
 +
@@ -653583,16 +653602,212 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailscanner.te serefpolicy-3.3.1/policy/modules/services/mailscanner.te
 --- nsaserefpolicy/policy/modules/services/mailscanner.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mailscanner.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mailscanner.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,5 @@
 +
 +policy_module(mailscanner,1.0.0)
 +
 +type mailscanner_spool_t;
 +files_type(mailscanner_spool_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.fc serefpolicy-3.3.1/policy/modules/services/milter.fc
+--- nsaserefpolicy/policy/modules/services/milter.fc	1970-01-01 01:00:00.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/milter.fc	2009-02-04 14:30:04.000000000 +0100
+@@ -0,0 +1,8 @@
++
++/usr/sbin/milter-regex				--	gen_context(system_u:object_r:regex_milter_exec_t,s0)
++/usr/sbin/spamass-milter			--	gen_context(system_u:object_r:spamass_milter_exec_t,s0)
++
++/var/run/spamass-milter(/.*)?				gen_context(system_u:object_r:spamass_milter_data_t,s0)
++/var/run/spamass-milter\.pid			--	gen_context(system_u:object_r:spamass_milter_data_t,s0)
++
++/var/spool/milter-regex(/.*)?				gen_context(system_u:object_r:regex_milter_data_t,s0)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.if serefpolicy-3.3.1/policy/modules/services/milter.if
+--- nsaserefpolicy/policy/modules/services/milter.if	1970-01-01 01:00:00.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/milter.if	2009-02-04 14:30:04.000000000 +0100
+@@ -0,0 +1,121 @@
++## <summary>Milter mail filters</summary>
++
++########################################
++## <summary>
++##	Create a set of derived types for various
++##	mail filter applications using the milter interface.
++## </summary>
++## <param name="milter_name">
++##	<summary>
++##	The name to be used for deriving type names.
++##	</summary>
++## </param>
++#
++template(`milter_template',`
++	# attributes common to all milters
++	gen_require(`
++		attribute milter_data_type, milter_domains;
++	')
++
++	type $1_milter_t, milter_domains;
++	type $1_milter_exec_t;
++	init_daemon_domain($1_milter_t, $1_milter_exec_t)
++	role system_r types $1_milter_t;
++
++	# Type for the milter data (e.g. the socket used to communicate with the MTA)
++	type $1_milter_data_t, milter_data_type;
++	files_type($1_milter_data_t);
++
++	allow $1_milter_t self:fifo_file rw_fifo_file_perms;
++
++	# Allow communication with MTA over a unix-domain socket
++	# Note: usage with TCP sockets requires additional policy
++	manage_sock_files_pattern($1_milter_t, $1_milter_data_t, $1_milter_data_t)
++
++	# Create other data files and directories in the data directory
++	manage_files_pattern($1_milter_t, $1_milter_data_t, $1_milter_data_t)
++
++	miscfiles_read_localization($1_milter_t)
++
++	logging_send_syslog_msg($1_milter_t)
++
++	 # Included in all domains upstream but not on F-10 or earlier
++	libs_use_ld_so($1_milter_t)
++	libs_use_shared_libs($1_milter_t)
++')
++
++########################################
++## <summary>
++##	MTA communication with milter sockets
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`milter_stream_connect_all',`
++	gen_require(`
++		attribute milter_data_type, milter_domains;
++	')
++
++	getattr_dirs_pattern($1, milter_data_type, milter_data_type)
++	stream_connect_pattern($1, milter_data_type, milter_data_type, milter_domains)
++')
++
++########################################
++## <summary>
++##	Allow getattr of milter sockets
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`milter_getattr_all_sockets',`
++	gen_require(`
++		attribute milter_data_type;
++	')
++
++	getattr_dirs_pattern($1, milter_data_type, milter_data_type)
++	getattr_sock_files_pattern($1, milter_data_type, milter_data_type)
++')
++
++#######################################
++## <summary>
++##      Read milter data.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      Domain allowed access.
++##      </summary>
++## </param>
++#
++interface(`milter_read_data',`
++        gen_require(`
++                attribute milter_data_type;
++        ')
++
++        read_files_pattern($1, milter_data_type, milter_data_type)
++')
++
++######################################
++## <summary>
++##      Read milter data.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      Domain allowed access.
++##      </summary>
++## </param>
++#
++interface(`milter_manage_data',`
++        gen_require(`
++                attribute milter_data_type;
++        ')
++	manage_dirs_pattern($1, milter_data_type, milter_data_type)
++        manage_files_pattern($1, milter_data_type, milter_data_type)
++')
++
++
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.te serefpolicy-3.3.1/policy/modules/services/milter.te
+--- nsaserefpolicy/policy/modules/services/milter.te	1970-01-01 01:00:00.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/milter.te	2009-02-04 14:30:04.000000000 +0100
+@@ -0,0 +1,55 @@
++
++policy_module(milter, 1.0.0)
++
++########################################
++#
++# Declarations
++#
++
++# attributes common to all milters
++attribute milter_domains;
++attribute milter_data_type;
++
++# currently-supported milters are milter-regex and spamass-milter
++milter_template(regex)
++milter_template(spamass)
++
++########################################
++#
++# milter-regex local policy
++#   filter emails using regular expressions
++#   http://www.benzedrine.cx/milter-regex.html
++#
++
++# It removes any existing socket (not owned by root) whilst running as root
++# and then calls setgid() and setuid() to drop privileges
++allow regex_milter_t self:capability { setuid setgid dac_override };
++
++# The milter's socket directory lives under /var/spool
++files_search_spool(regex_milter_t)
++
++# Look up username for dropping privs
++auth_use_nsswitch(regex_milter_t)
++
++# Config is in /etc/mail/milter-regex.conf
++mta_read_config(regex_milter_t)
++
++########################################
++#
++# spamass-milter local policy
++#   pipe emails through SpamAssassin
++#   http://savannah.nongnu.org/projects/spamass-milt/
++#
++
++kernel_read_system_state(spamass_milter_t)
++
++# When used with -b or -B options, the milter invokes sendmail to send mail
++# to a spamtrap address, using popen()
++corecmd_exec_shell(spamass_milter_t)
++corecmd_read_bin_symlinks(spamass_milter_t)
++corecmd_search_bin(spamass_milter_t)
++
++mta_send_mail(spamass_milter_t)
++
++# The main job of the milter is to pipe spam through spamc and act on the result
++spamassassin_domtrans_spamc(spamass_milter_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.fc serefpolicy-3.3.1/policy/modules/services/mta.fc
 --- nsaserefpolicy/policy/modules/services/mta.fc	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mta.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mta.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,12 +8,14 @@
  /etc/postfix/aliases.*		gen_context(system_u:object_r:etc_aliases_t,s0)
  ')
@@ -653619,7 +653834,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.if serefpolicy-3.3.1/policy/modules/services/mta.if
 --- nsaserefpolicy/policy/modules/services/mta.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mta.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mta.if	2009-02-04 10:54:48.000000000 +0100
 @@ -133,6 +133,15 @@
  		sendmail_create_log($1_mail_t)
  	')
@@ -653820,7 +654035,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ## </summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.3.1/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mta.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mta.te	2009-02-04 14:39:29.000000000 +0100
 @@ -6,6 +6,8 @@
  # Declarations
  #
@@ -653930,7 +654145,19 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  	logrotate_read_tmp_files(system_mail_t)
  ')
  
-@@ -114,9 +153,6 @@
+@@ -89,6 +128,11 @@
+ ')
+ 
+ optional_policy(`
++        # newaliases runs as system_mail_t when the sendmail initscript does a restart
++        milter_getattr_all_sockets(system_mail_t)
++')
++
++optional_policy(`
+ 	nagios_read_tmp_files(system_mail_t)
+ ')
+ 
+@@ -114,9 +158,6 @@
  		postfix_config_filetrans(system_mail_t,etc_aliases_t,{ dir file lnk_file sock_file fifo_file })
  	')
  
@@ -653940,7 +654167,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ')
  
  optional_policy(`
-@@ -136,11 +172,40 @@
+@@ -136,11 +177,40 @@
  ')
  
  optional_policy(`
@@ -653982,14 +654209,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  optional_policy(`
  	# why is mail delivered to a directory of type arpwatch_data_t?
  	arpwatch_search_data(mailserver_delivery)
-@@ -154,3 +219,4 @@
+@@ -154,3 +224,4 @@
  		cron_read_system_job_tmp_files(mta_user_agent)
  	')
  ')
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.fc serefpolicy-3.3.1/policy/modules/services/munin.fc
 --- nsaserefpolicy/policy/modules/services/munin.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/munin.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/munin.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -6,6 +6,9 @@
  /usr/share/munin/plugins/.*	--	gen_context(system_u:object_r:munin_exec_t,s0)
  
@@ -654004,7 +654231,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
 +/etc/rc\.d/init\.d/munin-node	--	gen_context(system_u:object_r:munin_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.if serefpolicy-3.3.1/policy/modules/services/munin.if
 --- nsaserefpolicy/policy/modules/services/munin.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/munin.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/munin.if	2009-02-04 10:54:48.000000000 +0100
 @@ -80,3 +80,123 @@
  
  	dontaudit $1 munin_var_lib_t:dir search_dir_perms;
@@ -654131,7 +654358,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.te serefpolicy-3.3.1/policy/modules/services/munin.te
 --- nsaserefpolicy/policy/modules/services/munin.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/munin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/munin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -25,26 +25,33 @@
  type munin_var_run_t alias lrrd_var_run_t;
  files_pid_file(munin_var_run_t)
@@ -654280,7 +654507,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
 +manage_files_pattern(munin_t, httpd_munin_content_t, httpd_munin_content_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysql.fc serefpolicy-3.3.1/policy/modules/services/mysql.fc
 --- nsaserefpolicy/policy/modules/services/mysql.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mysql.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mysql.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -22,3 +22,5 @@
  /var/log/mysql.*	--	gen_context(system_u:object_r:mysqld_log_t,s0)
  
@@ -654289,7 +654516,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysq
 +/etc/rc\.d/init\.d/mysqld	--	gen_context(system_u:object_r:mysqld_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysql.if serefpolicy-3.3.1/policy/modules/services/mysql.if
 --- nsaserefpolicy/policy/modules/services/mysql.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mysql.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mysql.if	2009-02-04 10:54:48.000000000 +0100
 @@ -32,9 +32,11 @@
  interface(`mysql_stream_connect',`
  	gen_require(`
@@ -654379,7 +654606,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysq
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysql.te serefpolicy-3.3.1/policy/modules/services/mysql.te
 --- nsaserefpolicy/policy/modules/services/mysql.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/mysql.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/mysql.te	2009-02-04 10:54:48.000000000 +0100
 @@ -25,6 +25,9 @@
  type mysqld_tmp_t;
  files_tmp_file(mysqld_tmp_t)
@@ -654410,7 +654637,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mysq
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.fc serefpolicy-3.3.1/policy/modules/services/nagios.fc
 --- nsaserefpolicy/policy/modules/services/nagios.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nagios.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nagios.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,13 +4,17 @@
  /usr/bin/nagios			--	gen_context(system_u:object_r:nagios_exec_t,s0)
  /usr/bin/nrpe			--	gen_context(system_u:object_r:nrpe_exec_t,s0)
@@ -654435,7 +654662,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.if serefpolicy-3.3.1/policy/modules/services/nagios.if
 --- nsaserefpolicy/policy/modules/services/nagios.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nagios.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nagios.if	2009-02-04 10:54:48.000000000 +0100
 @@ -44,7 +44,7 @@
  
  ########################################
@@ -654547,7 +654774,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.te serefpolicy-3.3.1/policy/modules/services/nagios.te
 --- nsaserefpolicy/policy/modules/services/nagios.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nagios.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nagios.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,11 +8,7 @@
  
  type nagios_t;
@@ -654655,7 +654882,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
  #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.fc serefpolicy-3.3.1/policy/modules/services/networkmanager.fc
 --- nsaserefpolicy/policy/modules/services/networkmanager.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.fc	2009-01-30 15:42:37.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,7 +1,16 @@
 +/etc/NetworkManager/dispatcher\.d(/.*)	gen_context(system_u:object_r:NetworkManager_script_exec_t,s0)
 +
@@ -654675,7 +654902,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
 +/var/run/nm-dhclient.*			gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.if serefpolicy-3.3.1/policy/modules/services/networkmanager.if
 --- nsaserefpolicy/policy/modules/services/networkmanager.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.if	2009-02-04 10:54:48.000000000 +0100
 @@ -74,7 +74,7 @@
  	')
  
@@ -654746,7 +654973,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.3.1/policy/modules/services/networkmanager.te
 --- nsaserefpolicy/policy/modules/services/networkmanager.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/networkmanager.te	2009-01-30 15:42:51.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/networkmanager.te	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,5 @@
  
 -policy_module(networkmanager,1.9.0)
@@ -655023,7 +655250,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
 +term_dontaudit_use_console(wpa_cli_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.fc serefpolicy-3.3.1/policy/modules/services/nis.fc
 --- nsaserefpolicy/policy/modules/services/nis.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nis.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nis.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,9 +4,14 @@
  /sbin/ypbind		--	gen_context(system_u:object_r:ypbind_exec_t,s0)
  
@@ -655041,7 +655268,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.
 +/etc/rc\.d/init\.d/ypxfrd	--	gen_context(system_u:object_r:nis_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.if serefpolicy-3.3.1/policy/modules/services/nis.if
 --- nsaserefpolicy/policy/modules/services/nis.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nis.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nis.if	2009-02-04 10:54:48.000000000 +0100
 @@ -28,7 +28,7 @@
  		type var_yp_t;
  	')
@@ -655184,7 +655411,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.te serefpolicy-3.3.1/policy/modules/services/nis.te
 --- nsaserefpolicy/policy/modules/services/nis.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nis.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nis.te	2009-02-04 10:54:48.000000000 +0100
 @@ -44,6 +44,9 @@
  type ypxfr_exec_t;
  init_daemon_domain(ypxfr_t,ypxfr_exec_t)
@@ -655252,7 +655479,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nis.
  corenet_tcp_connect_all_ports(ypxfr_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.fc serefpolicy-3.3.1/policy/modules/services/nscd.fc
 --- nsaserefpolicy/policy/modules/services/nscd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nscd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nscd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -9,3 +9,5 @@
  /var/run/\.nscd_socket	-s	gen_context(system_u:object_r:nscd_var_run_t,s0)
  
@@ -655261,7 +655488,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd
 +/etc/rc\.d/init\.d/nscd	--	gen_context(system_u:object_r:nscd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.if serefpolicy-3.3.1/policy/modules/services/nscd.if
 --- nsaserefpolicy/policy/modules/services/nscd.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nscd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nscd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -2,6 +2,24 @@
  
  ########################################
@@ -655401,7 +655628,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd.te serefpolicy-3.3.1/policy/modules/services/nscd.te
 --- nsaserefpolicy/policy/modules/services/nscd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nscd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nscd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,19 +23,22 @@
  type nscd_log_t;
  logging_log_file(nscd_log_t)
@@ -655495,7 +655722,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nscd
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.fc serefpolicy-3.3.1/policy/modules/services/ntp.fc
 --- nsaserefpolicy/policy/modules/services/ntp.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ntp.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ntp.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -17,3 +17,8 @@
  /var/log/xntpd.*		--	gen_context(system_u:object_r:ntpd_log_t,s0)
  
@@ -655507,7 +655734,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.
 +/etc/rc\.d/init\.d/ntpd	--	gen_context(system_u:object_r:ntpd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.if serefpolicy-3.3.1/policy/modules/services/ntp.if
 --- nsaserefpolicy/policy/modules/services/ntp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ntp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ntp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -53,3 +53,76 @@
  	corecmd_search_bin($1)
  	domtrans_pattern($1,ntpdate_exec_t,ntpd_t)
@@ -655587,7 +655814,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.te serefpolicy-3.3.1/policy/modules/services/ntp.te
 --- nsaserefpolicy/policy/modules/services/ntp.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ntp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ntp.te	2009-02-04 10:54:48.000000000 +0100
 @@ -25,6 +25,12 @@
  type ntpdate_exec_t;
  init_system_domain(ntpd_t,ntpdate_exec_t)
@@ -655663,7 +655890,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ntp.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nx.fc serefpolicy-3.3.1/policy/modules/services/nx.fc
 --- nsaserefpolicy/policy/modules/services/nx.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/nx.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/nx.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,3 +1,5 @@
 +
 +/usr/libexec/nx/nxserver	--	gen_context(system_u:object_r:nx_server_exec_t,s0)
@@ -655672,7 +655899,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nx.f
  /opt/NX/home/nx/\.ssh(/.*)?		gen_context(system_u:object_r:nx_server_home_ssh_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oav.te serefpolicy-3.3.1/policy/modules/services/oav.te
 --- nsaserefpolicy/policy/modules/services/oav.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/oav.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/oav.te	2009-02-04 10:54:48.000000000 +0100
 @@ -12,7 +12,7 @@
  
