diff --git a/policy-F12.patch b/policy-F12.patch
index 7c3ddfb..1a930b7 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -14803,7 +14803,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
optional_policy(`
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.6.32/policy/modules/services/dbus.if
--- nsaserefpolicy/policy/modules/services/dbus.if 2009-09-16 10:01:19.000000000 -0400
-+++ serefpolicy-3.6.32/policy/modules/services/dbus.if 2009-12-03 13:45:11.000000000 -0500
++++ serefpolicy-3.6.32/policy/modules/services/dbus.if 2009-12-03 14:49:31.000000000 -0500
@@ -42,8 +42,10 @@
gen_require(`
class dbus { send_msg acquire_svc };
@@ -14837,7 +14837,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
allow $1_dbusd_t $3:process sigkill;
allow $3 $1_dbusd_t:fd use;
allow $3 $1_dbusd_t:fifo_file rw_fifo_file_perms;
-@@ -146,6 +148,9 @@
+@@ -127,6 +129,7 @@
+ fs_getattr_romfs($1_dbusd_t)
+ fs_getattr_xattr_fs($1_dbusd_t)
+ fs_list_inotifyfs($1_dbusd_t)
++ fs_dontaudit_list_nfs($1_dbusd_t)
+
+ selinux_get_fs_mount($1_dbusd_t)
+ selinux_validate_context($1_dbusd_t)
+@@ -146,6 +149,9 @@
seutil_read_config($1_dbusd_t)
seutil_read_default_contexts($1_dbusd_t)
@@ -14847,7 +14855,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
userdom_read_user_home_content_files($1_dbusd_t)
ifdef(`hide_broken_symptoms', `
-@@ -153,12 +158,15 @@
+@@ -153,12 +159,15 @@
')
optional_policy(`
@@ -14865,7 +14873,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
')
-@@ -178,10 +186,12 @@
+@@ -178,10 +187,12 @@
type system_dbusd_t, system_dbusd_t;
type system_dbusd_var_run_t, system_dbusd_var_lib_t;
class dbus send_msg;
@@ -14878,7 +14886,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
read_files_pattern($1, system_dbusd_var_lib_t, system_dbusd_var_lib_t)
files_search_var_lib($1)
-@@ -190,6 +200,10 @@
+@@ -190,6 +201,10 @@
files_search_pids($1)
stream_connect_pattern($1, system_dbusd_var_run_t, system_dbusd_var_run_t, system_dbusd_t)
dbus_read_config($1)
@@ -14889,7 +14897,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
#######################################
-@@ -256,7 +270,7 @@
+@@ -256,7 +271,7 @@
########################################
##
@@ -14898,7 +14906,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
## for service (acquire_svc).
##
##
-@@ -364,6 +378,8 @@
+@@ -364,6 +379,8 @@
dbus_system_bus_client($1)
dbus_connect_system_bus($1)
@@ -14907,7 +14915,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
ifdef(`hide_broken_symptoms', `
dontaudit $1 system_dbusd_t:netlink_selinux_socket { read write };
')
-@@ -405,3 +421,24 @@
+@@ -405,3 +422,24 @@
typeattribute $1 dbusd_unconfined;
')
@@ -14934,7 +14942,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.6.32/policy/modules/services/dbus.te
--- nsaserefpolicy/policy/modules/services/dbus.te 2009-09-16 10:01:19.000000000 -0400
-+++ serefpolicy-3.6.32/policy/modules/services/dbus.te 2009-12-03 13:45:11.000000000 -0500
++++ serefpolicy-3.6.32/policy/modules/services/dbus.te 2009-12-03 14:48:57.000000000 -0500
@@ -86,6 +86,7 @@
dev_read_sysfs(system_dbusd_t)
@@ -18187,7 +18195,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nut.te serefpolicy-3.6.32/policy/modules/services/nut.te
--- nsaserefpolicy/policy/modules/services/nut.te 1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.32/policy/modules/services/nut.te 2009-12-03 13:45:11.000000000 -0500
++++ serefpolicy-3.6.32/policy/modules/services/nut.te 2009-12-03 14:47:15.000000000 -0500
@@ -0,0 +1,188 @@
+
+policy_module(nut, 1.0.0)
@@ -18229,7 +18237,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+# Local policy for upsd
+#
+
-+allow nut_upsd_t self:capability { setgid setuid };
++allow nut_upsd_t self:capability { setgid setuid dac_override };
+
+allow nut_upsd_t self:unix_dgram_socket { create_socket_perms sendto };
+allow nut_upsd_t self:tcp_socket connected_stream_socket_perms;
diff --git a/selinux-policy.spec b/selinux-policy.spec
index dba029e..82a004f 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -451,6 +451,8 @@ exit 0
%changelog
* Thu Dec 3 2009 Dan Walsh 3.6.32-55
- Add fprintd_chat(unconfined_t) to fix su timeout problem
+- Make xguest follow allow_execstack boolean
+- Dontaudit dbus looking at nfs
* Thu Dec 3 2009 Dan Walsh 3.6.32-54
- Require selinux-policy from selinux-policy-TYPE