diff --git a/policy-F16.patch b/policy-F16.patch
index ea02e3f..1d06c3d 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -70578,7 +70578,7 @@ index f5afe78..a4534c4 100644
 +    type_transition $1 gkeyringd_exec_t:process $2;
 +')
 diff --git a/policy/modules/apps/gnome.te b/policy/modules/apps/gnome.te
-index 2505654..ab3d95f 100644
+index 2505654..ddcd035 100644
 --- a/policy/modules/apps/gnome.te
 +++ b/policy/modules/apps/gnome.te
 @@ -6,11 +6,31 @@ policy_module(gnome, 2.1.0)
@@ -70651,7 +70651,7 @@ index 2505654..ab3d95f 100644
  ##############################
  #
  # Local Policy
-@@ -75,3 +118,165 @@ optional_policy(`
+@@ -75,3 +118,167 @@ optional_policy(`
  	xserver_use_xdm_fds(gconfd_t)
  	xserver_rw_xdm_pipes(gconfd_t)
  ')
@@ -70667,6 +70667,8 @@ index 2505654..ab3d95f 100644
 +
 +corecmd_search_bin(gconfdefaultsm_t)
 +
++auth_read_passwd(gconfdefaultsm_t)
++
 +files_read_etc_files(gconfdefaultsm_t)
 +files_read_usr_files(gconfdefaultsm_t)
 +
@@ -72445,7 +72447,7 @@ index fbb5c5a..d85053e 100644
 +')
 +
 diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
-index 2e9318b..a73bf97 100644
+index 2e9318b..af2f857 100644
 --- a/policy/modules/apps/mozilla.te
 +++ b/policy/modules/apps/mozilla.te
 @@ -7,11 +7,32 @@ policy_module(mozilla, 2.3.3)
@@ -72636,14 +72638,14 @@ index 2e9318b..a73bf97 100644
 -files_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file })
 -userdom_user_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file })
 +manage_sock_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
-+files_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file })
++files_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file lnk_file })
 +userdom_user_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file })
 +xserver_xdm_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file lnk_file })
 +can_exec(mozilla_plugin_t, mozilla_plugin_tmp_t)
  
  manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
  manage_lnk_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
-@@ -322,39 +363,61 @@ manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plug
+@@ -322,39 +363,62 @@ manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plug
  manage_sock_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
  fs_tmpfs_filetrans(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
  
@@ -72691,6 +72693,7 @@ index 2e9318b..a73bf97 100644
 +corenet_tcp_connect_commplex_port(mozilla_plugin_t)
 +corenet_tcp_connect_couchdb_port(mozilla_plugin_t)
 +corenet_tcp_connect_monopd_port(mozilla_plugin_t)
++corenet_tcp_connect_whois_port(mozilla_plugin_t)
 +corenet_tcp_connect_all_ephemeral_ports(mozilla_plugin_t)
 +corenet_tcp_bind_generic_node(mozilla_plugin_t)
 +corenet_udp_bind_generic_node(mozilla_plugin_t)
@@ -72712,7 +72715,7 @@ index 2e9318b..a73bf97 100644
  
  domain_use_interactive_fds(mozilla_plugin_t)
  domain_dontaudit_read_all_domains_state(mozilla_plugin_t)
-@@ -362,15 +425,24 @@ domain_dontaudit_read_all_domains_state(mozilla_plugin_t)
+@@ -362,15 +426,24 @@ domain_dontaudit_read_all_domains_state(mozilla_plugin_t)
  files_read_config_files(mozilla_plugin_t)
  files_read_usr_files(mozilla_plugin_t)
  files_list_mnt(mozilla_plugin_t)
@@ -72737,7 +72740,7 @@ index 2e9318b..a73bf97 100644
  logging_send_syslog_msg(mozilla_plugin_t)
  
  miscfiles_read_localization(mozilla_plugin_t)
-@@ -383,34 +455,31 @@ sysnet_dns_name_resolve(mozilla_plugin_t)
+@@ -383,34 +456,31 @@ sysnet_dns_name_resolve(mozilla_plugin_t)
  
  term_getattr_all_ttys(mozilla_plugin_t)
  term_getattr_all_ptys(mozilla_plugin_t)
@@ -72787,7 +72790,7 @@ index 2e9318b..a73bf97 100644
  ')
  
  optional_policy(`
-@@ -421,24 +490,35 @@ optional_policy(`
+@@ -421,35 +491,155 @@ optional_policy(`
  optional_policy(`
  	dbus_system_bus_client(mozilla_plugin_t)
  	dbus_session_bus_client(mozilla_plugin_t)
@@ -72827,9 +72830,10 @@ index 2e9318b..a73bf97 100644
  ')
  
  optional_policy(`
-@@ -446,10 +526,118 @@ optional_policy(`
+ 	pulseaudio_exec(mozilla_plugin_t)
  	pulseaudio_stream_connect(mozilla_plugin_t)
  	pulseaudio_setattr_home_dir(mozilla_plugin_t)
++	pulseaudio_manage_home_dirs(mozilla_plugin_t)
  	pulseaudio_manage_home_files(mozilla_plugin_t)
 +	pulseaudio_manage_home_symlinks(mozilla_plugin_t)
  ')
@@ -74244,7 +74248,7 @@ index 84f23dc..5be2738 100644
  