  # cjp: may be collapsable to etc_t
@@ -655693,7 +655920,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oav.
  logging_log_file(scannerdaemon_log_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.fc serefpolicy-3.3.1/policy/modules/services/oddjob.fc
 --- nsaserefpolicy/policy/modules/services/oddjob.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/oddjob.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/oddjob.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,4 @@
 -/usr/lib/oddjob/mkhomedir	--	gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
 +/usr/lib(64)?/oddjob/mkhomedir	--	gen_context(system_u:object_r:oddjob_mkhomedir_exec_t,s0)
@@ -655702,7 +655929,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddj
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.if serefpolicy-3.3.1/policy/modules/services/oddjob.if
 --- nsaserefpolicy/policy/modules/services/oddjob.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/oddjob.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/oddjob.if	2009-02-04 10:54:48.000000000 +0100
 @@ -44,6 +44,7 @@
  	')
  
@@ -655748,7 +655975,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddj
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddjob.te serefpolicy-3.3.1/policy/modules/services/oddjob.te
 --- nsaserefpolicy/policy/modules/services/oddjob.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/oddjob.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/oddjob.te	2009-02-04 10:54:48.000000000 +0100
 @@ -10,14 +10,21 @@
  type oddjob_exec_t;
  domain_type(oddjob_t)
@@ -655817,7 +656044,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/oddj
  userdom_generic_user_home_dir_filetrans_generic_user_home_content(oddjob_mkhomedir_t,notdevfile_class_set)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/openca.te serefpolicy-3.3.1/policy/modules/services/openca.te
 --- nsaserefpolicy/policy/modules/services/openca.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/openca.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/openca.te	2009-02-04 10:54:48.000000000 +0100
 @@ -18,7 +18,7 @@
  
  # /etc/openca standard files
@@ -655829,7 +656056,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/open
  type openca_etc_in_t;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/openct.te serefpolicy-3.3.1/policy/modules/services/openct.te
 --- nsaserefpolicy/policy/modules/services/openct.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/openct.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/openct.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,6 +22,7 @@
  allow openct_t self:process signal_perms;
  
@@ -655840,7 +656067,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/open
  kernel_read_kernel_sysctls(openct_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/openvpn.fc serefpolicy-3.3.1/policy/modules/services/openvpn.fc
 --- nsaserefpolicy/policy/modules/services/openvpn.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/openvpn.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/openvpn.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -2,6 +2,7 @@
  # /etc
  #
@@ -655860,7 +656087,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/open
 +/etc/rc\.d/init\.d/openvpn	--	gen_context(system_u:object_r:openvpn_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/openvpn.if serefpolicy-3.3.1/policy/modules/services/openvpn.if
 --- nsaserefpolicy/policy/modules/services/openvpn.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/openvpn.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/openvpn.if	2009-02-04 10:54:48.000000000 +0100
 @@ -70,6 +70,43 @@
  
  ########################################
@@ -655982,7 +656209,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/open
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/openvpn.te serefpolicy-3.3.1/policy/modules/services/openvpn.te
 --- nsaserefpolicy/policy/modules/services/openvpn.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/openvpn.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/openvpn.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,7 +8,7 @@
  
  ## <desc>
@@ -656057,7 +656284,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/open
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pcscd.te serefpolicy-3.3.1/policy/modules/services/pcscd.te
 --- nsaserefpolicy/policy/modules/services/pcscd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pcscd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pcscd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -45,6 +45,7 @@
  files_read_etc_files(pcscd_t)
  files_read_etc_runtime_files(pcscd_t)
@@ -656068,7 +656295,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pcsc
  libs_use_ld_so(pcscd_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pegasus.te serefpolicy-3.3.1/policy/modules/services/pegasus.te
 --- nsaserefpolicy/policy/modules/services/pegasus.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pegasus.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pegasus.te	2009-02-04 10:54:48.000000000 +0100
 @@ -42,6 +42,7 @@
  allow pegasus_t pegasus_conf_t:file { read_file_perms link unlink };
  allow pegasus_t pegasus_conf_t:lnk_file read_lnk_file_perms;
@@ -656117,7 +656344,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pega
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pki.fc serefpolicy-3.3.1/policy/modules/services/pki.fc
 --- nsaserefpolicy/policy/modules/services/pki.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pki.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pki.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,46 @@
 +
 +/etc/rc\.d/init\.d/pki-ca	--	gen_context(system_u:object_r:pki_ca_script_exec_t,s0)
@@ -656167,7 +656394,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pki.
 +/var/run/pki-tps\.pid		--	gen_context(system_u:object_r:pki_tks_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pki.if serefpolicy-3.3.1/policy/modules/services/pki.if
 --- nsaserefpolicy/policy/modules/services/pki.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pki.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pki.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,643 @@
 +
 +## <summary>policy for pki</summary>
@@ -656814,7 +657041,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pki.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pki.te serefpolicy-3.3.1/policy/modules/services/pki.te
 --- nsaserefpolicy/policy/modules/services/pki.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pki.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pki.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,91 @@
 +policy_module(pki,1.0.0)
 +
@@ -656909,14 +657136,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pki.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/podsleuth.fc serefpolicy-3.3.1/policy/modules/services/podsleuth.fc
 --- nsaserefpolicy/policy/modules/services/podsleuth.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/podsleuth.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/podsleuth.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3 @@
 +/usr/bin/podsleuth	--	gen_context(system_u:object_r:podsleuth_exec_t,s0)
 +/usr/libexec/hal-podsleuth       --      gen_context(system_u:object_r:podsleuth_exec_t,s0)
 +/var/cache/podsleuth(/.*)?		gen_context(system_u:object_r:podsleuth_cache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/podsleuth.if serefpolicy-3.3.1/policy/modules/services/podsleuth.if
 --- nsaserefpolicy/policy/modules/services/podsleuth.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/podsleuth.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/podsleuth.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,55 @@
 +
 +## <summary>policy for podsleuth</summary>
@@ -656975,7 +657202,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pods
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/podsleuth.te serefpolicy-3.3.1/policy/modules/services/podsleuth.te
 --- nsaserefpolicy/policy/modules/services/podsleuth.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/podsleuth.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/podsleuth.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,73 @@
 +policy_module(podsleuth,1.0.0)
 +
@@ -657052,7 +657279,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pods
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.fc serefpolicy-3.3.1/policy/modules/services/polkit.fc
 --- nsaserefpolicy/policy/modules/services/polkit.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/polkit.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,9 @@
 +
 +/usr/libexec/polkit-read-auth-helper	--	gen_context(system_u:object_r:polkit_auth_exec_t,s0)
@@ -657065,7 +657292,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polk
 +/var/lib/PolicyKit-public(/.*)?			gen_context(system_u:object_r:polkit_var_lib_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.if serefpolicy-3.3.1/policy/modules/services/polkit.if
 --- nsaserefpolicy/policy/modules/services/polkit.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/polkit.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,213 @@
 +
 +## <summary>policy for polkit_auth</summary>
@@ -657282,7 +657509,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polk
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.te serefpolicy-3.3.1/policy/modules/services/polkit.te
 --- nsaserefpolicy/policy/modules/services/polkit.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/polkit.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/polkit.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,221 @@
 +policy_module(polkit_auth,1.0.0)
 +
@@ -657507,7 +657734,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polk
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/portmap.te serefpolicy-3.3.1/policy/modules/services/portmap.te
 --- nsaserefpolicy/policy/modules/services/portmap.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/portmap.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/portmap.te	2009-02-04 10:54:48.000000000 +0100
 @@ -41,6 +41,7 @@
  manage_files_pattern(portmap_t,portmap_var_run_t,portmap_var_run_t)
  files_pid_filetrans(portmap_t,portmap_var_run_t,file)
@@ -657518,7 +657745,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/port
  kernel_read_proc_symlinks(portmap_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/portslave.te serefpolicy-3.3.1/policy/modules/services/portslave.te
 --- nsaserefpolicy/policy/modules/services/portslave.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/portslave.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/portslave.te	2009-02-04 10:54:48.000000000 +0100
 @@ -12,7 +12,7 @@
  init_daemon_domain(portslave_t,portslave_exec_t)
  
@@ -657530,7 +657757,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/port
  files_lock_file(portslave_lock_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.fc serefpolicy-3.3.1/policy/modules/services/postfix.fc
 --- nsaserefpolicy/policy/modules/services/postfix.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postfix.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postfix.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -29,12 +29,10 @@
  /usr/lib/postfix/smtpd	--	gen_context(system_u:object_r:postfix_smtpd_exec_t,s0)
  /usr/lib/postfix/bounce	--	gen_context(system_u:object_r:postfix_bounce_exec_t,s0)
@@ -657558,7 +657785,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  /var/spool/postfix/pid/.*	gen_context(system_u:object_r:postfix_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.if serefpolicy-3.3.1/policy/modules/services/postfix.if
 --- nsaserefpolicy/policy/modules/services/postfix.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postfix.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postfix.if	2009-02-04 10:54:48.000000000 +0100
 @@ -46,6 +46,7 @@
  
  	allow postfix_$1_t postfix_etc_t:dir list_dir_perms;
@@ -657710,7 +657937,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfixpolicyd.fc serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.fc
 --- nsaserefpolicy/policy/modules/services/postfixpolicyd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,3 +3,5 @@
  /usr/sbin/policyd		--	gen_context(system_u:object_r:postfix_policyd_exec_t, s0)
  
@@ -657719,7 +657946,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +/etc/rc\.d/init\.d/postfixpolicyd	--	gen_context(system_u:object_r:postfixpolicyd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfixpolicyd.if serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.if
 --- nsaserefpolicy/policy/modules/services/postfixpolicyd.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,68 @@
  ## <summary>Postfix policy server</summary>
 +
@@ -657791,7 +658018,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfixpolicyd.te serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.te
 --- nsaserefpolicy/policy/modules/services/postfixpolicyd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postfixpolicyd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,9 @@
  type postfix_policyd_var_run_t;
  files_pid_file(postfix_policyd_var_run_t)
@@ -657804,7 +658031,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  # Local Policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postfix.te serefpolicy-3.3.1/policy/modules/services/postfix.te
 --- nsaserefpolicy/policy/modules/services/postfix.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postfix.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postfix.te	2009-02-04 14:40:43.000000000 +0100
 @@ -6,6 +6,15 @@
  # Declarations
  #
@@ -658059,7 +658286,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  ########################################
  #
  # Postfix qmgr local policy
-@@ -519,6 +585,13 @@
+@@ -519,10 +585,22 @@
  
  files_dontaudit_getattr_home_dir(postfix_smtp_t)
  
@@ -658073,7 +658300,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  optional_policy(`
  	cyrus_stream_connect(postfix_smtp_t)
  ')
-@@ -532,9 +605,6 @@
+ 
++optional_policy(`
++        milter_stream_connect_all(postfix_smtp_t)
++')
++
++
+ ########################################
+ #
+ # Postfix smtpd local policy
+@@ -532,9 +610,6 @@
  # connect to master process
  stream_connect_pattern(postfix_smtpd_t,{ postfix_private_t postfix_public_t },{ postfix_private_t postfix_public_t },postfix_master_t)
  
@@ -658083,7 +658319,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  # for prng_exch
  allow postfix_smtpd_t postfix_spool_t:file rw_file_perms;
  allow postfix_smtpd_t postfix_prng_t:file rw_file_perms;
-@@ -557,6 +627,10 @@
+@@ -557,6 +632,10 @@
  	sasl_connect(postfix_smtpd_t)
  ')
  
@@ -658094,7 +658330,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  ########################################
  #
  # Postfix virtual local policy
-@@ -572,7 +646,7 @@
+@@ -572,7 +651,7 @@
  files_tmp_filetrans(postfix_virtual_t, postfix_virtual_tmp_t, { file dir })
  
  # connect to master process
@@ -658105,7 +658341,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  corecmd_exec_bin(postfix_virtual_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.fc serefpolicy-3.3.1/policy/modules/services/postgresql.fc
 --- nsaserefpolicy/policy/modules/services/postgresql.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postgresql.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postgresql.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -6,8 +6,8 @@
  #
  # /usr
@@ -658138,7 +658374,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +/etc/rc\.d/init\.d/postgresql	--	gen_context(system_u:object_r:postgresql_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.if serefpolicy-3.3.1/policy/modules/services/postgresql.if
 --- nsaserefpolicy/policy/modules/services/postgresql.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postgresql.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postgresql.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,205 @@
  ## <summary>PostgreSQL relational database</summary>
  
@@ -658488,7 +658724,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgresql.te serefpolicy-3.3.1/policy/modules/services/postgresql.te
 --- nsaserefpolicy/policy/modules/services/postgresql.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postgresql.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postgresql.te	2009-02-04 10:54:48.000000000 +0100
 @@ -1,13 +1,30 @@
  
 -policy_module(postgresql,1.5.0)
@@ -658773,7 +659009,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +kernel_relabelfrom_unlabeled_database(sepgsql_unconfined_type)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgrey.fc serefpolicy-3.3.1/policy/modules/services/postgrey.fc
 --- nsaserefpolicy/policy/modules/services/postgrey.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postgrey.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postgrey.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -7,3 +7,7 @@
  
  /var/run/postgrey(/.*)?		gen_context(system_u:object_r:postgrey_var_run_t,s0)
@@ -658784,7 +659020,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +/var/spool/postfix/postgrey(/.*)?	gen_context(system_u:object_r:postgrey_spool_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgrey.if serefpolicy-3.3.1/policy/modules/services/postgrey.if
 --- nsaserefpolicy/policy/modules/services/postgrey.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postgrey.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postgrey.if	2009-02-04 10:54:48.000000000 +0100
 @@ -12,10 +12,100 @@
  #
  interface(`postgrey_stream_connect',`
@@ -658890,7 +659126,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgrey.te serefpolicy-3.3.1/policy/modules/services/postgrey.te
 --- nsaserefpolicy/policy/modules/services/postgrey.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/postgrey.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/postgrey.te	2009-02-04 10:54:48.000000000 +0100
 @@ -13,26 +13,38 @@
  type postgrey_etc_t;
  files_config_file(postgrey_etc_t)
@@ -658945,7 +659181,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.fc serefpolicy-3.3.1/policy/modules/services/ppp.fc
 --- nsaserefpolicy/policy/modules/services/ppp.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ppp.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ppp.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,6 +1,8 @@
  #
  # /etc
@@ -658957,7 +659193,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.
  /etc/ppp/peers(/.*)?			gen_context(system_u:object_r:pppd_etc_rw_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.if serefpolicy-3.3.1/policy/modules/services/ppp.if
 --- nsaserefpolicy/policy/modules/services/ppp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ppp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ppp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -39,6 +39,25 @@
  
  ########################################
@@ -659120,7 +659356,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.te serefpolicy-3.3.1/policy/modules/services/ppp.te
 --- nsaserefpolicy/policy/modules/services/ppp.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ppp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ppp.te	2009-02-04 10:54:48.000000000 +0100
 @@ -71,7 +71,7 @@
  # PPPD Local policy
  #
@@ -659240,7 +659476,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ppp.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.fc serefpolicy-3.3.1/policy/modules/services/prelude.fc
 --- nsaserefpolicy/policy/modules/services/prelude.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/prelude.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/prelude.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,24 @@
 +/sbin/audisp-prelude		--	gen_context(system_u:object_r:prelude_audisp_exec_t,s0)
 +
@@ -659268,7 +659504,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prel
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.if serefpolicy-3.3.1/policy/modules/services/prelude.if
 --- nsaserefpolicy/policy/modules/services/prelude.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/prelude.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/prelude.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,191 @@
 +## <summary>Prelude hybrid intrusion detection system</summary>
 +
@@ -659463,7 +659699,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prel
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.te serefpolicy-3.3.1/policy/modules/services/prelude.te
 --- nsaserefpolicy/policy/modules/services/prelude.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/prelude.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/prelude.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,339 @@
 +
 +policy_module(prelude, 1.0.0)
@@ -659806,7 +660042,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prel
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/privoxy.fc serefpolicy-3.3.1/policy/modules/services/privoxy.fc
 --- nsaserefpolicy/policy/modules/services/privoxy.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/privoxy.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/privoxy.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,6 +1,10 @@
  
  /etc/privoxy/user\.action --	gen_context(system_u:object_r:privoxy_etc_rw_t,s0)
@@ -659820,7 +660056,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/priv
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/privoxy.if serefpolicy-3.3.1/policy/modules/services/privoxy.if
 --- nsaserefpolicy/policy/modules/services/privoxy.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/privoxy.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/privoxy.if	2009-02-04 10:54:48.000000000 +0100
 @@ -2,6 +2,25 @@
  
