diff --git a/policy-20100106.patch b/policy-20100106.patch
index b8b7f44..abc313a 100644
--- a/policy-20100106.patch
+++ b/policy-20100106.patch
@@ -1678,6 +1678,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  allow cups_pdf_t self:fifo_file rw_file_perms;
  allow cups_pdf_t self:unix_stream_socket create_stream_socket_perms;
  
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.6.32/policy/modules/services/dbus.if
+--- nsaserefpolicy/policy/modules/services/dbus.if	2010-01-18 18:24:22.774530577 +0100
++++ serefpolicy-3.6.32/policy/modules/services/dbus.if	2010-02-09 15:13:10.361616292 +0100
+@@ -375,6 +375,8 @@
+ 	dbus_system_bus_client($1)
+ 	dbus_connect_system_bus($1)
+ 
++	ps_process_pattern(system_dbusd_t, $1)
++
+ 	userdom_dontaudit_search_admin_dir($1)
+ 
+ 	optional_policy(`
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dovecot.te serefpolicy-3.6.32/policy/modules/services/dovecot.te
 --- nsaserefpolicy/policy/modules/services/dovecot.te	2010-01-18 18:24:22.782530547 +0100
 +++ serefpolicy-3.6.32/policy/modules/services/dovecot.te	2010-02-08 11:55:25.971336166 +0100
@@ -3025,8 +3037,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  manage_files_pattern(mysqld_safe_t, mysqld_var_run_t, mysqld_var_run_t)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.fc serefpolicy-3.6.32/policy/modules/services/nagios.fc
 --- nsaserefpolicy/policy/modules/services/nagios.fc	2010-01-18 18:24:22.821530899 +0100
-+++ serefpolicy-3.6.32/policy/modules/services/nagios.fc	2010-01-18 18:27:02.765531460 +0100
-@@ -27,26 +27,62 @@
++++ serefpolicy-3.6.32/policy/modules/services/nagios.fc	2010-02-09 13:30:45.031616023 +0100
+@@ -23,30 +23,66 @@
+ /usr/lib(64)?/cgi-bin/nagios(/.+)?	gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
+ /usr/lib(64)?/nagios/cgi-bin(/.*)?	gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
+ 
+-
++# admin plugins
++/usr/lib(64)?/nagios/plugins/check_mailq        --      gen_context(system_u:object_r:nagios_admin_plugin_exec_t,s0)
  
  # check disk plugins
  /usr/lib(64)?/nagios/plugins/check_disk  	--  	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
@@ -3044,7 +3062,6 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/usr/lib(64)?/nagios/plugins/check_ifstatus		--		gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 +/usr/lib(64)?/nagios/plugins/check_load			--		gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
  /usr/lib(64)?/nagios/plugins/check_log		--      gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-+/usr/lib(64)?/nagios/plugins/check_mailq		--		gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 +/usr/lib(64)?/nagios/plugins/check_mrtg			--		gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 +/usr/lib(64)?/nagios/plugins/check_mrtgtraf		--		gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
  /usr/lib(64)?/nagios/plugins/check_nagios    	--      gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
@@ -3105,8 +3122,20 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.te serefpolicy-3.6.32/policy/modules/services/nagios.te
 --- nsaserefpolicy/policy/modules/services/nagios.te	2010-01-18 18:24:22.823530245 +0100
-+++ serefpolicy-3.6.32/policy/modules/services/nagios.te	2010-01-22 16:03:19.932604694 +0100
-@@ -118,6 +118,9 @@
++++ serefpolicy-3.6.32/policy/modules/services/nagios.te	2010-02-09 13:29:19.023616028 +0100
+@@ -45,6 +45,11 @@
+ type nrpe_var_run_t;
+ files_pid_file(nrpe_var_run_t)
+ 
++# creates nagios_admin_plugin_exec_t for executable
++# and nagios_admin_plugin_t for domain
++nagios_plugin_template(admin)
++permissive nagios_admin_plugin_t; 
++
+ # creates nagios_checkdisk_plugin_exec_t for executable
+ # and nagios_checkdisk_plugin_t for domain
+ nagios_plugin_template(checkdisk)
+@@ -118,6 +123,9 @@
  corenet_udp_sendrecv_all_ports(nagios_t)
  corenet_tcp_connect_all_ports(nagios_t)
  
@@ -3116,7 +3145,49 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  dev_read_sysfs(nagios_t)
  dev_read_urand(nagios_t)
  
