diff --git a/policy-F12.patch b/policy-F12.patch
index 1c88d9a..cfa3d8f 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -4242,12 +4242,13 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ifdef(`TODO',`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/wine.fc serefpolicy-3.6.31/policy/modules/apps/wine.fc
 --- nsaserefpolicy/policy/modules/apps/wine.fc	2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.6.31/policy/modules/apps/wine.fc	2009-09-09 15:38:24.000000000 -0400
-@@ -1,4 +1,21 @@
++++ serefpolicy-3.6.31/policy/modules/apps/wine.fc	2009-09-15 15:06:46.000000000 -0400
+@@ -1,4 +1,22 @@
 -/usr/bin/wine			--	gen_context(system_u:object_r:wine_exec_t,s0)
 +/usr/bin/wine.*			--	gen_context(system_u:object_r:wine_exec_t,s0)
 +/usr/bin/regsvr32		--	gen_context(system_u:object_r:wine_exec_t,s0)
 +/usr/bin/regedit		--	gen_context(system_u:object_r:wine_exec_t,s0)
++/usr/bin/notepad		--	gen_context(system_u:object_r:wine_exec_t,s0)
 +/usr/bin/uninstaller		--	gen_context(system_u:object_r:wine_exec_t,s0)
 +/usr/bin/msiexec		--	gen_context(system_u:object_r:wine_exec_t,s0)
 +
@@ -6805,7 +6806,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfineduser.fc serefpolicy-3.6.31/policy/modules/roles/unconfineduser.fc
 --- nsaserefpolicy/policy/modules/roles/unconfineduser.fc	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.31/policy/modules/roles/unconfineduser.fc	2009-09-09 15:38:24.000000000 -0400
++++ serefpolicy-3.6.31/policy/modules/roles/unconfineduser.fc	2009-09-15 15:37:54.000000000 -0400
 @@ -0,0 +1,36 @@
 +# Add programs here which should not be confined by SELinux
 +# e.g.:
@@ -6813,7 +6814,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +# For the time being until someone writes a sane policy, we need initrc to transition to unconfined_t
 +/usr/bin/valgrind 		--	gen_context(system_u:object_r:execmem_exec_t,s0)
 +/usr/bin/vncserver		--	gen_context(system_u:object_r:unconfined_notrans_exec_t,s0)
-+
++/usr/sbin/vboxadd-service 	--	gen_context(system_u:object_r:execmem_exec_t,s0)
 +/usr/lib/ia32el/ia32x_loader 	--	gen_context(system_u:object_r:execmem_exec_t,s0)
 +/usr/lib(64)/virtualbox/VirtualBox  --	gen_context(system_u:object_r:execmem_exec_t,s0)
 +
@@ -11531,6 +11532,17 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	manage_files_pattern(httpd_cvs_script_t, cvs_tmp_t, cvs_tmp_t)
 +	files_tmp_filetrans(httpd_cvs_script_t, cvs_tmp_t, { file dir })
  ')
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyrus.te serefpolicy-3.6.31/policy/modules/services/cyrus.te
+--- nsaserefpolicy/policy/modules/services/cyrus.te	2009-08-14 16:14:31.000000000 -0400
++++ serefpolicy-3.6.31/policy/modules/services/cyrus.te	2009-09-15 17:43:50.000000000 -0400
+@@ -137,6 +137,7 @@
+ optional_policy(`
+ 	snmp_read_snmp_var_lib_files(cyrus_t)
+ 	snmp_dontaudit_write_snmp_var_lib_files(cyrus_t)
++	snmp_stream_connect(cyrus_t)
+ ')
+ 
+ optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.6.31/policy/modules/services/dbus.if
 --- nsaserefpolicy/policy/modules/services/dbus.if	2009-07-28 13:28:33.000000000 -0400
 +++ serefpolicy-3.6.31/policy/modules/services/dbus.if	2009-09-09 15:38:24.000000000 -0400
@@ -17748,6 +17760,48 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp.if serefpolicy-3.6.31/policy/modules/services/snmp.if
+--- nsaserefpolicy/policy/modules/services/snmp.if	2009-07-14 14:19:57.000000000 -0400
++++ serefpolicy-3.6.31/policy/modules/services/snmp.if	2009-09-15 17:44:18.000000000 -0400
+@@ -85,6 +85,26 @@
+ 	dontaudit $1 snmpd_var_lib_t:file write;
+ ')
+ 
++
++########################################
++## <summary>
++## Connect to snmpd using a unix domain stream socket.
++## </summary>
++## <param name="domain">
++## <summary>
++## Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`snmp_stream_connect',`
++	 gen_require(`
++		type snmpd_t, snmpd_var_lib_t;
++	 ')
++
++	 files_search_var_lib($1)
++	 stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t)
++') 
++
+ ########################################
+ ## <summary>
+ ##	All of the rules required to administrate 
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/snmp.te serefpolicy-3.6.31/policy/modules/services/snmp.te
+--- nsaserefpolicy/policy/modules/services/snmp.te	2009-08-14 16:14:31.000000000 -0400
++++ serefpolicy-3.6.31/policy/modules/services/snmp.te	2009-09-15 15:34:40.000000000 -0400
+@@ -72,6 +72,8 @@
+ corenet_udp_bind_snmp_port(snmpd_t)
+ corenet_sendrecv_snmp_server_packets(snmpd_t)
+ corenet_tcp_connect_agentx_port(snmpd_t)
++corenet_tcp_bind_agentx_port(snmpd_t)
++corenet_udp_bind_agentx_port(snmpd_t)  
+ 
+ dev_list_sysfs(snmpd_t)
+ dev_read_sysfs(snmpd_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.fc serefpolicy-3.6.31/policy/modules/services/spamassassin.fc
 --- nsaserefpolicy/policy/modules/services/spamassassin.fc	2009-07-14 14:19:57.000000000 -0400
 +++ serefpolicy-3.6.31/policy/modules/services/spamassassin.fc	2009-09-09 15:38:24.000000000 -0400
@@ -23541,7 +23595,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ########################################
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/modutils.te serefpolicy-3.6.31/policy/modules/system/modutils.te
 --- nsaserefpolicy/policy/modules/system/modutils.te	2009-08-14 16:14:31.000000000 -0400
-+++ serefpolicy-3.6.31/policy/modules/system/modutils.te	2009-09-14 13:14:55.000000000 -0400
++++ serefpolicy-3.6.31/policy/modules/system/modutils.te	2009-09-15 15:38:39.000000000 -0400
 @@ -19,6 +19,7 @@
  type insmod_exec_t;
  application_domain(insmod_t, insmod_exec_t)
@@ -23581,7 +23635,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  ########################################
-@@ -91,19 +99,21 @@
+@@ -91,19 +99,23 @@
  # insmod local policy
  #
  