  ########################################
@@ -659879,7 +660115,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/priv
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/privoxy.te serefpolicy-3.3.1/policy/modules/services/privoxy.te
 --- nsaserefpolicy/policy/modules/services/privoxy.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/privoxy.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/privoxy.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,6 +19,9 @@
  type privoxy_var_run_t;
  files_pid_file(privoxy_var_run_t)
@@ -659900,7 +660136,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/priv
  corenet_sendrecv_http_cache_server_packets(privoxy_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.fc serefpolicy-3.3.1/policy/modules/services/procmail.fc
 --- nsaserefpolicy/policy/modules/services/procmail.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/procmail.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/procmail.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,2 +1,5 @@
  
  /usr/bin/procmail	--	gen_context(system_u:object_r:procmail_exec_t,s0)
@@ -659909,7 +660145,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/proc
 +/var/log/procmail(/.*)? gen_context(system_u:object_r:procmail_log_t,s0) 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.if serefpolicy-3.3.1/policy/modules/services/procmail.if
 --- nsaserefpolicy/policy/modules/services/procmail.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/procmail.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/procmail.if	2009-02-04 10:54:48.000000000 +0100
 @@ -39,3 +39,41 @@
  	corecmd_search_bin($1)
  	can_exec($1,procmail_exec_t)
@@ -659954,7 +660190,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/proc
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/procmail.te serefpolicy-3.3.1/policy/modules/services/procmail.te
 --- nsaserefpolicy/policy/modules/services/procmail.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/procmail.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/procmail.te	2009-02-04 10:54:48.000000000 +0100
 @@ -14,6 +14,10 @@
  type procmail_tmp_t;
  files_tmp_file(procmail_tmp_t)
@@ -660034,13 +660270,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/proc
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/publicfile.if serefpolicy-3.3.1/policy/modules/services/publicfile.if
 --- nsaserefpolicy/policy/modules/services/publicfile.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/publicfile.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/publicfile.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,2 @@
  ## <summary>publicfile supplies files to the public through HTTP and FTP</summary>
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.fc serefpolicy-3.3.1/policy/modules/services/pyzor.fc
 --- nsaserefpolicy/policy/modules/services/pyzor.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pyzor.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pyzor.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,9 +1,11 @@
  /etc/pyzor(/.*)?		gen_context(system_u:object_r:pyzor_etc_t, s0)
  
@@ -660056,7 +660292,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzo
 +/etc/rc\.d/init\.d/pyzord	--	gen_context(system_u:object_r:pyzord_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.if serefpolicy-3.3.1/policy/modules/services/pyzor.if
 --- nsaserefpolicy/policy/modules/services/pyzor.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pyzor.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pyzor.if	2009-02-04 11:07:06.000000000 +0100
 @@ -25,16 +25,15 @@
  #
  template(`pyzor_per_role_template',`
@@ -660080,7 +660316,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzo
  ')
  
  ########################################
-@@ -94,3 +93,78 @@
+@@ -94,3 +93,98 @@
  	corecmd_search_bin($1)
  	can_exec($1,pyzor_exec_t)
  ')
@@ -660104,6 +660340,26 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzo
 +	init_labeled_script_domtrans($1,pyzord_script_exec_t)
 +')
 +
++
++#######################################
++## <summary>
++##      Read user pyzor home files.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      The type of the process performing this action.
++##      </summary>
++## </param>
++#
++interface(`pyzor_read_user_home_files',`
++        gen_require(`
++                type user_pyzor_home_t;
++        ')
++
++        
++        read_files_pattern($1, user_pyzor_home_t, user_pyzor_home_t)
++')
++
 +########################################
 +## <summary>
 +##	All of the rules required to administrate 
@@ -660161,7 +660417,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzo
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzor.te serefpolicy-3.3.1/policy/modules/services/pyzor.te
 --- nsaserefpolicy/policy/modules/services/pyzor.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/pyzor.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/pyzor.te	2009-02-04 10:54:48.000000000 +0100
 @@ -17,7 +17,7 @@
  init_daemon_domain(pyzord_t,pyzord_exec_t)
  
@@ -660220,7 +660476,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/pyzo
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/qmail.if serefpolicy-3.3.1/policy/modules/services/qmail.if
 --- nsaserefpolicy/policy/modules/services/qmail.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/qmail.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/qmail.if	2009-02-04 10:54:48.000000000 +0100
 @@ -197,3 +197,4 @@
  
          domtrans_pattern(qmail_smtpd_t, $2, $1)
@@ -660228,7 +660484,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/qmai
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/qmail.te serefpolicy-3.3.1/policy/modules/services/qmail.te
 --- nsaserefpolicy/policy/modules/services/qmail.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/qmail.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/qmail.te	2009-02-04 10:54:48.000000000 +0100
 @@ -14,7 +14,7 @@
  qmail_child_domain_template(qmail_clean, qmail_start_t)
  
@@ -660286,7 +660542,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/qmai
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radius.fc serefpolicy-3.3.1/policy/modules/services/radius.fc
 --- nsaserefpolicy/policy/modules/services/radius.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/radius.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/radius.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -20,3 +20,5 @@
  
  /var/run/radiusd(/.*)?		gen_context(system_u:object_r:radiusd_var_run_t,s0)
@@ -660295,7 +660551,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radi
 +/etc/rc\.d/init\.d/radiusd	--	gen_context(system_u:object_r:radius_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radius.if serefpolicy-3.3.1/policy/modules/services/radius.if
 --- nsaserefpolicy/policy/modules/services/radius.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/radius.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/radius.if	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,25 @@
  
  ########################################
@@ -660361,7 +660617,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radi
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radius.te serefpolicy-3.3.1/policy/modules/services/radius.te
 --- nsaserefpolicy/policy/modules/services/radius.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/radius.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/radius.te	2009-02-04 10:54:48.000000000 +0100
 @@ -25,6 +25,9 @@
  type radiusd_var_run_t;
  files_pid_file(radiusd_var_run_t)
@@ -660429,7 +660685,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radi
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radvd.fc serefpolicy-3.3.1/policy/modules/services/radvd.fc
 --- nsaserefpolicy/policy/modules/services/radvd.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/radvd.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/radvd.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -5,3 +5,4 @@
  
  /var/run/radvd\.pid	--	gen_context(system_u:object_r:radvd_var_run_t,s0)
@@ -660437,7 +660693,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radv
 +/etc/rc\.d/init\.d/radvd	--	gen_context(system_u:object_r:radvd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radvd.if serefpolicy-3.3.1/policy/modules/services/radvd.if
 --- nsaserefpolicy/policy/modules/services/radvd.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/radvd.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/radvd.if	2009-02-04 10:54:48.000000000 +0100
 @@ -2,6 +2,25 @@
  
  ########################################
@@ -660493,7 +660749,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radv
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radvd.te serefpolicy-3.3.1/policy/modules/services/radvd.te
 --- nsaserefpolicy/policy/modules/services/radvd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/radvd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/radvd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -15,11 +15,14 @@
  type radvd_etc_t;
  files_config_file(radvd_etc_t)
@@ -660520,7 +660776,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/radv
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razor.fc serefpolicy-3.3.1/policy/modules/services/razor.fc
 --- nsaserefpolicy/policy/modules/services/razor.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/razor.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/razor.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,4 @@
 -HOME_DIR/\.razor(/.*)?		gen_context(system_u:object_r:ROLE_razor_home_t,s0)
 +HOME_DIR/\.razor(/.*)?		gen_context(system_u:object_r:user_razor_home_t,s0)
@@ -660529,7 +660785,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razo
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razor.if serefpolicy-3.3.1/policy/modules/services/razor.if
 --- nsaserefpolicy/policy/modules/services/razor.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/razor.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/razor.if	2009-02-04 10:54:48.000000000 +0100
 @@ -137,6 +137,7 @@
  template(`razor_per_role_template',`
  	gen_require(`
@@ -660621,7 +660877,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razo
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razor.te serefpolicy-3.3.1/policy/modules/services/razor.te
 --- nsaserefpolicy/policy/modules/services/razor.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/razor.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/razor.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,6 +23,12 @@
  
  razor_common_domain_template(razor)
@@ -660637,7 +660893,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/razo
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rdisc.if serefpolicy-3.3.1/policy/modules/services/rdisc.if
 --- nsaserefpolicy/policy/modules/services/rdisc.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rdisc.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rdisc.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,20 @@
  ## <summary>Network router discovery daemon</summary>
 +
@@ -660661,7 +660917,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rdis
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rdisc.te serefpolicy-3.3.1/policy/modules/services/rdisc.te
 --- nsaserefpolicy/policy/modules/services/rdisc.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rdisc.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rdisc.te	2009-02-04 10:54:48.000000000 +0100
 @@ -45,6 +45,8 @@
  libs_use_ld_so(rdisc_t)
  libs_use_shared_libs(rdisc_t)
@@ -660673,7 +660929,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rdis
  sysnet_read_config(rdisc_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/remotelogin.if serefpolicy-3.3.1/policy/modules/services/remotelogin.if
 --- nsaserefpolicy/policy/modules/services/remotelogin.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/remotelogin.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/remotelogin.if	2009-02-04 10:54:48.000000000 +0100
 @@ -35,3 +35,4 @@
  
  	allow $1 remote_login_t:process signal;
@@ -660681,7 +660937,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/remo
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/remotelogin.te serefpolicy-3.3.1/policy/modules/services/remotelogin.te
 --- nsaserefpolicy/policy/modules/services/remotelogin.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/remotelogin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/remotelogin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -85,6 +85,7 @@
  
  miscfiles_read_localization(remote_login_t)
@@ -660692,7 +660948,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/remo
  # Only permit unprivileged user domains to be entered via rlogin,
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rhgb.te serefpolicy-3.3.1/policy/modules/services/rhgb.te
 --- nsaserefpolicy/policy/modules/services/rhgb.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rhgb.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rhgb.te	2009-02-04 10:54:48.000000000 +0100
 @@ -92,6 +92,7 @@
  term_getattr_pty_fs(rhgb_t)
  
@@ -660711,7 +660967,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rhgb
  	consoletype_exec(rhgb_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ricci.if serefpolicy-3.3.1/policy/modules/services/ricci.if
 --- nsaserefpolicy/policy/modules/services/ricci.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ricci.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ricci.if	2009-02-04 10:54:48.000000000 +0100
 @@ -165,3 +165,4 @@
  
  	domtrans_pattern($1,ricci_modstorage_exec_t,ricci_modstorage_t)
@@ -660719,7 +660975,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ricc
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rlogin.te serefpolicy-3.3.1/policy/modules/services/rlogin.te
 --- nsaserefpolicy/policy/modules/services/rlogin.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rlogin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rlogin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -36,6 +36,8 @@
  allow rlogind_t rlogind_devpts_t:chr_file { rw_chr_file_perms setattr };
  term_create_pty(rlogind_t,rlogind_devpts_t)
@@ -660759,7 +661015,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rlog
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/roundup.fc serefpolicy-3.3.1/policy/modules/services/roundup.fc
 --- nsaserefpolicy/policy/modules/services/roundup.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/roundup.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/roundup.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -7,3 +7,5 @@
  # /var
  #
@@ -660768,7 +661024,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/roun
 +/etc/rc\.d/init\.d/roundup	--	gen_context(system_u:object_r:roundup_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/roundup.if serefpolicy-3.3.1/policy/modules/services/roundup.if
 --- nsaserefpolicy/policy/modules/services/roundup.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/roundup.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/roundup.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,68 @@
  ## <summary>Roundup Issue Tracking System policy</summary>
 +
@@ -660840,7 +661096,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/roun
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/roundup.te serefpolicy-3.3.1/policy/modules/services/roundup.te
 --- nsaserefpolicy/policy/modules/services/roundup.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/roundup.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/roundup.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,9 @@
  type roundup_var_lib_t;
  files_type(roundup_var_lib_t)
@@ -660853,7 +661109,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/roun
  # Local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcbind.fc serefpolicy-3.3.1/policy/modules/services/rpcbind.fc
 --- nsaserefpolicy/policy/modules/services/rpcbind.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rpcbind.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rpcbind.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -5,3 +5,5 @@
  /var/run/rpc.statd\.pid	--	gen_context(system_u:object_r:rpcbind_var_run_t,s0)
  /var/run/rpcbind\.lock	--	gen_context(system_u:object_r:rpcbind_var_run_t,s0)
@@ -660862,7 +661118,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcb
 +/etc/rc\.d/init\.d/rpcbind	--	gen_context(system_u:object_r:rpcbind_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcbind.if serefpolicy-3.3.1/policy/modules/services/rpcbind.if
 --- nsaserefpolicy/policy/modules/services/rpcbind.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rpcbind.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rpcbind.if	2009-02-04 10:54:48.000000000 +0100
 @@ -95,3 +95,70 @@
  	manage_files_pattern($1,rpcbind_var_lib_t,rpcbind_var_lib_t)
  	files_search_var_lib($1)
@@ -660936,7 +661192,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcbind.te serefpolicy-3.3.1/policy/modules/services/rpcbind.te
 --- nsaserefpolicy/policy/modules/services/rpcbind.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rpcbind.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rpcbind.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,16 +16,21 @@
  type rpcbind_var_lib_t;
  files_type(rpcbind_var_lib_t)
@@ -660970,7 +661226,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcb
  corenet_all_recvfrom_unlabeled(rpcbind_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.fc serefpolicy-3.3.1/policy/modules/services/rpc.fc
 --- nsaserefpolicy/policy/modules/services/rpc.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rpc.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rpc.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -12,6 +12,7 @@
  # /usr
  #
@@ -660981,7 +661237,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  /usr/sbin/rpc\.nfsd	--	gen_context(system_u:object_r:nfsd_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.if serefpolicy-3.3.1/policy/modules/services/rpc.if
 --- nsaserefpolicy/policy/modules/services/rpc.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rpc.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rpc.if	2009-02-04 10:54:48.000000000 +0100
 @@ -88,8 +88,11 @@
  	# bind to arbitary unused ports
  	corenet_tcp_bind_generic_port($1_t)
@@ -661045,7 +661301,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.3.1/policy/modules/services/rpc.te
 --- nsaserefpolicy/policy/modules/services/rpc.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rpc.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rpc.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,7 +23,7 @@
  gen_tunable(allow_nfsd_anon_write,false)
  
@@ -661159,7 +661415,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rshd.te serefpolicy-3.3.1/policy/modules/services/rshd.te
 --- nsaserefpolicy/policy/modules/services/rshd.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rshd.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rshd.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,7 +16,7 @@
  #
  # Local policy
@@ -661223,7 +661479,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rshd
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsync.fc serefpolicy-3.3.1/policy/modules/services/rsync.fc
 --- nsaserefpolicy/policy/modules/services/rsync.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rsync.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rsync.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,2 +1,6 @@
  
  /usr/bin/rsync		--	gen_context(system_u:object_r:rsync_exec_t,s0)
@@ -661233,7 +661489,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsyn
 +/var/run/rsyncd\.lock      --	gen_context(system_u:object_r:rsync_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsync.if serefpolicy-3.3.1/policy/modules/services/rsync.if
 --- nsaserefpolicy/policy/modules/services/rsync.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rsync.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rsync.if	2009-02-04 10:54:48.000000000 +0100
 @@ -103,3 +103,5 @@
  
  	can_exec($1,rsync_exec_t)
@@ -661242,7 +661498,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsyn
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsync.te serefpolicy-3.3.1/policy/modules/services/rsync.te
 --- nsaserefpolicy/policy/modules/services/rsync.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rsync.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rsync.te	2009-02-04 10:54:48.000000000 +0100
 @@ -31,6 +31,9 @@
  type rsync_data_t;
  files_type(rsync_data_t)
@@ -661290,7 +661546,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rsyn
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rwho.fc serefpolicy-3.3.1/policy/modules/services/rwho.fc
 --- nsaserefpolicy/policy/modules/services/rwho.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rwho.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rwho.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -3,3 +3,5 @@
  /var/spool/rwho(/.*)?		gen_context(system_u:object_r:rwho_spool_t,s0)
  
@@ -661299,7 +661555,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rwho
 +/etc/rc\.d/init\.d/rwhod	--	gen_context(system_u:object_r:rwho_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rwho.if serefpolicy-3.3.1/policy/modules/services/rwho.if
 --- nsaserefpolicy/policy/modules/services/rwho.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rwho.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rwho.if	2009-02-04 10:54:48.000000000 +0100
 @@ -118,6 +118,25 @@
  
