diff --git a/policy-20080710.patch b/policy-20080710.patch
index aa38757..bee2ebb 100644
--- a/policy-20080710.patch
+++ b/policy-20080710.patch
@@ -7709,7 +7709,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain
  ##	all protocols (TCP, UDP, etc)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain.te serefpolicy-3.5.13/policy/modules/kernel/domain.te
 --- nsaserefpolicy/policy/modules/kernel/domain.te	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/kernel/domain.te	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/kernel/domain.te	2009-02-18 14:25:11.000000000 +0100
 @@ -5,6 +5,13 @@
  #
  # Declarations
@@ -7766,7 +7766,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain
  allow unconfined_domain_type domain:lnk_file { read_lnk_file_perms ioctl lock };
  
  # act on all domains keys
-@@ -148,3 +162,39 @@
+@@ -148,3 +162,40 @@
  
  # receive from all domains over labeled networking
  domain_all_recvfrom_all_domains(unconfined_domain_type)
@@ -7779,6 +7779,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/domain
 +optional_policy(`
 +	cron_dontaudit_write_system_job_tmp_files(domain)
 +	cron_rw_pipes(domain)
++	cron_rw_system_job_pipes(domain)
 +ifdef(`hide_broken_symptoms',`
 +	cron_dontaudit_rw_tcp_sockets(domain)
 +	allow domain domain:key { link search };
@@ -9026,6 +9027,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storag
  /dev/rd.*		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
  ifdef(`distro_redhat', `
  /dev/root		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storage.if serefpolicy-3.5.13/policy/modules/kernel/storage.if
+--- nsaserefpolicy/policy/modules/kernel/storage.if	2008-10-17 14:49:14.000000000 +0200
++++ serefpolicy-3.5.13/policy/modules/kernel/storage.if	2009-02-18 14:54:06.000000000 +0100
+@@ -207,6 +207,7 @@
+ 	dev_list_all_dev_nodes($1)
+ 	allow $1 self:capability mknod;
+ 	allow $1 fixed_disk_device_t:blk_file manage_blk_file_perms;
++	allow $1 fixed_disk_device_t:chr_file manage_chr_file_perms;
+ 	typeattribute $1 fixed_disk_raw_read, fixed_disk_raw_write;
+ ')
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-3.5.13/policy/modules/kernel/terminal.if
 --- nsaserefpolicy/policy/modules/kernel/terminal.if	2008-10-17 14:49:14.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/kernel/terminal.if	2009-02-10 15:07:15.000000000 +0100
@@ -16782,7 +16794,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fetc
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.te serefpolicy-3.5.13/policy/modules/services/ftp.te
 --- nsaserefpolicy/policy/modules/services/ftp.te	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/ftp.te	2009-02-11 10:18:48.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/ftp.te	2009-02-18 14:36:11.000000000 +0100
 @@ -26,7 +26,7 @@
  ## <desc>
  ## <p>
@@ -16816,15 +16828,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
  type ftpd_t;
  type ftpd_exec_t;
  init_daemon_domain(ftpd_t, ftpd_exec_t)
-@@ -160,6 +168,7 @@
+@@ -158,8 +166,10 @@
+ files_read_etc_runtime_files(ftpd_t)
+ files_search_var_lib(ftpd_t)
  
++fs_list_inotifyfs(ftpd_t)
  fs_search_auto_mountpoints(ftpd_t)
  fs_getattr_all_fs(ftpd_t)
 +fs_search_fusefs_dirs(ftpd_t)
  
  auth_use_nsswitch(ftpd_t)
  auth_domtrans_chk_passwd(ftpd_t)
-@@ -226,8 +235,15 @@
+@@ -226,8 +236,15 @@
  	userdom_manage_all_users_home_content_dirs(ftpd_t)
  	userdom_manage_all_users_home_content_files(ftpd_t)
  	userdom_manage_all_users_home_content_symlinks(ftpd_t)
@@ -16840,7 +16855,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
  tunable_policy(`ftp_home_dir && use_nfs_home_dirs',`
  	fs_manage_nfs_files(ftpd_t)
  	fs_read_nfs_symlinks(ftpd_t)
-@@ -238,6 +254,11 @@
+@@ -238,6 +255,11 @@
  	fs_read_cifs_symlinks(ftpd_t)
  ')
  