@@ -23594,7 +23648,9 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  # Read module config and dependency information
 -allow insmod_t { modules_conf_t modules_dep_t }:file read_file_perms;
++list_dirs_pattern(insmod_t, modules_conf_t, modules_conf_t)
 +read_files_pattern(insmod_t, modules_conf_t, modules_conf_t)
++list_dirs_pattern(insmod_t, modules_dep_t, modules_dep_t)
 +read_files_pattern(insmod_t, modules_dep_t, modules_dep_t)
  
  can_exec(insmod_t, insmod_exec_t)
@@ -23605,7 +23661,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  kernel_write_proc_files(insmod_t)
  kernel_mount_debugfs(insmod_t)
  kernel_mount_kvmfs(insmod_t)
-@@ -112,6 +122,7 @@
+@@ -112,6 +124,7 @@
  kernel_read_kernel_sysctls(insmod_t)
  kernel_rw_kernel_sysctl(insmod_t)
  kernel_read_hotplug_sysctls(insmod_t)
@@ -23613,7 +23669,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  corecmd_exec_bin(insmod_t)
  corecmd_exec_shell(insmod_t)
-@@ -124,9 +135,7 @@
+@@ -124,9 +137,7 @@
  dev_read_sound(insmod_t)
  dev_write_sound(insmod_t)
  dev_rw_apm_bios(insmod_t)
@@ -23624,7 +23680,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  domain_signal_all_domains(insmod_t)
  domain_use_interactive_fds(insmod_t)
-@@ -144,11 +153,14 @@
+@@ -144,11 +155,14 @@
  files_write_kernel_modules(insmod_t)
  