  ########################################
@@ -661352,7 +661608,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rwho
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rwho.te serefpolicy-3.3.1/policy/modules/services/rwho.te
 --- nsaserefpolicy/policy/modules/services/rwho.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/rwho.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/rwho.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,9 @@
  type rwho_spool_t;
  files_type(rwho_spool_t)
@@ -661365,7 +661621,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rwho
  # rwho local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.fc serefpolicy-3.3.1/policy/modules/services/samba.fc
 --- nsaserefpolicy/policy/modules/services/samba.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/samba.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/samba.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -15,6 +15,7 @@
  /usr/bin/ntlm_auth		--	gen_context(system_u:object_r:winbind_helper_exec_t,s0)
  /usr/bin/smbmount		--	gen_context(system_u:object_r:smbmount_exec_t,s0)
@@ -661389,7 +661645,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.if serefpolicy-3.3.1/policy/modules/services/samba.if
 --- nsaserefpolicy/policy/modules/services/samba.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/samba.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/samba.if	2009-02-04 10:54:48.000000000 +0100
 @@ -33,8 +33,8 @@
  	')
  
@@ -661758,7 +662014,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.te serefpolicy-3.3.1/policy/modules/services/samba.te
 --- nsaserefpolicy/policy/modules/services/samba.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/samba.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/samba.te	2009-02-04 14:48:41.000000000 +0100
 @@ -17,6 +17,13 @@
  
  ## <desc>
@@ -661914,7 +662170,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  ifdef(`hide_broken_symptoms', `
  	files_dontaudit_getattr_default_dirs(smbd_t)
  	files_dontaudit_getattr_boot_dirs(smbd_t)
-@@ -340,6 +370,25 @@
+@@ -336,10 +366,36 @@
+ 	usermanage_domtrans_groupadd(smbd_t)
+ ')
+ 
++# Samba can read all content in the home directory
++
++tunable_policy(`samba_enable_home_dirs',`
++         userdom_manage_home_content(smbd_t)
++')
++         
++
+ # Support Samba sharing of NFS mount points
  tunable_policy(`samba_share_nfs',`
  	fs_manage_nfs_dirs(smbd_t)
  	fs_manage_nfs_files(smbd_t)
@@ -661940,7 +662207,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  ')
  
  optional_policy(`
-@@ -363,10 +412,18 @@
+@@ -363,10 +419,18 @@
  	udev_read_db(smbd_t)
  ')
  
@@ -661959,7 +662226,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  	auth_read_all_files_except_shadow(nmbd_t)
  ')
  
-@@ -391,7 +448,7 @@
+@@ -391,7 +455,7 @@
  allow nmbd_t self:msgq create_msgq_perms;
  allow nmbd_t self:sem create_sem_perms;
  allow nmbd_t self:shm create_shm_perms;
@@ -661968,7 +662235,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  allow nmbd_t self:tcp_socket create_stream_socket_perms;
  allow nmbd_t self:udp_socket create_socket_perms;
  allow nmbd_t self:unix_dgram_socket { create_socket_perms sendto };
-@@ -403,8 +460,7 @@
+@@ -403,8 +467,7 @@
  read_files_pattern(nmbd_t,samba_etc_t,samba_etc_t)
  
  manage_dirs_pattern(nmbd_t,samba_log_t,samba_log_t)
@@ -661978,7 +662245,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  
  read_files_pattern(nmbd_t,samba_log_t,samba_log_t)
  create_files_pattern(nmbd_t,samba_log_t,samba_log_t)
-@@ -439,6 +495,7 @@
+@@ -439,6 +502,7 @@
  dev_getattr_mtrr_dev(nmbd_t)
  
  fs_getattr_all_fs(nmbd_t)
@@ -661986,7 +662253,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  fs_search_auto_mountpoints(nmbd_t)
  
  domain_use_interactive_fds(nmbd_t)
-@@ -522,6 +579,7 @@
+@@ -522,6 +586,7 @@
  storage_raw_write_fixed_disk(smbmount_t)
  
  term_list_ptys(smbmount_t)
@@ -661994,7 +662261,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  
  corecmd_list_bin(smbmount_t)
  
-@@ -533,41 +591,50 @@
+@@ -533,41 +598,50 @@
  
  auth_use_nsswitch(smbmount_t)
  
@@ -662055,7 +662322,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  allow swat_t smbd_var_run_t:file read;
  
  manage_dirs_pattern(swat_t,swat_tmp_t,swat_tmp_t)
-@@ -577,7 +644,9 @@
+@@ -577,7 +651,9 @@
  manage_files_pattern(swat_t,swat_var_run_t,swat_var_run_t)
  files_pid_filetrans(swat_t,swat_var_run_t,file)
  
@@ -662066,7 +662333,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  
  kernel_read_kernel_sysctls(swat_t)
  kernel_read_system_state(swat_t)
-@@ -602,10 +671,12 @@
+@@ -602,10 +678,12 @@
  
  dev_read_urand(swat_t)
  
@@ -662079,7 +662346,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  
  auth_domtrans_chk_passwd(swat_t)
  auth_use_nsswitch(swat_t)
-@@ -614,6 +685,7 @@
+@@ -614,6 +692,7 @@
  libs_use_shared_libs(swat_t)
  
  logging_send_syslog_msg(swat_t)
@@ -662087,7 +662354,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  logging_search_logs(swat_t)
  
  miscfiles_read_localization(swat_t)
-@@ -631,6 +703,17 @@
+@@ -631,6 +710,17 @@
  	kerberos_use(swat_t)
  ')
  
@@ -662105,7 +662372,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  ########################################
  #
  # Winbind local policy
-@@ -673,12 +756,15 @@
+@@ -673,12 +763,15 @@
  
  manage_dirs_pattern(winbind_t,winbind_tmp_t,winbind_tmp_t)
  manage_files_pattern(winbind_t,winbind_tmp_t,winbind_tmp_t)
@@ -662121,7 +662388,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  kernel_read_kernel_sysctls(winbind_t)
  kernel_list_proc(winbind_t)
  kernel_read_proc_symlinks(winbind_t)
-@@ -764,8 +850,13 @@
+@@ -764,8 +857,13 @@
  miscfiles_read_localization(winbind_helper_t) 
  
  optional_policy(`
@@ -662135,7 +662402,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
  ')
  
  ########################################
-@@ -774,19 +865,64 @@
+@@ -774,19 +872,64 @@
  #
  
  optional_policy(`
@@ -662217,7 +662484,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
 +allow smbcontrol_t nmbd_var_run_t:file { read lock };
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.fc serefpolicy-3.3.1/policy/modules/services/sasl.fc
 --- nsaserefpolicy/policy/modules/services/sasl.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/sasl.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/sasl.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,3 +8,5 @@
  # /var
  #
@@ -662226,7 +662493,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl
 +/etc/rc\.d/init\.d/sasl	--	gen_context(system_u:object_r:sasl_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.if serefpolicy-3.3.1/policy/modules/services/sasl.if
 --- nsaserefpolicy/policy/modules/services/sasl.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/sasl.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/sasl.if	2009-02-04 10:54:48.000000000 +0100
 @@ -21,6 +21,25 @@
  
  ########################################
@@ -662294,7 +662561,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl.te serefpolicy-3.3.1/policy/modules/services/sasl.te
 --- nsaserefpolicy/policy/modules/services/sasl.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/sasl.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/sasl.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,6 +23,9 @@
  type saslauthd_var_run_t;
  files_pid_file(saslauthd_var_run_t)
@@ -662327,7 +662594,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sasl
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.if serefpolicy-3.3.1/policy/modules/services/sendmail.if
 --- nsaserefpolicy/policy/modules/services/sendmail.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/sendmail.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/sendmail.if	2009-02-04 10:54:48.000000000 +0100
 @@ -149,3 +149,104 @@
  
  	logging_log_filetrans($1,sendmail_log_t,file)
@@ -662435,7 +662702,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.te serefpolicy-3.3.1/policy/modules/services/sendmail.te
 --- nsaserefpolicy/policy/modules/services/sendmail.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/sendmail.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/sendmail.te	2009-02-04 14:41:21.000000000 +0100
 @@ -20,13 +20,17 @@
  mta_mailserver_delivery(sendmail_t)
  mta_mailserver_sender(sendmail_t)
@@ -662494,7 +662761,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
  
  auth_use_nsswitch(sendmail_t)
  
-@@ -91,33 +101,51 @@
+@@ -91,33 +101,55 @@
  libs_read_lib_files(sendmail_t)
  
  logging_send_syslog_msg(sendmail_t)
@@ -662528,14 +662795,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
 +
 +optional_policy(`
 +	cyrus_stream_connect(sendmail_t)
-+')
-+
-+optional_policy(`
-+	munin_dontaudit_search_lib(sendmail_t)
  ')
  
  optional_policy(`
 -	postfix_exec_master(sendmail_t)
++	munin_dontaudit_search_lib(sendmail_t)
++')
++
++optional_policy(`
++        milter_stream_connect_all(sendmail_t)
++')
++
++optional_policy(`
 +	postfix_domtrans_postdrop(sendmail_t)
 +	postfix_domtrans_master(sendmail_t)
  	postfix_read_config(sendmail_t)
@@ -662548,7 +662819,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
  ')
  
  optional_policy(`
-@@ -125,24 +153,29 @@
+@@ -125,24 +157,29 @@
  ')
  
  optional_policy(`
@@ -662578,15 +662849,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
 +optional_policy(`
 +	uucp_domtrans_uux(sendmail_t)
 +')
-+
+ 
+-# Silently deny attempts to access /root.
+-dontaudit system_mail_t { staff_home_dir_t sysadm_home_dir_t}:dir { getattr search };
 +########################################
 +#
 +# Unconfined sendmail local policy 
 +# Allow unconfined domain to run newalias and have transitions work
 +#
- 
--# Silently deny attempts to access /root.
--dontaudit system_mail_t { staff_home_dir_t sysadm_home_dir_t}:dir { getattr search };
++
 +optional_policy(`
 +	mta_etc_filetrans_aliases(unconfined_sendmail_t)
 +	unconfined_domain(unconfined_sendmail_t)
@@ -662596,7 +662867,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/send
 -') dnl end TODO
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.fc serefpolicy-3.3.1/policy/modules/services/setroubleshoot.fc
 --- nsaserefpolicy/policy/modules/services/setroubleshoot.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -5,3 +5,5 @@
  /var/log/setroubleshoot(/.*)?		gen_context(system_u:object_r:setroubleshoot_var_log_t,s0)
  
@@ -662605,7 +662876,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setr
 +/etc/rc\.d/init\.d/setroubleshoot	--	gen_context(system_u:object_r:setroubleshoot_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.if serefpolicy-3.3.1/policy/modules/services/setroubleshoot.if
 --- nsaserefpolicy/policy/modules/services/setroubleshoot.if	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.if	2009-02-04 10:54:48.000000000 +0100
 @@ -16,14 +16,13 @@
  	')
  
@@ -662705,7 +662976,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setr
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setroubleshoot.te serefpolicy-3.3.1/policy/modules/services/setroubleshoot.te
 --- nsaserefpolicy/policy/modules/services/setroubleshoot.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/setroubleshoot.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,13 +22,16 @@
  type setroubleshoot_var_run_t;
  files_pid_file(setroubleshoot_var_run_t)
@@ -662787,13 +663058,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/setr
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/slattach.fc serefpolicy-3.3.1/policy/modules/services/slattach.fc
 --- nsaserefpolicy/policy/modules/services/slattach.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/slattach.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/slattach.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2 @@
 +
 +/sbin/slattach	--	gen_context(system_u:object_r:slattach_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/slattach.if serefpolicy-3.3.1/policy/modules/services/slattach.if
 --- nsaserefpolicy/policy/modules/services/slattach.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/slattach.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/slattach.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,22 @@
 +
 +## <summary>policy for slattach</summary>
@@ -662819,7 +663090,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/slat
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/slattach.te serefpolicy-3.3.1/policy/modules/services/slattach.te
 --- nsaserefpolicy/policy/modules/services/slattach.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/slattach.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/slattach.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,31 @@
 +policy_module(slattach,1.0.0)
 +
@@ -662854,7 +663125,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/slat
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smartmon.fc serefpolicy-3.3.1/policy/modules/services/smartmon.fc
 --- nsaserefpolicy/policy/modules/services/smartmon.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/smartmon.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/smartmon.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,3 +8,4 @@
  #
  /var/run/smartd\.pid	--	gen_context(system_u:object_r:fsdaemon_var_run_t,s0)
@@ -662862,7 +663133,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smar
 +/etc/rc\.d/init\.d/smartd	--	gen_context(system_u:object_r:fsdaemon_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smartmon.if serefpolicy-3.3.1/policy/modules/services/smartmon.if
 --- nsaserefpolicy/policy/modules/services/smartmon.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/smartmon.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/smartmon.if	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,25 @@
  
  ########################################
@@ -662919,7 +663190,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smar
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smartmon.te serefpolicy-3.3.1/policy/modules/services/smartmon.te
 --- nsaserefpolicy/policy/modules/services/smartmon.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/smartmon.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/smartmon.te	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,10 @@
  type fsdaemon_tmp_t;
  files_tmp_file(fsdaemon_tmp_t)
@@ -662958,7 +663229,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/smar
  userdom_dontaudit_search_sysadm_home_dirs(fsdaemon_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp.fc serefpolicy-3.3.1/policy/modules/services/snmp.fc
 --- nsaserefpolicy/policy/modules/services/snmp.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/snmp.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/snmp.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,6 +8,7 @@
  #
  # /var
@@ -662976,7 +663247,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp
 +/etc/rc\.d/init\.d/snmptrapd --	gen_context(system_u:object_r:snmp_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp.if serefpolicy-3.3.1/policy/modules/services/snmp.if
 --- nsaserefpolicy/policy/modules/services/snmp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/snmp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/snmp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -87,6 +87,25 @@
  
  ########################################
@@ -663039,7 +663310,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp.te serefpolicy-3.3.1/policy/modules/services/snmp.te
 --- nsaserefpolicy/policy/modules/services/snmp.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/snmp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/snmp.te	2009-02-04 10:54:48.000000000 +0100
 @@ -18,12 +18,16 @@
  type snmpd_var_lib_t;
  files_type(snmpd_var_lib_t)
@@ -663122,7 +663393,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snort.fc serefpolicy-3.3.1/policy/modules/services/snort.fc
 --- nsaserefpolicy/policy/modules/services/snort.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/snort.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/snort.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,6 +1,10 @@
 +/usr/s?bin/snort	--	gen_context(system_u:object_r:snort_exec_t,s0)
 +/usr/sbin/snort-plain	--	gen_context(system_u:object_r:snort_exec_t,s0)
@@ -663139,7 +663410,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snor
 +/etc/rc\.d/init\.d/snortd	--	gen_context(system_u:object_r:snort_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snort.if serefpolicy-3.3.1/policy/modules/services/snort.if
 --- nsaserefpolicy/policy/modules/services/snort.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/snort.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/snort.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,95 @@
 -## <summary>Snort network intrusion detection system</summary>
 +## <summary>SELinux policy for Snort IDS</summary>
@@ -663239,7 +663510,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snor
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snort.te serefpolicy-3.3.1/policy/modules/services/snort.te
 --- nsaserefpolicy/policy/modules/services/snort.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/snort.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/snort.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,10 +8,13 @@
  
  type snort_t;
@@ -663290,7 +663561,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snor
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soundserver.fc serefpolicy-3.3.1/policy/modules/services/soundserver.fc
 --- nsaserefpolicy/policy/modules/services/soundserver.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/soundserver.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/soundserver.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,10 +1,12 @@
 -/etc/nas(/.*)?			gen_context(system_u:object_r:soundd_etc_t,s0)
 -/etc/yiff(/.*)?			gen_context(system_u:object_r:soundd_etc_t,s0)
@@ -663309,7 +663580,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soun
 +/etc/rc\.d/init\.d/nasd	--	gen_context(system_u:object_r:soundd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soundserver.if serefpolicy-3.3.1/policy/modules/services/soundserver.if
 --- nsaserefpolicy/policy/modules/services/soundserver.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/soundserver.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/soundserver.if	2009-02-04 10:54:48.000000000 +0100
 @@ -13,3 +13,74 @@
  interface(`soundserver_tcp_connect',`
  	refpolicywarn(`$0($*) has been deprecated.')
@@ -663387,7 +663658,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soun
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soundserver.te serefpolicy-3.3.1/policy/modules/services/soundserver.te
 --- nsaserefpolicy/policy/modules/services/soundserver.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/soundserver.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/soundserver.te	2009-02-04 10:54:48.000000000 +0100
 @@ -10,9 +10,6 @@
  type soundd_exec_t;
  init_daemon_domain(soundd_t,soundd_exec_t)
@@ -663458,7 +663729,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/soun
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.fc serefpolicy-3.3.1/policy/modules/services/spamassassin.fc
 --- nsaserefpolicy/policy/modules/services/spamassassin.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/spamassassin.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/spamassassin.fc	2009-02-04 14:41:59.000000000 +0100
 @@ -1,4 +1,4 @@
 -HOME_DIR/\.spamassassin(/.*)?	gen_context(system_u:object_r:ROLE_spamassassin_home_t,s0)
 +HOME_DIR/\.spamassassin(/.*)?	gen_context(system_u:object_r:user_spamassassin_home_t,s0)
@@ -663469,7 +663740,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
  /usr/bin/spamd		--	gen_context(system_u:object_r:spamd_exec_t,s0)
  