@@ -16852,7 +16867,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
  optional_policy(`
  	tunable_policy(`ftp_home_dir',`
  		apache_search_sys_content(ftpd_t)
-@@ -245,6 +266,18 @@
+@@ -245,6 +267,18 @@
  ')
  
  optional_policy(`
@@ -16871,7 +16886,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
  	corecmd_exec_shell(ftpd_t)
  
  	files_read_usr_files(ftpd_t)
-@@ -261,7 +294,9 @@
+@@ -261,7 +295,9 @@
  ')
  
  optional_policy(`
@@ -16882,7 +16897,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ftp.
  ')
  
  optional_policy(`
-@@ -273,6 +308,14 @@
+@@ -273,6 +309,14 @@
  ')
  
  optional_policy(`
@@ -17839,8 +17854,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milt
 +/var/spool/milter-regex(/.*)?				gen_context(system_u:object_r:regex_milter_data_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.if serefpolicy-3.5.13/policy/modules/services/milter.if
 --- nsaserefpolicy/policy/modules/services/milter.if	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.5.13/policy/modules/services/milter.if	2009-02-10 15:07:15.000000000 +0100
-@@ -0,0 +1,121 @@
++++ serefpolicy-3.5.13/policy/modules/services/milter.if	2009-02-18 14:29:13.000000000 +0100
+@@ -0,0 +1,84 @@
 +## <summary>Milter mail filters</summary>
 +
 +########################################
@@ -17925,43 +17940,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milt
 +	getattr_sock_files_pattern($1, milter_data_type, milter_data_type)
 +')
 +
-+#######################################
-+## <summary>
-+##      Read milter data.
-+## </summary>
-+## <param name="domain">
-+##      <summary>
-+##      Domain allowed access.
-+##      </summary>
-+## </param>
-+#
-+interface(`milter_read_data',`
-+        gen_require(`
-+                attribute milter_data_type;
-+        ')
-+
-+        read_files_pattern($1, milter_data_type, milter_data_type)
-+')
-+
-+######################################
-+## <summary>
-+##      Read milter data.
-+## </summary>
-+## <param name="domain">
-+##      <summary>
-+##      Domain allowed access.
-+##      </summary>
-+## </param>
-+#
-+interface(`milter_manage_data',`
-+        gen_require(`
-+                attribute milter_data_type;
-+        ')
-+	manage_dirs_pattern($1, milter_data_type, milter_data_type)
-+        manage_files_pattern($1, milter_data_type, milter_data_type)
-+')
-+
-+
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/milter.te serefpolicy-3.5.13/policy/modules/services/milter.te
 --- nsaserefpolicy/policy/modules/services/milter.te	1970-01-01 01:00:00.000000000 +0100
 +++ serefpolicy-3.5.13/policy/modules/services/milter.te	2009-02-10 15:07:15.000000000 +0100
@@ -27307,7 +27285,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spamassassin.te serefpolicy-3.5.13/policy/modules/services/spamassassin.te
 --- nsaserefpolicy/policy/modules/services/spamassassin.te	2008-10-17 14:49:11.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/services/spamassassin.te	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/services/spamassassin.te	2009-02-18 14:29:57.000000000 +0100
 @@ -21,16 +21,24 @@
  gen_tunable(spamd_enable_home_dirs, true)
  
@@ -27491,7 +27469,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
  ')
  