  /var/lib/pulse(/.*)?		gen_context(system_u:object_r:pulseaudio_var_lib_t,s0)
 diff --git a/policy/modules/apps/pulseaudio.if b/policy/modules/apps/pulseaudio.if
-index f40c64d..a3352d3 100644
+index f40c64d..0f93f7f 100644
 --- a/policy/modules/apps/pulseaudio.if
 +++ b/policy/modules/apps/pulseaudio.if
 @@ -35,6 +35,9 @@ interface(`pulseaudio_role',`
@@ -74272,7 +74276,35 @@ index f40c64d..a3352d3 100644
  ')
  
  ########################################
-@@ -257,4 +262,68 @@ interface(`pulseaudio_manage_home_files',`
+@@ -241,6 +246,27 @@ interface(`pulseaudio_rw_home_files',`
+ ########################################
+ ## <summary>
+ ##	Create, read, write, and delete pulseaudio
++##	home directories.
++## </summary>
++## <param name="user_domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`pulseaudio_manage_home_dirs',`
++	gen_require(`
++		type pulseaudio_home_t;
++	')
++
++	userdom_search_user_home_dirs($1)
++	manage_dirs_pattern($1, pulseaudio_home_t, pulseaudio_home_t)
++	#pulseaudio_filetrans_home_content($1)
++')
++
++########################################
++## <summary>
++##	Create, read, write, and delete pulseaudio
+ ##	home directory files.
+ ## </summary>
+ ## <param name="user_domain">
+@@ -257,4 +283,68 @@ interface(`pulseaudio_manage_home_files',`
  	userdom_search_user_home_dirs($1)
  	manage_files_pattern($1, pulseaudio_home_t, pulseaudio_home_t)
  	read_lnk_files_pattern($1, pulseaudio_home_t, pulseaudio_home_t)
@@ -77683,7 +77715,7 @@ index 223ad43..d95e720 100644
  	rsync_exec(yam_t)
  ')
 diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
-index 3fae11a..5120d22 100644
+index 3fae11a..6b770fd 100644
 --- a/policy/modules/kernel/corecommands.fc
 +++ b/policy/modules/kernel/corecommands.fc
 @@ -1,9 +1,10 @@
@@ -77781,7 +77813,7 @@ index 3fae11a..5120d22 100644
  
  /opt/gutenprint/cups/lib/filter(/.*)?	gen_context(system_u:object_r:bin_t,s0)
  
-@@ -179,67 +186,94 @@ ifdef(`distro_gentoo',`
+@@ -179,67 +186,95 @@ ifdef(`distro_gentoo',`
  /opt/vmware/workstation/lib/lib/wrapper-gtk24\.sh -- gen_context(system_u:object_r:bin_t,s0)
  ')
  
@@ -77820,6 +77852,7 @@ index 3fae11a..5120d22 100644
 +/usr/lib(.*/)?bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/ccache/bin(/.*)?		gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/fence(/.*)?			gen_context(system_u:object_r:bin_t,s0)
++/usr/lib/libreoffice/ure/bin/javaldx  --  gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/pgsql/test/regress/.*\.sh --	gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/qt.*/bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/wicd/monitor\.py 	-- 	gen_context(system_u:object_r:bin_t, s0)
@@ -77921,7 +77954,7 @@ index 3fae11a..5120d22 100644
  
  /usr/libexec(/.*)?			gen_context(system_u:object_r:bin_t,s0)
  /usr/libexec/git-core/git-shell	--	gen_context(system_u:object_r:shell_exec_t,s0)
-@@ -247,11 +281,18 @@ ifdef(`distro_gentoo',`
+@@ -247,11 +282,18 @@ ifdef(`distro_gentoo',`
  
  /usr/libexec/openssh/sftp-server --	gen_context(system_u:object_r:bin_t,s0)
  