  /usr/sbin/spamd		--	gen_context(system_u:object_r:spamd_exec_t,s0)
-+/usr/sbin/spamass-milter --	gen_context(system_u:object_r:spamd_exec_t,s0)
++#/usr/sbin/spamass-milter --	gen_context(system_u:object_r:spamd_exec_t,s0)
  
  /var/lib/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_var_lib_t,s0)
  
@@ -663477,8 +663748,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +
  /var/run/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_var_run_t,s0)
 -/var/run/spamass-milter(/.*)?	gen_context(system_u:object_r:spamd_var_run_t,s0)
-+/var/run/spamass-milter.*	gen_context(system_u:object_r:spamd_var_run_t,s0)
-+/var/spool/milter-regex(/.*)?	gen_context(system_u:object_r:spamd_var_run_t,s0)
++#/var/run/spamass-milter.*	gen_context(system_u:object_r:spamd_var_run_t,s0)
++#/var/spool/milter-regex(/.*)?	gen_context(system_u:object_r:spamd_var_run_t,s0)
  
  /var/spool/spamassassin(/.*)?	gen_context(system_u:object_r:spamd_spool_t,s0)
  /var/spool/spamd(/.*)?		gen_context(system_u:object_r:spamd_spool_t,s0)
@@ -663486,7 +663757,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +/etc/rc\.d/init\.d/spamd	--	gen_context(system_u:object_r:spamd_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.if serefpolicy-3.3.1/policy/modules/services/spamassassin.if
 --- nsaserefpolicy/policy/modules/services/spamassassin.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/spamassassin.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/spamassassin.if	2009-02-04 10:54:48.000000000 +0100
 @@ -34,10 +34,11 @@
  # cjp: when tunables are available, spamc stuff should be
  # toggled on activation of spamc, and similarly for spamd.
@@ -664055,7 +664326,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.3.1/policy/modules/services/spamassassin.te
 --- nsaserefpolicy/policy/modules/services/spamassassin.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/spamassassin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/spamassassin.te	2009-02-04 11:07:37.000000000 +0100
 @@ -21,8 +21,10 @@
  gen_tunable(spamd_enable_home_dirs,true)
  
@@ -664179,7 +664450,12 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
  	dcc_stream_connect_dccifd(spamd_t)
  ')
  
-@@ -198,6 +247,11 @@
+@@ -194,10 +243,16 @@
+ optional_policy(`
+ 	pyzor_domtrans(spamd_t)
+ 	pyzor_signal(spamd_t)
++	pyzor_read_user_home_files(spamd_t)
+ ')
  
  optional_policy(`
  	razor_domtrans(spamd_t)
@@ -664191,7 +664467,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
  ')
  
  optional_policy(`
-@@ -212,3 +266,221 @@
+@@ -212,3 +267,221 @@
  optional_policy(`
  	udev_read_db(spamd_t)
  ')
@@ -664415,7 +664691,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.fc serefpolicy-3.3.1/policy/modules/services/squid.fc
 --- nsaserefpolicy/policy/modules/services/squid.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/squid.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/squid.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -12,3 +12,8 @@
  /var/run/squid\.pid	--	gen_context(system_u:object_r:squid_var_run_t,s0)
  
@@ -664427,7 +664703,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squi
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.if serefpolicy-3.3.1/policy/modules/services/squid.if
 --- nsaserefpolicy/policy/modules/services/squid.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/squid.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/squid.if	2009-02-04 10:54:48.000000000 +0100
 @@ -131,3 +131,95 @@
  interface(`squid_use',`
  	refpolicywarn(`$0($*) has been deprecated.')
@@ -664526,7 +664802,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squi
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.te serefpolicy-3.3.1/policy/modules/services/squid.te
 --- nsaserefpolicy/policy/modules/services/squid.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/squid.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/squid.te	2009-02-04 10:54:48.000000000 +0100
 @@ -31,12 +31,15 @@
  type squid_var_run_t;
  files_pid_file(squid_var_run_t)
@@ -664615,7 +664891,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squi
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.fc serefpolicy-3.3.1/policy/modules/services/ssh.fc
 --- nsaserefpolicy/policy/modules/services/ssh.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ssh.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ssh.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,4 @@
 -HOME_DIR/\.ssh(/.*)?			gen_context(system_u:object_r:ROLE_home_ssh_t,s0)
 +HOME_DIR/\.ssh(/.*)?			gen_context(system_u:object_r:user_ssh_home_t,s0)
@@ -664624,7 +664900,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.
  /etc/ssh/ssh_host_key 		--	gen_context(system_u:object_r:sshd_key_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.if serefpolicy-3.3.1/policy/modules/services/ssh.if
 --- nsaserefpolicy/policy/modules/services/ssh.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ssh.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ssh.if	2009-02-04 10:54:48.000000000 +0100
 @@ -36,6 +36,7 @@
  	gen_require(`
  		attribute ssh_server;
@@ -664888,7 +665164,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.te serefpolicy-3.3.1/policy/modules/services/ssh.te
 --- nsaserefpolicy/policy/modules/services/ssh.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/ssh.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/ssh.te	2009-02-04 10:54:48.000000000 +0100
 @@ -24,7 +24,7 @@
  
  # Type for the ssh-agent executable.
@@ -664950,7 +665226,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ssh.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stunnel.fc serefpolicy-3.3.1/policy/modules/services/stunnel.fc
 --- nsaserefpolicy/policy/modules/services/stunnel.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/stunnel.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/stunnel.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -2,5 +2,6 @@
  /etc/stunnel(/.*)?          	gen_context(system_u:object_r:stunnel_etc_t,s0)
  
@@ -664960,7 +665236,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stun
  /var/run/stunnel(/.*)?		gen_context(system_u:object_r:stunnel_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stunnel.if serefpolicy-3.3.1/policy/modules/services/stunnel.if
 --- nsaserefpolicy/policy/modules/services/stunnel.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/stunnel.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/stunnel.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,25 @@
  ## <summary>SSL Tunneling Proxy</summary>
 +
@@ -664989,7 +665265,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stun
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stunnel.te serefpolicy-3.3.1/policy/modules/services/stunnel.te
 --- nsaserefpolicy/policy/modules/services/stunnel.te	2008-02-26 14:23:11.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/stunnel.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/stunnel.te	2009-02-04 10:54:48.000000000 +0100
 @@ -20,7 +20,7 @@
  ')
  
@@ -665010,7 +665286,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/stun
  corenet_tcp_sendrecv_all_if(stunnel_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/telnet.te serefpolicy-3.3.1/policy/modules/services/telnet.te
 --- nsaserefpolicy/policy/modules/services/telnet.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/telnet.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/telnet.te	2009-02-04 10:54:48.000000000 +0100
 @@ -37,6 +37,8 @@
  allow telnetd_t telnetd_devpts_t:chr_file { rw_chr_file_perms setattr };
  term_create_pty(telnetd_t,telnetd_devpts_t)
@@ -665062,7 +665338,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/teln
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.fc serefpolicy-3.3.1/policy/modules/services/tftp.fc
 --- nsaserefpolicy/policy/modules/services/tftp.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/tftp.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/tftp.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,5 +4,5 @@
  
  /tftpboot		-d	gen_context(system_u:object_r:tftpdir_t,s0)
@@ -665072,7 +665348,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.if serefpolicy-3.3.1/policy/modules/services/tftp.if
 --- nsaserefpolicy/policy/modules/services/tftp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/tftp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/tftp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -24,17 +24,17 @@
  #
  interface(`tftp_admin',`
@@ -665100,7 +665376,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp.te serefpolicy-3.3.1/policy/modules/services/tftp.te
 --- nsaserefpolicy/policy/modules/services/tftp.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/tftp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/tftp.te	2009-02-04 10:54:48.000000000 +0100
 @@ -37,7 +37,6 @@
  allow tftpd_t self:udp_socket create_socket_perms;
  allow tftpd_t self:unix_dgram_socket create_socket_perms;
@@ -665145,13 +665421,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tftp
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/timidity.if serefpolicy-3.3.1/policy/modules/services/timidity.if
 --- nsaserefpolicy/policy/modules/services/timidity.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/timidity.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/timidity.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,2 @@
  ## <summary>MIDI to WAV converter and player configured as a service</summary>
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tor.fc serefpolicy-3.3.1/policy/modules/services/tor.fc
 --- nsaserefpolicy/policy/modules/services/tor.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/tor.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/tor.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,8 +1,10 @@
  /etc/tor(/.*)?			gen_context(system_u:object_r:tor_etc_t,s0)
  
@@ -665166,7 +665442,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tor.
 +/etc/rc\.d/init\.d/tor	--	gen_context(system_u:object_r:tor_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tor.if serefpolicy-3.3.1/policy/modules/services/tor.if
 --- nsaserefpolicy/policy/modules/services/tor.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/tor.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/tor.if	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,25 @@
  
  ########################################
@@ -665230,7 +665506,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tor.
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tor.te serefpolicy-3.3.1/policy/modules/services/tor.te
 --- nsaserefpolicy/policy/modules/services/tor.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/tor.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/tor.te	2009-02-04 10:54:48.000000000 +0100
 @@ -26,11 +26,15 @@
  type tor_var_run_t;
  files_pid_file(tor_var_run_t)
@@ -665265,7 +665541,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tor.
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/uucp.if serefpolicy-3.3.1/policy/modules/services/uucp.if
 --- nsaserefpolicy/policy/modules/services/uucp.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/uucp.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/uucp.if	2009-02-04 10:54:48.000000000 +0100
 @@ -85,27 +85,27 @@
  #
  interface(`uucp_admin',`
@@ -665307,7 +665583,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/uucp
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/uucp.te serefpolicy-3.3.1/policy/modules/services/uucp.te
 --- nsaserefpolicy/policy/modules/services/uucp.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/uucp.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/uucp.te	2009-02-04 10:54:48.000000000 +0100
 @@ -116,6 +116,8 @@
  
  files_read_etc_files(uux_t)
@@ -665327,13 +665603,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/uucp
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/w3c.fc serefpolicy-3.3.1/policy/modules/services/w3c.fc
 --- nsaserefpolicy/policy/modules/services/w3c.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/w3c.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/w3c.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,2 @@
 +/usr/share/w3c-markup-validator(/.*)?		gen_context(system_u:object_r:httpd_w3c_validator_content_t,s0)
 +/usr/share/w3c-markup-validator/cgi-bin(/.*)?	gen_context(system_u:object_r:httpd_w3c_validator_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/w3c.if serefpolicy-3.3.1/policy/modules/services/w3c.if
 --- nsaserefpolicy/policy/modules/services/w3c.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/w3c.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/w3c.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,20 @@
 +## <summary>W3C</summary>
 +
@@ -665357,7 +665633,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/w3c.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/w3c.te serefpolicy-3.3.1/policy/modules/services/w3c.te
 --- nsaserefpolicy/policy/modules/services/w3c.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/w3c.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/w3c.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,14 @@
 +policy_module(w3c,1.2.1)
 +
@@ -665375,19 +665651,19 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/w3c.
 +miscfiles_read_certs(httpd_w3c_validator_script_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/watchdog.if serefpolicy-3.3.1/policy/modules/services/watchdog.if
 --- nsaserefpolicy/policy/modules/services/watchdog.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/watchdog.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/watchdog.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,2 @@
  ## <summary>Software watchdog</summary>
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xprint.if serefpolicy-3.3.1/policy/modules/services/xprint.if
 --- nsaserefpolicy/policy/modules/services/xprint.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/xprint.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/xprint.if	2009-02-04 10:54:48.000000000 +0100
 @@ -1 +1,2 @@
  ## <summary>X print server</summary>
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.fc serefpolicy-3.3.1/policy/modules/services/xserver.fc
 --- nsaserefpolicy/policy/modules/services/xserver.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/xserver.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,13 +1,13 @@
  #
  # HOME_DIR
@@ -665458,7 +665734,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
  /var/lib/pam_devperm/:0	--	gen_context(system_u:object_r:xdm_var_lib_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.3.1/policy/modules/services/xserver.if
 --- nsaserefpolicy/policy/modules/services/xserver.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/xserver.if	2009-02-04 10:54:48.000000000 +0100
 @@ -12,9 +12,15 @@
  ##	</summary>
  ## </param>
@@ -666948,7 +667224,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.te serefpolicy-3.3.1/policy/modules/services/xserver.te
 --- nsaserefpolicy/policy/modules/services/xserver.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/xserver.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/xserver.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,6 +8,14 @@
  
  ## <desc>
@@ -667615,7 +667891,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zabbix.fc serefpolicy-3.3.1/policy/modules/services/zabbix.fc
 --- nsaserefpolicy/policy/modules/services/zabbix.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/zabbix.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/zabbix.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,8 @@
 +
  /usr/bin/zabbix_server	--	gen_context(system_u:object_r:zabbix_exec_t,s0)
@@ -667627,7 +667903,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zabb
 +/etc/rc\.d/init\.d/zabbix	--	gen_context(system_u:object_r:zabbix_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zabbix.if serefpolicy-3.3.1/policy/modules/services/zabbix.if
 --- nsaserefpolicy/policy/modules/services/zabbix.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/zabbix.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/zabbix.if	2009-02-04 10:54:48.000000000 +0100
 @@ -79,6 +79,25 @@
  
  ########################################
@@ -667686,7 +667962,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zabb
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zabbix.te serefpolicy-3.3.1/policy/modules/services/zabbix.te
 --- nsaserefpolicy/policy/modules/services/zabbix.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/zabbix.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/zabbix.te	2009-02-04 10:54:48.000000000 +0100
 @@ -18,6 +18,9 @@
  type zabbix_var_run_t;
  files_pid_file(zabbix_var_run_t)
@@ -667699,7 +667975,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zabb
  # zabbix local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zebra.fc serefpolicy-3.3.1/policy/modules/services/zebra.fc
 --- nsaserefpolicy/policy/modules/services/zebra.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/zebra.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/zebra.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -14,3 +14,10 @@
  /var/run/\.zebra	-s	gen_context(system_u:object_r:zebra_var_run_t,s0)
  /var/run/\.zserv	-s	gen_context(system_u:object_r:zebra_var_run_t,s0)
@@ -667713,7 +667989,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zebr
 +/etc/rc\.d/init\.d/zebra	--	gen_context(system_u:object_r:zebra_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zebra.if serefpolicy-3.3.1/policy/modules/services/zebra.if
 --- nsaserefpolicy/policy/modules/services/zebra.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/zebra.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/zebra.if	2009-02-04 10:54:48.000000000 +0100
 @@ -18,12 +18,32 @@
  
  	files_search_etc($1)
@@ -667790,7 +668066,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zebr
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zebra.te serefpolicy-3.3.1/policy/modules/services/zebra.te
 --- nsaserefpolicy/policy/modules/services/zebra.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/services/zebra.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/services/zebra.te	2009-02-04 10:54:48.000000000 +0100
 @@ -30,6 +30,9 @@
  type zebra_var_run_t;
  files_pid_file(zebra_var_run_t)
@@ -667820,7 +668096,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/zebr
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/application.te serefpolicy-3.3.1/policy/modules/system/application.te
 --- nsaserefpolicy/policy/modules/system/application.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/application.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/application.te	2009-02-04 10:54:48.000000000 +0100
 @@ -7,6 +7,12 @@
  # Executables to be run by user
  attribute application_exec_type;
@@ -667836,7 +668112,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/applic
  	ssh_rw_stream_sockets(application_domain_type)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.fc serefpolicy-3.3.1/policy/modules/system/authlogin.fc
 --- nsaserefpolicy/policy/modules/system/authlogin.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/authlogin.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/authlogin.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -7,12 +7,10 @@
  /etc/passwd\.lock	--	gen_context(system_u:object_r:shadow_t,s0)
  /etc/shadow.*		--	gen_context(system_u:object_r:shadow_t,s0)
@@ -667865,7 +668141,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +/var/cache/coolkey(/.*)?	gen_context(system_u:object_r:auth_cache_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.3.1/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/authlogin.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/authlogin.if	2009-02-04 10:54:48.000000000 +0100
 @@ -56,10 +56,6 @@
  	miscfiles_read_localization($1_chkpwd_t)
  
