diff --git a/apache.te b/apache.te
index 2032414..3d0cc42 100644
--- a/apache.te
+++ b/apache.te
@@ -1398,6 +1398,7 @@ tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
 
 optional_policy(`
 	clamav_domtrans_clamscan(httpd_sys_script_t)
+	clamav_domtrans_clamscan(httpd_t)
 ')
 
 optional_policy(`
diff --git a/chrome.te b/chrome.te
index df0a069..6298388 100644
--- a/chrome.te
+++ b/chrome.te
@@ -173,13 +173,14 @@ ps_process_pattern(chrome_sandbox_t, chrome_sandbox_nacl_t)
 kernel_read_state(chrome_sandbox_nacl_t)
 kernel_read_system_state(chrome_sandbox_nacl_t)
 
+corecmd_sbin_entry_type(chrome_sandbox_nacl_t)
+
 dev_read_urand(chrome_sandbox_nacl_t)
 dev_read_sysfs(chrome_sandbox_nacl_t)
 
 files_read_etc_files(chrome_sandbox_nacl_t)
 
-
-corecmd_sbin_entry_type(chrome_sandbox_nacl_t)
+init_read_state(chrome_sandbox_nacl_t)
 
 userdom_use_inherited_user_ptys(chrome_sandbox_nacl_t)
 userdom_rw_inherited_user_tmpfs_files(chrome_sandbox_nacl_t)
diff --git a/networkmanager.te b/networkmanager.te
index 2fda066..3a77265 100644
--- a/networkmanager.te
+++ b/networkmanager.te
@@ -338,6 +338,7 @@ optional_policy(`
 
 optional_policy(`
 	systemd_read_logind_sessions_files(NetworkManager_t)
+	systemd_dbus_chat_logind(NetworkManager_t)
 ')
 
 optional_policy(`
diff --git a/virt.if b/virt.if
index 2e6c056..fd143c4 100644
--- a/virt.if
+++ b/virt.if
@@ -761,14 +761,18 @@ interface(`virt_transition_svirt',`
 		type svirt_t;
 		type virt_bridgehelper_t;
 		type svirt_image_t;
+		type svirt_socket_t;
 	')
 
 	allow $1 svirt_t:process transition;
 	role $2 types svirt_t;
 	role $2 types virt_bridgehelper_t;
+	role $2 types svirt_socket_t;
 
 	allow $1 svirt_image_t:file { relabelfrom relabelto };
 	allow $1 svirt_image_t:fifo_file { read_fifo_file_perms relabelto };
+	allow $1 svirt_image_t:sock_file { create_sock_file_perms relabelto };
+	allow $1 svirt_socket_t:unix_stream_socket create_stream_socket_perms;
 
 	virt_signal_svirt($1)
 
diff --git a/virt.te b/virt.te
index 3b2df69..9154fef 100644
--- a/virt.te
+++ b/virt.te
@@ -1243,3 +1243,9 @@ sysnet_dns_name_resolve(virt_qemu_ga_t)
 optional_policy(`
     devicekit_manage_pid_files(virt_qemu_ga_t)
 ')
+
+type svirt_socket_t;
+role system_r types svirt_socket_t;
+allow svirt_t svirt_socket_t:unix_stream_socket connectto;
+
+