diff --git a/policy-F13.patch b/policy-F13.patch
index eebfdc4..646da3f 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -3181,8 +3181,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/chrome.i
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/chrome.te serefpolicy-3.7.19/policy/modules/apps/chrome.te
 --- nsaserefpolicy/policy/modules/apps/chrome.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.7.19/policy/modules/apps/chrome.te	2010-10-18 14:45:28.963650461 +0200
-@@ -0,0 +1,90 @@
++++ serefpolicy-3.7.19/policy/modules/apps/chrome.te	2010-12-06 17:06:13.870042468 +0100
+@@ -0,0 +1,91 @@
 +policy_module(chrome,1.0.0)
 +
 +########################################
@@ -3208,6 +3208,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/chrome.t
 +#
 +allow chrome_sandbox_t self:capability { chown dac_override fsetid setgid setuid sys_admin sys_chroot sys_ptrace };
 +allow chrome_sandbox_t self:process { signal_perms setrlimit execmem execstack };
++allow chrome_sandbox_t self:process setsched;
 +allow chrome_sandbox_t self:fifo_file manage_file_perms;
 +allow chrome_sandbox_t self:unix_stream_socket create_stream_socket_perms;
 +allow chrome_sandbox_t self:unix_dgram_socket { create_socket_perms sendto };
@@ -25958,7 +25959,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.te serefpolicy-3.7.19/policy/modules/services/mta.te
 --- nsaserefpolicy/policy/modules/services/mta.te	2010-04-13 20:44:37.000000000 +0200
-+++ serefpolicy-3.7.19/policy/modules/services/mta.te	2010-10-13 08:30:08.233650680 +0200
++++ serefpolicy-3.7.19/policy/modules/services/mta.te	2010-12-03 10:28:21.175042789 +0100
 @@ -21,8 +21,8 @@
  type etc_mail_t;
  files_config_file(etc_mail_t)
@@ -26051,7 +26052,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ')
  
  optional_policy(`
-@@ -142,6 +153,10 @@
+@@ -142,7 +153,12 @@
  ')
  
  optional_policy(`
@@ -26060,9 +26061,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
 +
 +optional_policy(`
  	nagios_read_tmp_files(system_mail_t)
++	nagios_dontaudit_rw_log(system_mail_t)
  ')
  
-@@ -154,18 +169,6 @@
+ optional_policy(`
+@@ -154,18 +170,6 @@
  	files_etc_filetrans(system_mail_t, etc_aliases_t, { file lnk_file sock_file fifo_file })
  
  	domain_use_interactive_fds(system_mail_t)
@@ -26081,7 +26084,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ')
  
  optional_policy(`
-@@ -185,6 +188,10 @@
+@@ -185,6 +189,10 @@
  ')
  
  optional_policy(`
@@ -26092,7 +26095,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  	smartmon_read_tmp_files(system_mail_t)
  ')
  
-@@ -216,7 +223,8 @@
+@@ -216,7 +224,8 @@
  create_lnk_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
  read_lnk_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
  
@@ -26102,7 +26105,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  
  read_files_pattern(mailserver_delivery, system_mail_tmp_t, system_mail_tmp_t)
  
-@@ -245,6 +253,10 @@
+@@ -245,6 +254,10 @@
  	mailman_read_data_symlinks(mailserver_delivery)
  ')
  
@@ -26113,7 +26116,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
  ########################################
  #
  # User send mail local policy
-@@ -288,3 +300,33 @@
+@@ -288,3 +301,33 @@
  	postfix_read_config(user_mail_t)
  	postfix_list_spool(user_mail_t)
  ')
@@ -26692,7 +26695,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
 +/usr/lib(64)?/nagios/plugins/check_by_ssh       --      gen_context(system_u:object_r:nagios_unconfined_plugin_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.if serefpolicy-3.7.19/policy/modules/services/nagios.if
 --- nsaserefpolicy/policy/modules/services/nagios.if	2010-04-13 20:44:37.000000000 +0200
-+++ serefpolicy-3.7.19/policy/modules/services/nagios.if	2010-11-15 15:07:11.971147348 +0100
++++ serefpolicy-3.7.19/policy/modules/services/nagios.if	2010-12-03 10:05:34.581045938 +0100
 @@ -64,8 +64,8 @@
  
  ########################################
@@ -26721,7 +26724,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
  ')
  