@@ -668161,7 +668437,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.3.1/policy/modules/system/authlogin.te
 --- nsaserefpolicy/policy/modules/system/authlogin.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/authlogin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/authlogin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -59,6 +59,9 @@
  type utempter_exec_t;
  application_domain(utempter_t,utempter_exec_t)
@@ -668273,7 +668549,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.fc serefpolicy-3.3.1/policy/modules/system/fstools.fc
 --- nsaserefpolicy/policy/modules/system/fstools.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/fstools.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/fstools.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,3 @@
 -/sbin/badblocks		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
  /sbin/blkid		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
@@ -668289,7 +668565,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstool
  /sbin/partx		--	gen_context(system_u:object_r:fsadm_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.if serefpolicy-3.3.1/policy/modules/system/fstools.if
 --- nsaserefpolicy/policy/modules/system/fstools.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/fstools.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/fstools.if	2009-02-04 10:54:48.000000000 +0100
 @@ -142,3 +142,21 @@
  
  	allow $1 swapfile_t:file getattr;
@@ -668314,7 +668590,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstool
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.te serefpolicy-3.3.1/policy/modules/system/fstools.te
 --- nsaserefpolicy/policy/modules/system/fstools.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/fstools.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/fstools.te	2009-02-04 10:54:48.000000000 +0100
 @@ -97,6 +97,10 @@
  fs_getattr_tmpfs_dirs(fsadm_t)
  fs_read_tmpfs_symlinks(fsadm_t)
@@ -668338,7 +668614,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstool
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/getty.fc serefpolicy-3.3.1/policy/modules/system/getty.fc
 --- nsaserefpolicy/policy/modules/system/getty.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/getty.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/getty.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -8,5 +8,5 @@
  
  /var/run/mgetty\.pid.*	--	gen_context(system_u:object_r:getty_var_run_t,s0)
@@ -668349,7 +668625,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/getty.
 +/var/spool/voice(/.*)?		gen_context(system_u:object_r:getty_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/getty.te serefpolicy-3.3.1/policy/modules/system/getty.te
 --- nsaserefpolicy/policy/modules/system/getty.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/getty.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/getty.te	2009-02-04 10:54:48.000000000 +0100
 @@ -9,6 +9,7 @@
  type getty_t;
  type getty_exec_t;
@@ -668360,7 +668636,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/getty.
  type getty_etc_t;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostname.te serefpolicy-3.3.1/policy/modules/system/hostname.te
 --- nsaserefpolicy/policy/modules/system/hostname.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/hostname.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/hostname.te	2009-02-04 10:54:48.000000000 +0100
 @@ -8,7 +8,9 @@
  
  type hostname_t;
@@ -668374,7 +668650,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostna
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hotplug.te serefpolicy-3.3.1/policy/modules/system/hotplug.te
 --- nsaserefpolicy/policy/modules/system/hotplug.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/hotplug.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/hotplug.te	2009-02-04 10:54:48.000000000 +0100
 @@ -120,6 +120,7 @@
  	optional_policy(`
  		# for arping used for static IP addresses on PCMCIA ethernet
@@ -668393,7 +668669,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hotplu
  optional_policy(`
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.fc serefpolicy-3.3.1/policy/modules/system/init.fc
 --- nsaserefpolicy/policy/modules/system/init.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/init.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/init.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,8 +4,7 @@
  /etc/init\.d/.*		--	gen_context(system_u:object_r:initrc_exec_t,s0)
  
@@ -668411,7 +668687,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.f
 -
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-3.3.1/policy/modules/system/init.if
 --- nsaserefpolicy/policy/modules/system/init.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/init.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/init.if	2009-02-04 10:54:48.000000000 +0100
 @@ -211,6 +211,16 @@
  			kernel_dontaudit_use_fds($1)
  		')
@@ -668789,7 +669065,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.i
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.3.1/policy/modules/system/init.te
 --- nsaserefpolicy/policy/modules/system/init.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/init.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/init.te	2009-02-04 10:54:48.000000000 +0100
 @@ -10,6 +10,20 @@
  # Declarations
  #
@@ -669126,7 +669402,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.t
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.fc serefpolicy-3.3.1/policy/modules/system/ipsec.fc
 --- nsaserefpolicy/policy/modules/system/ipsec.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/ipsec.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/ipsec.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -16,6 +16,8 @@
  /usr/lib(64)?/ipsec/pluto	--	gen_context(system_u:object_r:ipsec_exec_t,s0)
  /usr/lib(64)?/ipsec/spi		--	gen_context(system_u:object_r:ipsec_exec_t,s0)
@@ -669146,7 +669422,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.if serefpolicy-3.3.1/policy/modules/system/ipsec.if
 --- nsaserefpolicy/policy/modules/system/ipsec.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/ipsec.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/ipsec.if	2009-02-04 10:54:48.000000000 +0100
 @@ -152,6 +152,25 @@
  
  ########################################
@@ -669175,7 +669451,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.te serefpolicy-3.3.1/policy/modules/system/ipsec.te
 --- nsaserefpolicy/policy/modules/system/ipsec.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/ipsec.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/ipsec.te	2009-02-04 10:54:48.000000000 +0100
 @@ -55,11 +55,13 @@
  
  allow ipsec_t self:capability { net_admin dac_override dac_read_search };
@@ -669205,7 +669481,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.
  can_exec(ipsec_t, ipsec_mgmt_exec_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.if serefpolicy-3.3.1/policy/modules/system/iptables.if
 --- nsaserefpolicy/policy/modules/system/iptables.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/iptables.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/iptables.if	2009-02-04 10:54:48.000000000 +0100
 @@ -49,6 +49,12 @@
  	iptables_domtrans($1)
  	role $2 types iptables_t;
@@ -669221,7 +669497,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptabl
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.te serefpolicy-3.3.1/policy/modules/system/iptables.te
 --- nsaserefpolicy/policy/modules/system/iptables.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/iptables.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/iptables.te	2009-02-04 10:54:48.000000000 +0100
 @@ -27,7 +27,7 @@
  allow iptables_t self:process { sigchld sigkill sigstop signull signal };
  allow iptables_t self:rawip_socket create_socket_perms;
@@ -669274,7 +669550,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptabl
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.fc serefpolicy-3.3.1/policy/modules/system/iscsi.fc
 --- nsaserefpolicy/policy/modules/system/iscsi.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/iscsi.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/iscsi.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,5 +1,5 @@
  /sbin/iscsid		--	gen_context(system_u:object_r:iscsid_exec_t,s0)
  
@@ -669285,7 +669561,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.
  /var/run/iscsid\.pid	--	gen_context(system_u:object_r:iscsi_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.te serefpolicy-3.3.1/policy/modules/system/iscsi.te
 --- nsaserefpolicy/policy/modules/system/iscsi.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/iscsi.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/iscsi.te	2009-02-04 10:54:48.000000000 +0100
 @@ -28,8 +28,8 @@
  # iscsid local policy
  #
@@ -669316,7 +669592,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-3.3.1/policy/modules/system/libraries.fc
 --- nsaserefpolicy/policy/modules/system/libraries.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/libraries.fc	2009-01-30 11:17:26.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/libraries.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -69,8 +69,10 @@
  ifdef(`distro_gentoo',`
  # despite the extensions, they are actually libs
@@ -669442,7 +669718,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/librar
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.te serefpolicy-3.3.1/policy/modules/system/libraries.te
 --- nsaserefpolicy/policy/modules/system/libraries.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/libraries.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/libraries.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,6 +23,9 @@
  init_system_domain(ldconfig_t,ldconfig_exec_t)
  role system_r types ldconfig_t;
@@ -669521,7 +669797,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/librar
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locallogin.te serefpolicy-3.3.1/policy/modules/system/locallogin.te
 --- nsaserefpolicy/policy/modules/system/locallogin.te	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/locallogin.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/locallogin.te	2009-02-04 10:54:48.000000000 +0100
 @@ -131,6 +131,7 @@
  
  miscfiles_read_localization(local_login_t)
@@ -669590,7 +669866,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locall
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.fc serefpolicy-3.3.1/policy/modules/system/logging.fc
 --- nsaserefpolicy/policy/modules/system/logging.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/logging.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/logging.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -4,6 +4,8 @@
  /etc/syslog.conf		gen_context(system_u:object_r:syslog_conf_t,s0)
  /etc/audit(/.*)?		gen_context(system_u:object_r:auditd_etc_t,mls_systemhigh)
@@ -669638,7 +669914,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/loggin
 +/var/cfengine/outputs(/.*)?	gen_context(system_u:object_r:var_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.if serefpolicy-3.3.1/policy/modules/system/logging.if
 --- nsaserefpolicy/policy/modules/system/logging.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/logging.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/logging.if	2009-02-04 10:54:48.000000000 +0100
 @@ -213,12 +213,7 @@
  ## </param>
  #
@@ -669891,7 +670167,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/loggin
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.te serefpolicy-3.3.1/policy/modules/system/logging.te
 --- nsaserefpolicy/policy/modules/system/logging.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/logging.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/logging.te	2009-02-04 10:54:48.000000000 +0100
 @@ -61,10 +61,29 @@
  logging_log_file(var_log_t)
  files_mountpoint(var_log_t)
@@ -670144,7 +670420,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/loggin
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.fc serefpolicy-3.3.1/policy/modules/system/lvm.fc
 --- nsaserefpolicy/policy/modules/system/lvm.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/lvm.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/lvm.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -55,6 +55,7 @@
  /sbin/lvs		--	gen_context(system_u:object_r:lvm_exec_t,s0)
  /sbin/lvscan		--	gen_context(system_u:object_r:lvm_exec_t,s0)
@@ -670160,7 +670436,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.fc
 +/var/run/dmevent.*		gen_context(system_u:object_r:lvm_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te serefpolicy-3.3.1/policy/modules/system/lvm.te
 --- nsaserefpolicy/policy/modules/system/lvm.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/lvm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/lvm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,7 +22,7 @@
  role system_r types lvm_t;
  
@@ -670339,7 +670615,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/lvm.te
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfiles.fc serefpolicy-3.3.1/policy/modules/system/miscfiles.fc
 --- nsaserefpolicy/policy/modules/system/miscfiles.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/miscfiles.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/miscfiles.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -11,6 +11,7 @@
  /etc/avahi/etc/localtime --	gen_context(system_u:object_r:locale_t,s0)
  /etc/localtime		--	gen_context(system_u:object_r:locale_t,s0)
@@ -670355,7 +670631,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfi
 +HOME_DIR/\.fontconfig(/.*)?	gen_context(system_u:object_r:user_fonts_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfiles.if serefpolicy-3.3.1/policy/modules/system/miscfiles.if
 --- nsaserefpolicy/policy/modules/system/miscfiles.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/miscfiles.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/miscfiles.if	2009-02-04 10:54:48.000000000 +0100
 @@ -489,3 +489,65 @@
  	manage_lnk_files_pattern($1,locale_t,locale_t)
  ')
@@ -670424,7 +670700,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfi
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfiles.te serefpolicy-3.3.1/policy/modules/system/miscfiles.te
 --- nsaserefpolicy/policy/modules/system/miscfiles.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/miscfiles.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/miscfiles.te	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,14 @@
  files_type(fonts_t)
  
@@ -670442,7 +670718,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfi
  type hwdata_t;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.if serefpolicy-3.3.1/policy/modules/system/modutils.if
 --- nsaserefpolicy/policy/modules/system/modutils.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/modutils.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/modutils.if	2009-02-04 10:54:48.000000000 +0100
 @@ -66,6 +66,25 @@
  
  ########################################
@@ -670479,7 +670755,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/moduti
  ########################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-3.3.1/policy/modules/system/modutils.te
 --- nsaserefpolicy/policy/modules/system/modutils.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/modutils.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/modutils.te	2009-02-04 10:54:48.000000000 +0100
 @@ -22,6 +22,8 @@
  type insmod_exec_t;
  application_domain(insmod_t,insmod_exec_t)
@@ -670622,7 +670898,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/moduti
  #################################
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.fc serefpolicy-3.3.1/policy/modules/system/mount.fc
 --- nsaserefpolicy/policy/modules/system/mount.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/mount.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/mount.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,6 @@
  /bin/mount.*			--	gen_context(system_u:object_r:mount_exec_t,s0)
  /bin/umount.*			--	gen_context(system_u:object_r:mount_exec_t,s0)
@@ -670634,7 +670910,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
 +/usr/bin/fusermount            --      gen_context(system_u:object_r:mount_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.if serefpolicy-3.3.1/policy/modules/system/mount.if
 --- nsaserefpolicy/policy/modules/system/mount.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/mount.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/mount.if	2009-02-04 14:59:39.000000000 +0100
 @@ -48,7 +48,9 @@
  
  	mount_domtrans($1)
@@ -670646,9 +670922,33 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
  
  	optional_policy(`
  		samba_run_smbmount($1, $2, $3)
+@@ -171,3 +173,23 @@
+ 	role $2 types unconfined_mount_t;
+ 	allow unconfined_mount_t $3:chr_file rw_file_perms;
+ ')
++
++######################################
++## <summary>
++##      Send signal to mount process
++## </summary>
++## <param name="domain">
++##      <summary>
++##      The type of the process performing this action.
++##      </summary>
++## </param>
++#
++interface(`mount_signal',`
++        gen_require(`
++                type mount_t;
++        ')
++
++        allow $1 mount_t:process signal;
++')
++
++
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-3.3.1/policy/modules/system/mount.te
 --- nsaserefpolicy/policy/modules/system/mount.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/mount.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/mount.te	2009-02-04 10:54:48.000000000 +0100
 @@ -18,17 +18,18 @@
  init_system_domain(mount_t,mount_exec_t)
  role system_r types mount_t;
@@ -670809,7 +671109,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/netlabel.te serefpolicy-3.3.1/policy/modules/system/netlabel.te
 --- nsaserefpolicy/policy/modules/system/netlabel.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/netlabel.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/netlabel.te	2009-02-04 10:54:48.000000000 +0100
 @@ -9,6 +9,7 @@
  type netlabel_mgmt_t;
  type netlabel_mgmt_exec_t;
@@ -670820,14 +671120,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/netlab
  #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.fc serefpolicy-3.3.1/policy/modules/system/qemu.fc
 --- nsaserefpolicy/policy/modules/system/qemu.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/qemu.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/qemu.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,3 @@
 +
 +/usr/bin/qemu	--	gen_context(system_u:object_r:qemu_exec_t,s0)
 +/usr/bin/qemu-kvm --	gen_context(system_u:object_r:qemu_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.if serefpolicy-3.3.1/policy/modules/system/qemu.if
 --- nsaserefpolicy/policy/modules/system/qemu.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/qemu.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/qemu.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,336 @@
 +
 +## <summary>policy for qemu</summary>
@@ -671167,7 +671467,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.i
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.te serefpolicy-3.3.1/policy/modules/system/qemu.te
 --- nsaserefpolicy/policy/modules/system/qemu.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/qemu.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/qemu.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,79 @@
 +policy_module(qemu,1.0.0)
 +
@@ -671250,7 +671550,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/qemu.t
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/raid.te serefpolicy-3.3.1/policy/modules/system/raid.te
 --- nsaserefpolicy/policy/modules/system/raid.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/raid.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/raid.te	2009-02-04 10:54:48.000000000 +0100
 @@ -19,7 +19,7 @@
  # Local policy
  #
@@ -671278,7 +671578,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/raid.t
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.fc serefpolicy-3.3.1/policy/modules/system/selinuxutil.fc
 --- nsaserefpolicy/policy/modules/system/selinuxutil.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -38,7 +38,7 @@
  /usr/sbin/restorecond		--	gen_context(system_u:object_r:restorecond_exec_t,s0)
  /usr/sbin/run_init		--	gen_context(system_u:object_r:run_init_exec_t,s0)
@@ -671299,7 +671599,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
 +/var/lib/selinux(/.*)?			gen_context(system_u:object_r:selinux_var_lib_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.if serefpolicy-3.3.1/policy/modules/system/selinuxutil.if
 --- nsaserefpolicy/policy/modules/system/selinuxutil.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.if	2009-02-04 10:54:48.000000000 +0100
 @@ -389,7 +389,7 @@
  ##	</summary>
  ## </param>
@@ -671799,7 +672099,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.te serefpolicy-3.3.1/policy/modules/system/selinuxutil.te
 --- nsaserefpolicy/policy/modules/system/selinuxutil.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/selinuxutil.te	2009-02-04 10:54:48.000000000 +0100
 @@ -23,6 +23,9 @@
  type selinux_config_t;
  files_type(selinux_config_t)
@@ -672162,7 +672462,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinu
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setrans.fc serefpolicy-3.3.1/policy/modules/system/setrans.fc
 --- nsaserefpolicy/policy/modules/system/setrans.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/setrans.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/setrans.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,3 +1,5 @@
  /sbin/mcstransd	--	gen_context(system_u:object_r:setrans_exec_t,s0)
  