  optional_policy(`
-@@ -213,3 +263,138 @@
+@@ -213,3 +263,131 @@
  optional_policy(`
  	udev_read_db(spamd_t)
  ')
@@ -27534,9 +27512,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +manage_files_pattern(spamc_t, spamc_tmp_t, spamc_tmp_t)
 +files_tmp_filetrans(spamc_t, spamc_tmp_t, { file dir })
 +
-+#manage_dirs_pattern(spamc_t, spamd_var_run_t, spamd_var_run_t)
-+#manage_files_pattern(spamc_t, spamd_var_run_t, spamd_var_run_t)
-+
 +kernel_read_kernel_sysctls(spamc_t)
 +kernel_read_system_state(spamc_t)
 +
@@ -27617,10 +27592,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +')
 +
 +optional_policy(`
-+	milter_manage_data(spamc_t)
-+')
-+
-+optional_policy(`
 +        postfix_rw_local_pipes(spamc_t)
 +')
 +
@@ -27630,6 +27601,21 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/spam
 +	sendmail_stub(spamc_t)
 +	sendmail_rw_pipes(spamc_t)
 +')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.fc serefpolicy-3.5.13/policy/modules/services/squid.fc
+--- nsaserefpolicy/policy/modules/services/squid.fc	2008-10-17 14:49:13.000000000 +0200
++++ serefpolicy-3.5.13/policy/modules/services/squid.fc	2009-02-18 14:34:30.000000000 +0100
+@@ -6,7 +6,11 @@
+ /usr/sbin/squid		--	gen_context(system_u:object_r:squid_exec_t,s0)
+ /usr/share/squid(/.*)?		gen_context(system_u:object_r:squid_conf_t,s0)
+ 
++/var/squidGuard(/.*)?		gen_context(system_u:object_r:squid_cache_t,s0)
+ /var/cache/squid(/.*)?		gen_context(system_u:object_r:squid_cache_t,s0)
+ /var/log/squid(/.*)?		gen_context(system_u:object_r:squid_log_t,s0)
++/var/log/squidGuard(/.*)?	gen_context(system_u:object_r:squid_log_t,s0)
+ /var/run/squid\.pid	--	gen_context(system_u:object_r:squid_var_run_t,s0)
+ /var/spool/squid(/.*)?		gen_context(system_u:object_r:squid_cache_t,s0)
++
++
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/squid.if serefpolicy-3.5.13/policy/modules/services/squid.if
 --- nsaserefpolicy/policy/modules/services/squid.if	2008-10-17 14:49:13.000000000 +0200
 +++ serefpolicy-3.5.13/policy/modules/services/squid.if	2009-02-10 15:07:15.000000000 +0100
@@ -32124,7 +32110,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iscsi.
  allow iscsid_t iscsi_tmp_t:dir manage_dir_perms;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/libraries.fc serefpolicy-3.5.13/policy/modules/system/libraries.fc
 --- nsaserefpolicy/policy/modules/system/libraries.fc	2008-10-17 14:49:13.000000000 +0200
-+++ serefpolicy-3.5.13/policy/modules/system/libraries.fc	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/modules/system/libraries.fc	2009-02-18 14:39:54.000000000 +0100
 @@ -60,12 +60,15 @@
  #
  # /opt
@@ -32223,6 +32209,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/librar
  /usr/lib(64)?/libSDL-.*\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib(64)?/xorg/modules/dri/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/X11R6/lib/modules/dri/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+@@ -233,7 +251,7 @@
+ /usr/lib(64)?/php/modules/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ 
+ # Livna.org packages: xmms-mp3, ffmpeg, xvidcore, xine-lib, gsm, lame
+-/usr/lib(64)?.*/libmpg123\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
++/usr/lib(64)?.*/libmpg123\.so(\.[^/]*)*  --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/codecs/drv[1-9c]\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/libpostproc\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib(64)?/libavformat.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
 @@ -246,13 +264,17 @@
  
  # Flash plugin, Macromedia
@@ -38574,7 +38569,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/policy_capabilities s
 +#policycap open_perms;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.5.13/policy/support/obj_perm_sets.spt
 --- nsaserefpolicy/policy/support/obj_perm_sets.spt	2008-10-17 14:49:14.000000000 +0200
-+++ serefpolicy-3.5.13/policy/support/obj_perm_sets.spt	2009-02-10 15:07:15.000000000 +0100
++++ serefpolicy-3.5.13/policy/support/obj_perm_sets.spt	2009-02-18 14:46:51.000000000 +0100
 @@ -59,22 +59,22 @@
  # 
  # Permissions for executing files.
@@ -38655,6 +38650,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets
  define(`create_file_perms',`{ getattr create open }')
  define(`rename_file_perms',`{ getattr rename }')
  define(`delete_file_perms',`{ getattr unlink }')
+@@ -225,7 +229,7 @@
+ define(`create_lnk_file_perms',`{ create getattr }')
+ define(`rename_lnk_file_perms',`{ getattr rename }')
+ define(`delete_lnk_file_perms',`{ getattr unlink }')
+-define(`manage_lnk_file_perms',`{ create read getattr setattr unlink rename }')
++define(`manage_lnk_file_perms',`{ create read getattr setattr link unlink rename }')
+ define(`relabelfrom_lnk_file_perms',`{ getattr relabelfrom }')
+ define(`relabelto_lnk_file_perms',`{ getattr relabelto }')
+ define(`relabel_lnk_file_perms',`{ getattr relabelfrom relabelto }')
 @@ -235,10 +239,10 @@
  #
  define(`getattr_fifo_file_perms',`{ getattr }')