  fs_getattr_xattr_fs(insmod_t)
@@ -23639,7 +23695,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  logging_send_syslog_msg(insmod_t)
  logging_search_logs(insmod_t)
-@@ -157,19 +169,30 @@
+@@ -157,19 +171,30 @@
  
  seutil_read_file_contexts(insmod_t)
  
@@ -23673,7 +23729,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  	hotplug_search_config(insmod_t)
  ')
  
-@@ -228,7 +251,7 @@
+@@ -228,7 +253,7 @@
  can_exec(update_modules_t, update_modules_exec_t)
  
  # manage module loading configuration
diff --git a/selinux-policy.spec b/selinux-policy.spec
index dddd78d..823459d 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.6.31
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -50,7 +50,7 @@ Url: http://oss.tresys.com/repos/refpolicy/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArch: noarch
 BuildRequires: python gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-python >= %{POLICYCOREUTILSVER} bzip2 
-Requires(pre): policycoreutils-python >= %{POLICYCOREUTILSVER} libsemanage >= 2.0.14-3
+Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER} libsemanage >= 2.0.14-3
 Requires(post): /usr/bin/bunzip2 /bin/mktemp /bin/awk
 Requires: checkpolicy >= %{CHECKPOLICYVER} m4 
 Obsoletes: selinux-policy-devel
@@ -299,7 +299,7 @@ Summary: SELinux targeted base policy
 Provides: selinux-policy-base
 Group: System Environment/Base
 Obsoletes: selinux-policy-targeted-sources < 2
-Requires(pre): policycoreutils-python >= %{POLICYCOREUTILSVER}
+Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
 Requires(pre): coreutils
 Requires(pre): selinux-policy = %{version}-%{release}
 Conflicts:  audispd-plugins <= 1.7.7-1
@@ -353,7 +353,7 @@ exit 0
 Summary: SELinux minimum base policy
 Provides: selinux-policy-base
 Group: System Environment/Base
-Requires(pre): policycoreutils-python >= %{POLICYCOREUTILSVER}
+Requires(post): policycoreutils-python >= %{POLICYCOREUTILSVER}
 Requires(pre): coreutils
 Requires(pre): selinux-policy = %{version}-%{release}
 Conflicts:  seedit
@@ -387,7 +387,7 @@ exit 0
 Summary: SELinux olpc base policy
 Group: System Environment/Base
 Provides: selinux-policy-base
-Requires(pre): policycoreutils-python >= %{POLICYCOREUTILSVER}
+Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
 Requires(pre): coreutils
 Requires(pre): selinux-policy = %{version}-%{release}
 Conflicts:  seedit
@@ -419,7 +419,7 @@ Group: System Environment/Base
 Provides: selinux-policy-base
 Obsoletes: selinux-policy-mls-sources < 2
 Requires: policycoreutils-newrole >= %{POLICYCOREUTILSVER} setransd
-Requires(pre): policycoreutils-python >= %{POLICYCOREUTILSVER}
+Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
 Requires(pre): coreutils
 Requires(pre): selinux-policy = %{version}-%{release}
 Conflicts:  seedit
@@ -447,6 +447,10 @@ exit 0
 %endif
 
 %changelog
+* Mon Sep 15 2009 Dan Walsh <dwalsh@redhat.com> 3.6.31-5
+- Fix label on /usr/bin/notepad, /usr/sbin/vboxadd-service
+- Remove policycoreutils-python requirement except for minimum
+
 * Mon Sep 14 2009 Dan Walsh <dwalsh@redhat.com> 3.6.31-4
 - Fix devicekit_disk_t to getattr on all domains sockets and fifo_files
 - Conflicts seedit (You can not use selinux-policy-targeted and seedit at the same time.)