@@ -672171,7 +672471,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setran
 +/etc/rc\.d/init\.d/mcstrans	--	gen_context(system_u:object_r:setrans_script_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setrans.if serefpolicy-3.3.1/policy/modules/system/setrans.if
 --- nsaserefpolicy/policy/modules/system/setrans.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/setrans.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/setrans.if	2009-02-04 10:54:48.000000000 +0100
 @@ -13,6 +13,7 @@
  interface(`setrans_translate_context',`
  	gen_require(`
@@ -672206,7 +672506,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setran
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setrans.te serefpolicy-3.3.1/policy/modules/system/setrans.te
 --- nsaserefpolicy/policy/modules/system/setrans.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/setrans.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/setrans.te	2009-02-04 10:54:48.000000000 +0100
 @@ -14,6 +14,9 @@
  files_pid_file(setrans_var_run_t)
  mls_trusted_object(setrans_var_run_t)
@@ -672236,7 +672536,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/setran
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.fc serefpolicy-3.3.1/policy/modules/system/sysnetwork.fc
 --- nsaserefpolicy/policy/modules/system/sysnetwork.fc	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.fc	2009-01-30 15:43:22.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -57,3 +57,5 @@
  ifdef(`distro_gentoo',`
  /var/lib/dhcpc(/.*)?		gen_context(system_u:object_r:dhcpc_state_t,s0)
@@ -672245,7 +672545,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnet
 +/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.3.1/policy/modules/system/sysnetwork.if
 --- nsaserefpolicy/policy/modules/system/sysnetwork.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.if	2009-02-04 10:54:48.000000000 +0100
 @@ -145,6 +145,25 @@
  
  ########################################
@@ -672383,7 +672683,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnet
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.te serefpolicy-3.3.1/policy/modules/system/sysnetwork.te
 --- nsaserefpolicy/policy/modules/system/sysnetwork.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.te	2009-02-04 10:54:48.000000000 +0100
 @@ -20,6 +20,10 @@
  init_daemon_domain(dhcpc_t,dhcpc_exec_t)
  role system_r types dhcpc_t;
@@ -672584,7 +672884,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnet
  	xen_append_log(ifconfig_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.if serefpolicy-3.3.1/policy/modules/system/udev.if
 --- nsaserefpolicy/policy/modules/system/udev.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/udev.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/udev.if	2009-02-04 10:54:48.000000000 +0100
 @@ -96,6 +96,24 @@
  
  ########################################
@@ -672640,7 +672940,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.i
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.te serefpolicy-3.3.1/policy/modules/system/udev.te
 --- nsaserefpolicy/policy/modules/system/udev.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/udev.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/udev.te	2009-02-04 10:54:48.000000000 +0100
 @@ -83,6 +83,7 @@
  kernel_rw_unix_dgram_sockets(udev_t)
  kernel_dgram_send(udev_t)
@@ -672698,7 +672998,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.t
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.fc serefpolicy-3.3.1/policy/modules/system/unconfined.fc
 --- nsaserefpolicy/policy/modules/system/unconfined.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/unconfined.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/unconfined.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,16 +1,26 @@
  # Add programs here which should not be confined by SELinux
  # e.g.:
@@ -672734,7 +673034,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
 +/opt/real/(.*/)?realplay\.bin --	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-3.3.1/policy/modules/system/unconfined.if
 --- nsaserefpolicy/policy/modules/system/unconfined.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/unconfined.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/unconfined.if	2009-02-04 10:54:48.000000000 +0100
 @@ -12,14 +12,13 @@
  #
  interface(`unconfined_domain_noaudit',`
@@ -673090,7 +673390,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-3.3.1/policy/modules/system/unconfined.te
 --- nsaserefpolicy/policy/modules/system/unconfined.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/unconfined.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/unconfined.te	2009-02-04 10:54:48.000000000 +0100
 @@ -6,35 +6,72 @@
  # Declarations
  #
@@ -673431,7 +673731,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.fc serefpolicy-3.3.1/policy/modules/system/userdomain.fc
 --- nsaserefpolicy/policy/modules/system/userdomain.fc	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/userdomain.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/userdomain.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -1,4 +1,5 @@
 -HOME_DIR	-d	gen_context(system_u:object_r:ROLE_home_dir_t,s0-mls_systemhigh)
 -HOME_DIR/.+		gen_context(system_u:object_r:ROLE_home_t,s0)
@@ -673444,7 +673744,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +/root(/.*)?	 	gen_context(system_u:object_r:admin_home_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.3.1/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/userdomain.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/userdomain.if	2009-02-04 14:47:08.000000000 +0100
 @@ -29,9 +29,14 @@
  	')
  
@@ -674929,7 +675229,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2276,10 +2395,10 @@
+@@ -2276,10 +2395,37 @@
  #
  template(`userdom_dontaudit_exec_user_home_content_files',`
  	gen_require(`
@@ -674939,10 +675239,37 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  
 -	dontaudit $2 $1_home_t:file execute;
 +	dontaudit $2 user_home_t:file execute;
++')
++
++#######################################
++## <summary>
++##      Manage any content in the home directory
++## </summary>
++## <param name="userdomain">
++##      <summary>
++##      The user domain
++##      </summary>
++## </param>
++## <rolebase/>
++#
++interface(`userdom_manage_home_content',`
++        gen_require(`
++                type user_home_dir_t;
++                attribute user_home_type;
++        ')
++
++        files_list_home($1)
++        manage_dirs_pattern($1, { user_home_dir_t user_home_type }, user_home_type)
++        manage_files_pattern($1, { user_home_dir_t user_home_type },user_home_type)
++        manage_lnk_files_pattern($1, { user_home_dir_t user_home_type },user_home_type)
++        manage_sock_files_pattern($1, { user_home_dir_t user_home_type },user_home_type)
++        manage_fifo_files_pattern($1, { user_home_dir_t user_home_type },user_home_type)
++        filetrans_pattern($1, user_home_dir_t, user_home_t, { dir file lnk_file sock_file fifo_file })
++
  ')
  
  ########################################
-@@ -2311,12 +2430,12 @@
+@@ -2311,12 +2457,12 @@
  #
  template(`userdom_manage_user_home_content_files',`
  	gen_require(`
@@ -674958,7 +675285,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2348,10 +2467,10 @@
+@@ -2348,10 +2494,10 @@
  #
  template(`userdom_dontaudit_manage_user_home_content_dirs',`
  	gen_require(`
@@ -674971,7 +675298,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2383,12 +2502,12 @@
+@@ -2383,12 +2529,12 @@
  #
  template(`userdom_manage_user_home_content_symlinks',`
  	gen_require(`
@@ -674987,7 +675314,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2420,12 +2539,12 @@
+@@ -2420,12 +2566,12 @@
  #
  template(`userdom_manage_user_home_content_pipes',`
  	gen_require(`
@@ -675003,7 +675330,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2457,12 +2576,12 @@
+@@ -2457,12 +2603,12 @@
  #
  template(`userdom_manage_user_home_content_sockets',`
  	gen_require(`
@@ -675019,7 +675346,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2507,11 +2626,11 @@
+@@ -2507,11 +2653,11 @@
  #
  template(`userdom_user_home_dir_filetrans',`
  	gen_require(`
@@ -675033,7 +675360,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2556,11 +2675,11 @@
+@@ -2556,11 +2702,11 @@
  #
  template(`userdom_user_home_content_filetrans',`
  	gen_require(`
@@ -675047,7 +675374,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2600,11 +2719,11 @@
+@@ -2600,11 +2746,11 @@
  #
  template(`userdom_user_home_dir_filetrans_user_home_content',`
  	gen_require(`
@@ -675061,7 +675388,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2634,11 +2753,11 @@
+@@ -2634,11 +2780,11 @@
  #
  template(`userdom_write_user_tmp_sockets',`
  	gen_require(`
@@ -675075,7 +675402,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2668,11 +2787,11 @@
+@@ -2668,11 +2814,11 @@
  #
  template(`userdom_list_user_tmp',`
  	gen_require(`
@@ -675089,7 +675416,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2704,10 +2823,10 @@
+@@ -2704,10 +2850,10 @@
  #
  template(`userdom_dontaudit_list_user_tmp',`
  	gen_require(`
@@ -675102,7 +675429,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2739,10 +2858,10 @@
+@@ -2739,10 +2885,10 @@
  #
  template(`userdom_dontaudit_manage_user_tmp_dirs',`
  	gen_require(`
@@ -675115,7 +675442,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2772,12 +2891,12 @@
+@@ -2772,12 +2918,12 @@
  #
  template(`userdom_read_user_tmp_files',`
  	gen_require(`
@@ -675131,7 +675458,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2809,20 +2928,20 @@
+@@ -2809,20 +2955,20 @@
  #
  template(`userdom_dontaudit_read_user_tmp_files',`
  	gen_require(`
@@ -675156,7 +675483,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	temporary files.
  ##	</p>
  ##	<p>
-@@ -2842,21 +2961,23 @@
+@@ -2842,17 +2988,90 @@
  ##	</summary>
  ## </param>
  #
@@ -675176,28 +675503,31 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 -##	Read and write user temporary files.
 +##	Do not audit attempts to append users
 +##	temporary files.
- ## </summary>
- ## <desc>
- ##	<p>
--##	Read and write user temporary files.
++## </summary>
++## <desc>
++##	<p>
 +##	Do not audit attempts to append users
 +##	temporary files.
- ##	</p>
- ##	<p>
- ##	This is a templated interface, and should only
-@@ -2871,18 +2992,89 @@
- ## </param>
- ## <param name="domain">
- ##	<summary>
--##	Domain allowed access.
++##	</p>
++##	<p>
++##	This is a templated interface, and should only
++##	be called from a per-userdomain template.
++##	</p>
++## </desc>
++## <param name="userdomain_prefix">
++##	<summary>
++##	The prefix of the user domain (e.g., user
++##	is the prefix for user_t).
++##	</summary>
++## </param>
++## <param name="domain">
++##	<summary>
 +##	Domain to not audit.
- ##	</summary>
- ## </param>
- #
--template(`userdom_rw_user_tmp_files',`
++##	</summary>
++## </param>
++#
 +template(`userdom_dontaudit_append_user_tmp_files',`
- 	gen_require(`
--		type $1_tmp_t;
++	gen_require(`
 +		type user_tmp_t;
 +	')
 +
@@ -675245,30 +675575,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +########################################
 +## <summary>
 +##	Read and write user temporary files.
-+## </summary>
-+## <desc>
-+##	<p>
-+##	Read and write user temporary files.
-+##	</p>
-+##	<p>
-+##	This is a templated interface, and should only
-+##	be called from a per-userdomain template.
-+##	</p>
-+## </desc>
-+## <param name="userdomain_prefix">
-+##	<summary>
-+##	The prefix of the user domain (e.g., user
-+##	is the prefix for user_t).
-+##	</summary>
-+## </param>
-+## <param name="domain">
-+##	<summary>
-+##	Domain allowed access.
-+##	</summary>
-+## </param>
-+#
-+template(`userdom_rw_user_tmp_files',`
-+	gen_require(`
+ ## </summary>
+ ## <desc>
+ ##	<p>
+@@ -2877,12 +3096,12 @@
+ #
+ template(`userdom_rw_user_tmp_files',`
+ 	gen_require(`
+-		type $1_tmp_t;
 +		type user_tmp_t;
  	')
  
@@ -675280,7 +675594,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2914,10 +3106,10 @@
+@@ -2914,10 +3133,10 @@
  #
  template(`userdom_dontaudit_manage_user_tmp_files',`
  	gen_require(`
@@ -675293,7 +675607,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2949,12 +3141,12 @@
+@@ -2949,12 +3168,12 @@
  #
  template(`userdom_read_user_tmp_symlinks',`
  	gen_require(`
@@ -675309,7 +675623,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -2986,11 +3178,11 @@
+@@ -2986,11 +3205,11 @@
  #
  template(`userdom_manage_user_tmp_dirs',`
  	gen_require(`
@@ -675323,7 +675637,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -3022,11 +3214,11 @@
+@@ -3022,11 +3241,11 @@
  #
  template(`userdom_manage_user_tmp_files',`
  	gen_require(`
@@ -675337,7 +675651,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -3058,11 +3250,11 @@
+@@ -3058,11 +3277,11 @@
  #
  template(`userdom_manage_user_tmp_symlinks',`
  	gen_require(`
@@ -675351,7 +675665,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -3094,11 +3286,11 @@
+@@ -3094,11 +3313,11 @@
  #
  template(`userdom_manage_user_tmp_pipes',`
  	gen_require(`
@@ -675365,7 +675679,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -3130,11 +3322,11 @@
+@@ -3130,11 +3349,11 @@
  #
  template(`userdom_manage_user_tmp_sockets',`
  	gen_require(`
@@ -675379,7 +675693,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -3179,10 +3371,10 @@
+@@ -3179,10 +3398,10 @@
  #
  template(`userdom_user_tmp_filetrans',`
  	gen_require(`
@@ -675392,7 +675706,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  	files_search_tmp($2)
  ')
  
-@@ -3223,10 +3415,10 @@
+@@ -3223,10 +3442,10 @@
  #
  template(`userdom_tmp_filetrans_user_tmp',`
  	gen_require(`
@@ -675405,7 +675719,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -3254,6 +3446,42 @@
+@@ -3254,6 +3473,42 @@
  ##	</summary>
  ## </param>
  #
@@ -675448,7 +675762,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  template(`userdom_rw_user_tmpfs_files',`
  	gen_require(`
  		type $1_tmpfs_t;
-@@ -3267,6 +3495,42 @@
+@@ -3267,6 +3522,42 @@
  
  ########################################
  ## <summary>
@@ -675491,7 +675805,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	List users untrusted directories.
  ## </summary>
  ## <desc>
-@@ -3962,6 +4226,24 @@
+@@ -3962,6 +4253,24 @@
  
  ########################################
  ## <summary>
@@ -675516,7 +675830,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	Manage unpriviledged user SysV shared
  ##	memory segments.
  ## </summary>
-@@ -4231,11 +4513,11 @@
+@@ -4231,11 +4540,11 @@
  #
  interface(`userdom_search_staff_home_dirs',`
  	gen_require(`
@@ -675530,7 +675844,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4251,10 +4533,10 @@
+@@ -4251,10 +4560,10 @@
  #
  interface(`userdom_dontaudit_search_staff_home_dirs',`
  	gen_require(`
@@ -675543,7 +675857,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4270,11 +4552,11 @@
+@@ -4270,11 +4579,11 @@
  #
  interface(`userdom_manage_staff_home_dirs',`
  	gen_require(`
@@ -675557,7 +675871,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4289,16 +4571,16 @@
+@@ -4289,16 +4598,16 @@
  #
  interface(`userdom_relabelto_staff_home_dirs',`
  	gen_require(`
@@ -675577,7 +675891,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	users home directory.
  ## </summary>
  ## <param name="domain">
-@@ -4307,12 +4589,54 @@
+@@ -4307,12 +4616,54 @@
  ##	</summary>
  ## </param>
  #
@@ -675635,7 +675949,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4327,13 +4651,13 @@
+@@ -4327,13 +4678,13 @@
  #
  interface(`userdom_read_staff_home_content_files',`
  	gen_require(`
@@ -675653,7 +675967,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4531,10 +4855,10 @@
+@@ -4531,10 +4882,10 @@
  #
  interface(`userdom_getattr_sysadm_home_dirs',`
  	gen_require(`
@@ -675666,7 +675980,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4551,10 +4875,10 @@
+@@ -4551,10 +4902,10 @@
  #
  interface(`userdom_dontaudit_getattr_sysadm_home_dirs',`
  	gen_require(`
@@ -675679,7 +675993,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4569,10 +4893,10 @@
+@@ -4569,10 +4920,10 @@
  #
  interface(`userdom_search_sysadm_home_dirs',`
  	gen_require(`
@@ -675692,7 +676006,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4588,10 +4912,10 @@
+@@ -4588,10 +4939,10 @@
  #
  interface(`userdom_dontaudit_search_sysadm_home_dirs',`
  	gen_require(`
@@ -675705,7 +676019,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4606,10 +4930,10 @@
+@@ -4606,10 +4957,10 @@
  #
  interface(`userdom_list_sysadm_home_dirs',`
  	gen_require(`
@@ -675718,7 +676032,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4625,10 +4949,10 @@
+@@ -4625,10 +4976,10 @@
  #
  interface(`userdom_dontaudit_list_sysadm_home_dirs',`
  	gen_require(`
@@ -675731,14 +676045,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4644,12 +4968,29 @@
+@@ -4644,12 +4995,29 @@
  #
  interface(`userdom_dontaudit_read_sysadm_home_content_files',`
  	gen_require(`
 -		type sysadm_home_dir_t, sysadm_home_t;
 +		type admin_home_t;
-+	')
-+
+ 	')
+ 
+-	dontaudit $1 sysadm_home_dir_t:dir search_dir_perms;
+-	dontaudit $1 sysadm_home_t:dir search_dir_perms;
+-	dontaudit $1 sysadm_home_t:file read_file_perms;
 +	dontaudit $1 admin_home_t:dir search_dir_perms;
 +	dontaudit $1 admin_home_t:file read_file_perms;
 +')
@@ -675756,16 +676073,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +interface(`userdom_dontaudit_read_sysadm_home_sym_links',`
 +	gen_require(`
 +		type admin_home_t;
- 	')
- 
--	dontaudit $1 sysadm_home_dir_t:dir search_dir_perms;
--	dontaudit $1 sysadm_home_t:dir search_dir_perms;
--	dontaudit $1 sysadm_home_t:file read_file_perms;
++	')
++
 +	dontaudit $1 admin_home_t:lnk_file read_lnk_file_perms;
  ')
  