-@@ -315,6 +318,10 @@
+@@ -264,6 +272,41 @@
+ 	udev_read_db(nrpe_t)
+ ')
+ 
++######################################
++#
++# local policy for admin check plugins 
++#
++
++allow nagios_admin_plugin_t self:capability { setuid setgid dac_override };
++
++allow nagios_admin_plugin_t self:tcp_socket create_stream_socket_perms;
++allow nagios_admin_plugin_t self:udp_socket create_socket_perms;
++
++kernel_read_system_state(nagios_admin_plugin_t)
++kernel_read_kernel_sysctls(nagios_admin_plugin_t)
++
++corecmd_read_bin_files(nagios_admin_plugin_t)
++corecmd_read_bin_symlinks(nagios_admin_plugin_t)
++
++dev_read_urand(nagios_admin_plugin_t)
++
++files_read_etc_files(nagios_admin_plugin_t)
++
++libs_use_lib_files(nagios_admin_plugin_t)
++libs_use_ld_so(nagios_admin_plugin_t) 
++
++logging_send_syslog_msg(nagios_admin_plugin_t)
++
++sysnet_read_config(nagios_admin_plugin_t)
++
++nscd_dontaudit_search_pid(nagios_admin_plugin_t) 
++
++optional_policy(`
++	mta_read_config(nagios_admin_plugin_t)
++	mta_list_queue(nagios_admin_plugin_t)
++	mta_read_queue(nagios_admin_plugin_t)
++	mta_sendmail_exec(nagios_admin_plugin_t)
++') 
+ 
+ ######################################
+ #
+@@ -315,6 +358,10 @@
  	mysql_stream_connect(nagios_services_plugin_t)
  ')
  
@@ -3710,7 +3781,16 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/sendmail.te serefpolicy-3.6.32/policy/modules/services/sendmail.te
 --- nsaserefpolicy/policy/modules/services/sendmail.te	2010-01-18 18:24:22.889530888 +0100
-+++ serefpolicy-3.6.32/policy/modules/services/sendmail.te	2010-01-18 18:27:02.771531176 +0100
++++ serefpolicy-3.6.32/policy/modules/services/sendmail.te	2010-02-09 15:04:54.083866070 +0100
+@@ -30,7 +30,7 @@
+ #
+ 
+ allow sendmail_t self:capability { dac_override setuid setgid net_bind_service sys_nice chown sys_tty_config };
+-allow sendmail_t self:process { setpgid setrlimit signal signull };
++allow sendmail_t self:process { setpgid setsched setrlimit signal signull };
+ allow sendmail_t self:fifo_file rw_fifo_file_perms;
+ allow sendmail_t self:unix_stream_socket create_stream_socket_perms;
+ allow sendmail_t self:unix_dgram_socket create_socket_perms;
 @@ -136,6 +136,8 @@
  
  optional_policy(`
@@ -4704,7 +4784,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +') 
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.te serefpolicy-3.6.32/policy/modules/system/init.te
 --- nsaserefpolicy/policy/modules/system/init.te	2010-01-18 18:24:22.936530091 +0100
-+++ serefpolicy-3.6.32/policy/modules/system/init.te	2010-02-09 09:59:50.702615499 +0100
++++ serefpolicy-3.6.32/policy/modules/system/init.te	2010-02-09 15:33:01.072616199 +0100
 @@ -40,6 +40,7 @@
  attribute init_script_domain_type;
  attribute init_script_file_type;
@@ -4713,6 +4793,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  # Mark process types as daemons
  attribute daemon;
+@@ -47,7 +48,7 @@
+ #
+ # init_t is the domain of the init process.
+ #
+-type init_t;
++type init_t, initrc_transition_domain;
+ type init_exec_t;
+ domain_type(init_t)
+ domain_entry_file(init_t, init_exec_t)
 @@ -118,6 +119,7 @@
  
  allow init_t initrc_t:unix_stream_socket { connectto rw_stream_socket_perms };
@@ -4996,8 +5085,16 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ##	Read all log files.
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.te serefpolicy-3.6.32/policy/modules/system/logging.te
 --- nsaserefpolicy/policy/modules/system/logging.te	2010-01-18 18:24:22.951535142 +0100
-+++ serefpolicy-3.6.32/policy/modules/system/logging.te	2010-02-02 14:39:43.439068166 +0100
-@@ -489,6 +489,10 @@
++++ serefpolicy-3.6.32/policy/modules/system/logging.te	2010-02-09 15:09:42.278616082 +0100
+@@ -101,6 +101,7 @@
+ 
+ kernel_read_kernel_sysctls(auditctl_t)
+ kernel_read_proc_symlinks(auditctl_t)
++kernel_setsched(auditctl_t)
+ 
+ domain_read_all_domains_state(auditctl_t)
+ domain_use_interactive_fds(auditctl_t)
+@@ -489,6 +490,10 @@
  ')
  
  optional_policy(`
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 0c3be8c..e1568c6 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -477,6 +477,8 @@ exit 0
 - Add label for /usr/sbin/ns-slapd
 - Allow munin to list mail queue
 - Add label for shorewall compiler
+- Fixes for nagios plugin policy
+- Allow auditctl to set priority of kernel threads
 
 * Fri Feb 5 2010 Dan Walsh <dwalsh@redhat.com> 3.6.32-85
 - Cleanup  spec file