diff --git a/policy-f18-base.patch b/policy-f18-base.patch
index 0e3f339..d1cefd3 100644
--- a/policy-f18-base.patch
+++ b/policy-f18-base.patch
@@ -133055,7 +133055,7 @@ index d2e40b8..3ba2e4c 100644
  ')
 +/var/run/systemd(/.*)?		gen_context(system_u:object_r:init_var_run_t,s0)
 diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
-index d26fe81..95c1bd8 100644
+index d26fe81..cd5ad89 100644
 --- a/policy/modules/system/init.if
 +++ b/policy/modules/system/init.if
 @@ -106,6 +106,8 @@ interface(`init_domain',`
@@ -133862,7 +133862,7 @@ index d26fe81..95c1bd8 100644
  ## <summary>
  ##	Allow the specified domain to connect to daemon with a tcp socket
  ## </summary>
-@@ -1792,3 +2207,283 @@ interface(`init_udp_recvfrom_all_daemons',`
+@@ -1792,3 +2207,284 @@ interface(`init_udp_recvfrom_all_daemons',`
  	')
  	corenet_udp_recvfrom_labeled($1, daemon)
  ')
@@ -134089,6 +134089,7 @@ index d26fe81..95c1bd8 100644
 +	')
 +
 +	allow $1 init_t:system status;
++	allow $1 init_t:service status;
 +')
 +
 +########################################
diff --git a/policy-f18-contrib.patch b/policy-f18-contrib.patch
index a58192a..5959f6a 100644
--- a/policy-f18-contrib.patch
+++ b/policy-f18-contrib.patch
@@ -18584,6 +18584,36 @@ index bf4321a..1820764 100644
  /var/run/opendkim(/.*)?			gen_context(system_u:object_r:dkim_milter_data_t,s0)
  
  /var/spool/opendkim(/.*)?		gen_context(system_u:object_r:dkim_milter_data_t,s0)
+diff --git a/dmidecode.if b/dmidecode.if
+index 4bf435c..c8c7347 100644
+--- a/dmidecode.if
++++ b/dmidecode.if
+@@ -23,6 +23,25 @@ interface(`dmidecode_domtrans',`
+ 	allow dmidecode_t $1:process sigchld;
+ ')
+ 
++######################################
++## <summary>
++##	Execute dmidecode in the caller domain.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`dmidecode_exec',`
++	gen_require(`
++		type dmidecode_exec_t;
++	')
++
++	corecmd_search_bin($1)
++	can_exec($1, dmidecode_exec_t)
++')
++
+ ########################################
+ ## <summary>
+ ##	Execute dmidecode in the dmidecode domain, and
 diff --git a/dmidecode.te b/dmidecode.te
 index d6356b5..5db989e 100644
 --- a/dmidecode.te
@@ -43512,10 +43542,10 @@ index 0000000..6e20e72
 +')
 diff --git a/openshift.te b/openshift.te
 new file mode 100644
-index 0000000..5b43299
+index 0000000..8d6a35b
 --- /dev/null
 +++ b/openshift.te
-@@ -0,0 +1,418 @@
+@@ -0,0 +1,468 @@
 +policy_module(openshift,1.0.0)
 +
 +gen_require(`
@@ -43917,6 +43947,11 @@ index 0000000..5b43299
 +#
 +# openshift_cron local policy
 +#
++allow openshift_cron_t self:capability net_admin;
++allow openshift_cron_t self:process signal_perms;
++allow openshift_cron_t self:tcp_socket create_stream_socket_perms;
++allow openshift_cron_t self:udp_socket create_socket_perms;
++allow openshift_cron_t self:unix_dgram_socket create_socket_perms;
 +allow openshift_cron_t self:netlink_route_socket rw_netlink_socket_perms;
 +
 +manage_dirs_pattern(openshift_cron_t, openshift_cron_tmp_t, openshift_cron_tmp_t)
@@ -43926,7 +43961,11 @@ index 0000000..5b43299
 +manage_sock_files_pattern(openshift_cron_t, openshift_cron_tmp_t, openshift_cron_tmp_t)
 +files_tmp_filetrans(openshift_cron_t, openshift_cron_tmp_t, { lnk_file file dir sock_file fifo_file })
 +
++openshift_manage_lib_dirs(openshift_cron_t)
++openshift_manage_lib_files(openshift_cron_t)
++
 +kernel_search_network_sysctl(openshift_cron_t)
++kernel_read_network_state(openshift_cron_t)
 +kernel_read_system_state(openshift_cron_t)
 +
 +corecmd_exec_bin(openshift_cron_t)
@@ -43934,6 +43973,47 @@ index 0000000..5b43299
 +
 +dev_read_raw_memory(openshift_cron_t)
 +dev_read_urand(openshift_cron_t)
++
++corenet_udp_bind_generic_node(openshift_cron_t)
++corenet_udp_bind_generic_port(openshift_cron_t)
++
++dev_getattr_fs(openshift_cron_t)
++dev_list_sysfs(openshift_cron_t)
++dev_read_sysfs(openshift_cron_t)
++
++files_getattr_home_dir(openshift_cron_t)
++files_manage_etc_files(openshift_cron_t)
++
++fs_getattr_tmpfs_dirs(openshift_cron_t)
++fs_getattr_all_fs(openshift_cron_t)
++fs_list_hugetlbfs(openshift_cron_t)
++fs_search_cgroup_dirs(openshift_cron_t)
++
++seutil_domtrans_setfiles(openshift_cron_t)
++
++term_getattr_pty_fs(openshift_cron_t)
++term_search_ptys(openshift_cron_t)
++
++auth_use_nsswitch(openshift_cron_t)
++
++miscfiles_read_generic_certs(openshift_cron_t)
++miscfiles_read_hwdata(openshift_cron_t)
++
++sysnet_exec_ifconfig(openshift_cron_t)
++sysnet_read_config(openshift_cron_t)
++
++optional_policy(`
++	dmidecode_exec(openshift_cron_t)
++')
++
++optional_policy(`
++	hostname_exec(openshift_cron_t)
++')
++
++optional_policy(`
++	ssh_exec_keygen(openshift_cron_t)
++	ssh_dontaudit_read_server_keys(openshift_cron_t)
++')
 diff --git a/openvpn.if b/openvpn.if
 index d883214..d6afa87 100644
 --- a/openvpn.if
diff --git a/selinux-policy.spec b/selinux-policy.spec
index bcfbe5e..6f25e5a 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.11.1
-Release: 75%{?dist}
+Release: 76%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -524,6 +524,10 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Tue Feb 5 2013 Miroslav Grepl <mgrepl@redhat.com> 3.11.1-76
+- More access required for openshift_cron_t
+- Fix init_status calling
+
 * Mon Feb 4 2013 Miroslav Grepl <mgrepl@redhat.com> 3.11.1-75
 - Fix smartmontools
 - Fix userdom_restricted_xwindows_user_template() interface