  ########################################
-@@ -4676,10 +5017,10 @@
+@@ -4676,10 +5044,10 @@
  #
  interface(`userdom_sysadm_home_dir_filetrans',`
  	gen_require(`
@@ -675778,7 +676092,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4694,10 +5035,10 @@
+@@ -4694,10 +5062,10 @@
  #
  interface(`userdom_search_sysadm_home_content_dirs',`
  	gen_require(`
@@ -675791,7 +676105,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4712,13 +5053,13 @@
+@@ -4712,13 +5080,13 @@
  #
  interface(`userdom_read_sysadm_home_content_files',`
  	gen_require(`
@@ -675809,7 +676123,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4754,11 +5095,49 @@
+@@ -4754,11 +5122,49 @@
  #
  interface(`userdom_search_all_users_home_dirs',`
  	gen_require(`
@@ -675860,7 +676174,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4778,6 +5157,14 @@
+@@ -4778,6 +5184,14 @@
  
  	files_list_home($1)
  	allow $1 home_dir_type:dir list_dir_perms;
@@ -675875,7 +676189,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4815,6 +5202,8 @@
+@@ -4815,6 +5229,8 @@
  	')
  
  	dontaudit $1 { home_dir_type home_type }:dir search_dir_perms;
@@ -675884,7 +676198,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ')
  
  ########################################
-@@ -4839,7 +5228,7 @@
+@@ -4839,7 +5255,7 @@
  
  ########################################
  ## <summary>
@@ -675893,7 +676207,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	in all users home directories.
  ## </summary>
  ## <param name="domain">
-@@ -4848,18 +5237,18 @@
+@@ -4848,18 +5264,18 @@
  ##	</summary>
  ## </param>
  #
@@ -675915,7 +676229,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	in all users home directories.
  ## </summary>
  ## <param name="domain">
-@@ -4868,18 +5257,18 @@
+@@ -4868,18 +5284,18 @@
  ##	</summary>
  ## </param>
  #
@@ -675937,7 +676251,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	in all users home directories.
  ## </summary>
  ## <param name="domain">
-@@ -4888,19 +5277,78 @@
+@@ -4888,12 +5304,71 @@
  ##	</summary>
  ## </param>
  #
@@ -675948,14 +676262,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  	')
  
 -	files_list_home($1)
--	manage_lnk_files_pattern($1,home_type,home_type)
 +	delete_files_pattern($1,home_type,home_type)
- ')
- 
- ########################################
- ## <summary>
--##	Make the specified domain a privileged
--##	home directory manager.
++')
++
++########################################
++## <summary>
 +##	Create, read, write, and delete all files
 +##	in all users home directories.
 +## </summary>
@@ -676011,17 +676322,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +	')
 +
 +	files_list_home($1)
-+	manage_lnk_files_pattern($1,home_type,home_type)
-+')
-+
-+########################################
-+## <summary>
-+##	Make the specified domain a privileged
-+##	home directory manager.
- ## </summary>
- ## <desc>
- ##	<p>
-@@ -5115,7 +5563,7 @@
+ 	manage_lnk_files_pattern($1,home_type,home_type)
+ ')
+ 
+@@ -5115,7 +5590,7 @@
  #
  interface(`userdom_relabelto_generic_user_home_dirs',`
  	gen_require(`
@@ -676030,7 +676334,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  	')
  
  	files_search_home($1)
-@@ -5304,6 +5752,63 @@
+@@ -5304,6 +5779,63 @@
  
  ########################################
  ## <summary>
@@ -676094,7 +676398,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	Create, read, write, and delete directories in
  ##	unprivileged users home directories.
  ## </summary>
-@@ -5509,6 +6014,43 @@
+@@ -5509,6 +6041,43 @@
  
  ########################################
  ## <summary>
@@ -676138,7 +676442,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	Read and write unprivileged user ttys.
  ## </summary>
  ## <param name="domain">
-@@ -5559,7 +6101,7 @@
+@@ -5559,7 +6128,7 @@
  		attribute userdomain;
  	')
  
@@ -676147,7 +676451,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  	kernel_search_proc($1)
  ')
  
-@@ -5674,6 +6216,42 @@
+@@ -5674,6 +6243,42 @@
  
  ########################################
  ## <summary>
@@ -676190,7 +676494,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  ##	Send a dbus message to all user domains.
  ## </summary>
  ## <param name="domain">
-@@ -5704,3 +6282,408 @@
+@@ -5704,3 +6309,408 @@
  interface(`userdom_unconfined',`
  	refpolicywarn(`$0($*) has been deprecated.')
  ')
@@ -676601,7 +676905,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.te serefpolicy-3.3.1/policy/modules/system/userdomain.te
 --- nsaserefpolicy/policy/modules/system/userdomain.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/userdomain.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/userdomain.te	2009-02-04 10:54:48.000000000 +0100
 @@ -2,12 +2,7 @@
  policy_module(userdomain,2.5.0)
  
@@ -676927,7 +677231,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.fc serefpolicy-3.3.1/policy/modules/system/virt.fc
 --- nsaserefpolicy/policy/modules/system/virt.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/virt.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/virt.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,13 @@
 +
 +/usr/sbin/libvirtd	--	gen_context(system_u:object_r:virtd_exec_t,s0)
@@ -676944,7 +677248,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.f
 +/etc/libvirt/.*/.*		gen_context(system_u:object_r:virt_etc_rw_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.if serefpolicy-3.3.1/policy/modules/system/virt.if
 --- nsaserefpolicy/policy/modules/system/virt.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/virt.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/virt.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,343 @@
 +
 +## <summary>policy for virt</summary>
@@ -677291,7 +677595,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.i
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.te serefpolicy-3.3.1/policy/modules/system/virt.te
 --- nsaserefpolicy/policy/modules/system/virt.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/virt.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/virt.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,204 @@
 +
 +policy_module(virt,1.0.0)
@@ -677499,7 +677803,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/virt.t
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if serefpolicy-3.3.1/policy/modules/system/xen.if
 --- nsaserefpolicy/policy/modules/system/xen.if	2008-02-26 14:23:10.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/xen.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/xen.if	2009-02-04 10:54:48.000000000 +0100
 @@ -167,11 +167,14 @@
  #
  interface(`xen_stream_connect',`
@@ -677543,7 +677847,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.if
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te serefpolicy-3.3.1/policy/modules/system/xen.te
 --- nsaserefpolicy/policy/modules/system/xen.te	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/system/xen.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/system/xen.te	2009-02-04 10:54:48.000000000 +0100
 @@ -6,6 +6,13 @@
  # Declarations
  #
@@ -677753,17 +678057,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/xen.te
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/auditadm.fc serefpolicy-3.3.1/policy/modules/users/auditadm.fc
 --- nsaserefpolicy/policy/modules/users/auditadm.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/auditadm.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/auditadm.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No auditadm file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/auditadm.if serefpolicy-3.3.1/policy/modules/users/auditadm.if
 --- nsaserefpolicy/policy/modules/users/auditadm.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/auditadm.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/auditadm.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for auditadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/auditadm.te serefpolicy-3.3.1/policy/modules/users/auditadm.te
 --- nsaserefpolicy/policy/modules/users/auditadm.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/auditadm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/auditadm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,25 @@
 +policy_module(auditadm,1.0.1)
 +gen_require(`
@@ -677792,17 +678096,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/auditad
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.fc serefpolicy-3.3.1/policy/modules/users/guest.fc
 --- nsaserefpolicy/policy/modules/users/guest.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/guest.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/guest.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No guest file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.if serefpolicy-3.3.1/policy/modules/users/guest.if
 --- nsaserefpolicy/policy/modules/users/guest.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/guest.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/guest.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for guest user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.te serefpolicy-3.3.1/policy/modules/users/guest.te
 --- nsaserefpolicy/policy/modules/users/guest.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/guest.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/guest.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,33 @@
 +policy_module(guest,1.0.1)
 +userdom_restricted_user_template(guest)
@@ -677839,17 +678143,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/guest.t
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.fc serefpolicy-3.3.1/policy/modules/users/logadm.fc
 --- nsaserefpolicy/policy/modules/users/logadm.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/logadm.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/logadm.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No logadm file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.if serefpolicy-3.3.1/policy/modules/users/logadm.if
 --- nsaserefpolicy/policy/modules/users/logadm.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/logadm.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/logadm.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for logadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.te serefpolicy-3.3.1/policy/modules/users/logadm.te
 --- nsaserefpolicy/policy/modules/users/logadm.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/logadm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/logadm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,11 @@
 +policy_module(logadm,1.0.0)
 +
@@ -677864,22 +678168,22 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/logadm.
 +logging_admin(logadm_t, logadm_r, { logadm_devpts_t logadm_tty_device_t })
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/metadata.xml serefpolicy-3.3.1/policy/modules/users/metadata.xml
 --- nsaserefpolicy/policy/modules/users/metadata.xml	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/metadata.xml	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/metadata.xml	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +<summary>Policy modules for users</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/secadm.fc serefpolicy-3.3.1/policy/modules/users/secadm.fc
 --- nsaserefpolicy/policy/modules/users/secadm.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/secadm.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/secadm.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No secadm file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/secadm.if serefpolicy-3.3.1/policy/modules/users/secadm.if
 --- nsaserefpolicy/policy/modules/users/secadm.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/secadm.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/secadm.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for secadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/secadm.te serefpolicy-3.3.1/policy/modules/users/secadm.te
 --- nsaserefpolicy/policy/modules/users/secadm.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/secadm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/secadm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,39 @@
 +policy_module(secadm,1.0.1)
 +gen_require(`
@@ -677922,17 +678226,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/secadm.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.fc serefpolicy-3.3.1/policy/modules/users/staff.fc
 --- nsaserefpolicy/policy/modules/users/staff.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/staff.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/staff.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No staff file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.if serefpolicy-3.3.1/policy/modules/users/staff.if
 --- nsaserefpolicy/policy/modules/users/staff.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/staff.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/staff.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for staff user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.te serefpolicy-3.3.1/policy/modules/users/staff.te
 --- nsaserefpolicy/policy/modules/users/staff.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/staff.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/staff.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,30 @@
 +policy_module(staff,1.0.1)
 +userdom_admin_login_user_template(staff)
@@ -677966,17 +678270,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/staff.t
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/user.fc serefpolicy-3.3.1/policy/modules/users/user.fc
 --- nsaserefpolicy/policy/modules/users/user.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/user.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/user.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No user file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/user.if serefpolicy-3.3.1/policy/modules/users/user.if
 --- nsaserefpolicy/policy/modules/users/user.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/user.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/user.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for user user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/user.te serefpolicy-3.3.1/policy/modules/users/user.te
 --- nsaserefpolicy/policy/modules/users/user.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/user.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/user.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,18 @@
 +policy_module(user,1.0.1)
 +userdom_unpriv_user_template(user)
@@ -677998,17 +678302,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/user.te
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.fc serefpolicy-3.3.1/policy/modules/users/webadm.fc
 --- nsaserefpolicy/policy/modules/users/webadm.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/webadm.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/webadm.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No webadm file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.if serefpolicy-3.3.1/policy/modules/users/webadm.if
 --- nsaserefpolicy/policy/modules/users/webadm.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/webadm.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/webadm.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for webadm user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.te serefpolicy-3.3.1/policy/modules/users/webadm.te
 --- nsaserefpolicy/policy/modules/users/webadm.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/webadm.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/webadm.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,41 @@
 +policy_module(webadm,1.0.0)
 +
@@ -678053,17 +678357,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/webadm.
 +userdom_role_change_template(staff, webadm)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/xguest.fc serefpolicy-3.3.1/policy/modules/users/xguest.fc
 --- nsaserefpolicy/policy/modules/users/xguest.fc	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/xguest.fc	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/xguest.fc	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +# No xguest file contexts.
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/xguest.if serefpolicy-3.3.1/policy/modules/users/xguest.if
 --- nsaserefpolicy/policy/modules/users/xguest.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/xguest.if	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/xguest.if	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1 @@
 +## <summary>Policy for xguest user</summary>
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/xguest.te serefpolicy-3.3.1/policy/modules/users/xguest.te
 --- nsaserefpolicy/policy/modules/users/xguest.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.3.1/policy/modules/users/xguest.te	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/modules/users/xguest.te	2009-02-04 10:54:48.000000000 +0100
 @@ -0,0 +1,69 @@
 +policy_module(xguest,1.0.1)
 +
@@ -678136,7 +678440,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/users/xguest.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/file_patterns.spt serefpolicy-3.3.1/policy/support/file_patterns.spt
 --- nsaserefpolicy/policy/support/file_patterns.spt	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/support/file_patterns.spt	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/support/file_patterns.spt	2009-02-04 10:54:48.000000000 +0100
 @@ -537,3 +537,23 @@
  	allow $1 $2:dir rw_dir_perms;
  	type_transition $1 $2:$4 $3;
@@ -678163,7 +678467,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/file_patterns
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.3.1/policy/support/obj_perm_sets.spt
 --- nsaserefpolicy/policy/support/obj_perm_sets.spt	2008-02-26 14:23:09.000000000 +0100
-+++ serefpolicy-3.3.1/policy/support/obj_perm_sets.spt	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/support/obj_perm_sets.spt	2009-02-04 10:54:48.000000000 +0100
 @@ -193,7 +193,7 @@
  define(`create_dir_perms',`{ getattr create }')
  define(`rename_dir_perms',`{ getattr rename }')
@@ -678243,7 +678547,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets
 +define(`manage_key_perms', `{ create link read search setattr view write } ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.3.1/policy/users
 --- nsaserefpolicy/policy/users	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/policy/users	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/policy/users	2009-02-04 10:54:48.000000000 +0100
 @@ -16,7 +16,7 @@
  # and a user process should never be assigned the system user
  # identity.
@@ -678279,7 +678583,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/users serefpolicy-3.3
 +gen_user(root, user, unconfined_r sysadm_r staff_r ifdef(`enable_mls',`secadm_r auditadm_r') system_r, s0, s0 - mls_systemhigh, mcs_allcats)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.3.1/Rules.modular
 --- nsaserefpolicy/Rules.modular	2008-02-26 14:23:12.000000000 +0100
-+++ serefpolicy-3.3.1/Rules.modular	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/Rules.modular	2009-02-04 10:54:48.000000000 +0100
 @@ -73,8 +73,8 @@
  $(tmpdir)/%.mod: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf %.te
  	@echo "Compliling $(NAME) $(@F) module"
@@ -678311,7 +678615,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.modular serefpolicy-3.
  $(tmpdir)/all_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf $(tmpdir)/all_interfaces.conf $(base_te_files) $(tmpdir)/rolemap.conf
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/Rules.monolithic serefpolicy-3.3.1/Rules.monolithic
 --- nsaserefpolicy/Rules.monolithic	2008-02-26 14:23:13.000000000 +0100
-+++ serefpolicy-3.3.1/Rules.monolithic	2009-01-30 11:10:05.000000000 +0100
++++ serefpolicy-3.3.1/Rules.monolithic	2009-02-04 10:54:48.000000000 +0100
 @@ -96,7 +96,7 @@
  #
  # Load the binary policy
diff --git a/selinux-policy.spec b/selinux-policy.spec
index bdc207f..730ff99 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.3.1
-Release: 120%{?dist}
+Release: 121%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -444,6 +444,9 @@ exit 0
 %endif
 
 %changelog
+* Wed Feb 4 2009 Miroslav Grepl <mgrepl@redhat.com> 3.3.1-121
+- Add milter policy
+
 * Fri Jan 30 2009 Miroslav Grepl <mgrepl@redhat.com> 3.3.1-120
 - Fixes in libraries.fc