  ########################################
-@@ -99,3 +100,157 @@
+@@ -99,3 +100,158 @@
  
  	domtrans_pattern($1, nrpe_exec_t, nrpe_t)
  ')
@@ -26816,6 +26819,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
 +
 +        # needed by command.cfg
 +        domtrans_pattern(nagios_t, nagios_$1_plugin_exec_t, nagios_$1_plugin_t)
++		allow nagios_t nagios_$1_plugin_exec_t:file ioctl;
 +    
 +        allow nagios_t nagios_$1_plugin_t:process signal_perms;
 +
@@ -26881,7 +26885,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.te serefpolicy-3.7.19/policy/modules/services/nagios.te
 --- nsaserefpolicy/policy/modules/services/nagios.te	2010-04-13 20:44:37.000000000 +0200
-+++ serefpolicy-3.7.19/policy/modules/services/nagios.te	2010-11-11 16:15:32.446172203 +0100
++++ serefpolicy-3.7.19/policy/modules/services/nagios.te	2010-12-03 10:08:04.831042328 +0100
 @@ -10,13 +10,12 @@
  type nagios_exec_t;
  init_daemon_domain(nagios_t, nagios_exec_t)
@@ -27131,7 +27135,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
  	seutil_sigchld_newrole(nrpe_t)
  ')
  
-@@ -209,3 +266,145 @@
+@@ -209,3 +266,148 @@
  optional_policy(`
  	udev_read_db(nrpe_t)
  ')
@@ -27205,6 +27209,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagi
 +# needed by ioctl()
 +allow nagios_checkdisk_plugin_t self:capability { sys_admin sys_rawio };
 +
++kernel_read_software_raid_state(nagios_checkdisk_plugin_t)
++
++files_read_etc_runtime_files(nagios_checkdisk_plugin_t)
 +files_read_etc_runtime_files(nagios_checkdisk_plugin_t)
 +
 +fs_getattr_all_fs(nagios_checkdisk_plugin_t)
@@ -39536,7 +39543,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  /var/run/sepermit(/.*)? 	gen_context(system_u:object_r:pam_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.7.19/policy/modules/system/authlogin.if
 --- nsaserefpolicy/policy/modules/system/authlogin.if	2010-04-13 20:44:37.000000000 +0200
-+++ serefpolicy-3.7.19/policy/modules/system/authlogin.if	2010-11-02 16:59:22.380650718 +0100
++++ serefpolicy-3.7.19/policy/modules/system/authlogin.if	2010-12-06 18:48:03.147042522 +0100
 @@ -41,7 +41,6 @@
  ## </param>
  #
@@ -39616,11 +39623,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	tunable_policy(`allow_polyinstantiation',`
  		files_polyinstantiate_all($1)
  	')
-@@ -365,13 +407,15 @@
+@@ -365,13 +407,21 @@
  	')
  
  	optional_policy(`
 -		pcscd_read_pub_files($1)
++        openct_stream_connect($1)
++        openct_signull($1)
++        openct_read_pid_files($1)
++    ')
++
++	optional_policy(`
 +		pcscd_manage_pub_files($1)
 +		pcscd_manage_pub_pipes($1)
  		pcscd_stream_connect($1)
@@ -39633,7 +39646,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ')
  
  ########################################
-@@ -418,6 +462,7 @@
+@@ -418,6 +468,7 @@
  
  	auth_domtrans_chk_passwd($1)
  	role $2 types chkpwd_t;
@@ -39641,7 +39654,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  ')
  
  ########################################
-@@ -694,7 +739,7 @@
+@@ -694,7 +745,7 @@
  	')
  
  	files_search_etc($1)
@@ -39650,7 +39663,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	typeattribute $1 can_relabelto_shadow_passwords;
  ')
  
-@@ -1500,6 +1545,8 @@
+@@ -1500,6 +1551,8 @@
  #
  interface(`auth_use_nsswitch',`
  
@@ -39659,7 +39672,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
  	files_list_var_lib($1)
  
  	# read /etc/nsswitch.conf
-@@ -1531,7 +1578,15 @@
+@@ -1531,7 +1584,15 @@
  	')
  
  	optional_policy(`
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 75f2e63..a3ec752 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.7.19
-Release: 74%{?dist}
+Release: 75%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -470,6 +470,10 @@ exit 0
 %endif
 
 %changelog
+* Wed Dec 6 2010 Miroslav Grepl <mgrepl@redhat.com> 3.7.19-75
+- nagios needs to to read the state information for software raid
+- Add addtional support for OpenCT from Dominic
+
 * Wed Dec 1 2010 Miroslav Grepl <mgrepl@redhat.com> 3.7.19-74
 - Fix dirsrv.te to talk to rpcbind
 - certmonger needs to manage dirsrv data