@@ -77941,7 +77974,7 @@ index 3fae11a..5120d22 100644
  /usr/sbin/scponlyc		--	gen_context(system_u:object_r:shell_exec_t,s0)
  /usr/sbin/sesh			--	gen_context(system_u:object_r:shell_exec_t,s0)
  /usr/sbin/smrsh			--	gen_context(system_u:object_r:shell_exec_t,s0)
-@@ -267,6 +308,10 @@ ifdef(`distro_gentoo',`
+@@ -267,6 +309,10 @@ ifdef(`distro_gentoo',`
  /usr/share/cluster/.*\.sh		gen_context(system_u:object_r:bin_t,s0)
  /usr/share/cluster/ocf-shellfuncs --	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/cluster/svclib_nfslock --	gen_context(system_u:object_r:bin_t,s0)
@@ -77952,7 +77985,7 @@ index 3fae11a..5120d22 100644
  /usr/share/e16/misc(/.*)?		gen_context(system_u:object_r:bin_t,s0)
  /usr/share/gedit-2/plugins/externaltools/tools(/.*)? gen_context(system_u:object_r:bin_t,s0)
  /usr/share/gitolite/hooks/common/update -- gen_context(system_u:object_r:bin_t,s0)
-@@ -286,15 +331,20 @@ ifdef(`distro_gentoo',`
+@@ -286,15 +332,20 @@ ifdef(`distro_gentoo',`
  /usr/share/smolt/client(/.*)?		gen_context(system_u:object_r:bin_t,s0)
  /usr/share/shorewall/compiler\.pl --	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/shorewall/configpath	--	gen_context(system_u:object_r:bin_t,s0)
@@ -77974,7 +78007,7 @@ index 3fae11a..5120d22 100644
  
  ifdef(`distro_gentoo', `
  /usr/.*-.*-linux-gnu/gcc-bin/.*(/.*)?	gen_context(system_u:object_r:bin_t,s0)
-@@ -306,10 +356,12 @@ ifdef(`distro_redhat', `
+@@ -306,10 +357,12 @@ ifdef(`distro_redhat', `
  /etc/gdm/[^/]+			-d	gen_context(system_u:object_r:bin_t,s0)
  /etc/gdm/[^/]+/.*			gen_context(system_u:object_r:bin_t,s0)
  
@@ -77989,7 +78022,7 @@ index 3fae11a..5120d22 100644
  /usr/lib/vmware-tools/(s)?bin32(/.*)?	gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/vmware-tools/(s)?bin64(/.*)?	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
-@@ -319,9 +371,12 @@ ifdef(`distro_redhat', `
+@@ -319,9 +372,12 @@ ifdef(`distro_redhat', `
  /usr/share/clamav/clamd-gen	--	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/clamav/freshclam-sleep --	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/createrepo(/.*)?		gen_context(system_u:object_r:bin_t,s0)
@@ -78002,7 +78035,7 @@ index 3fae11a..5120d22 100644
  /usr/share/pwlib/make/ptlib-config --	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/pydict/pydict\.py	--	gen_context(system_u:object_r:bin_t,s0)
  /usr/share/rhn/rhn_applet/applet\.py -- gen_context(system_u:object_r:bin_t,s0)
-@@ -363,20 +418,22 @@ ifdef(`distro_redhat', `
+@@ -363,20 +419,22 @@ ifdef(`distro_redhat', `
  ifdef(`distro_suse', `
  /usr/lib/cron/run-crons		--	gen_context(system_u:object_r:bin_t,s0)
  /usr/lib/samba/classic/.*	--	gen_context(system_u:object_r:bin_t,s0)
@@ -78029,7 +78062,7 @@ index 3fae11a..5120d22 100644
  
  /var/qmail/bin			-d	gen_context(system_u:object_r:bin_t,s0)
  /var/qmail/bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
-@@ -385,3 +442,13 @@ ifdef(`distro_suse', `
+@@ -385,3 +443,13 @@ ifdef(`distro_suse', `
  ifdef(`distro_suse',`
  /var/lib/samba/bin/.+			gen_context(system_u:object_r:bin_t,s0)
  ')
@@ -91179,7 +91212,7 @@ index 0b827c5..ac79ca6 100644
 +	dontaudit $1 abrt_t:sock_file write;
  ')
 diff --git a/policy/modules/services/abrt.te b/policy/modules/services/abrt.te
-index 30861ec..6de6194 100644
+index 30861ec..586cb4a 100644
 --- a/policy/modules/services/abrt.te
 +++ b/policy/modules/services/abrt.te
 @@ -5,13 +5,34 @@ policy_module(abrt, 1.2.0)
@@ -91302,7 +91335,7 @@ index 30861ec..6de6194 100644
  
  # abrt var/cache files
  manage_files_pattern(abrt_t, abrt_var_cache_t, abrt_var_cache_t)
-@@ -82,10 +142,10 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
+@@ -82,10 +142,11 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
  manage_dirs_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
  manage_sock_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
  manage_lnk_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
@@ -91311,11 +91344,12 @@ index 30861ec..6de6194 100644
  
  kernel_read_ring_buffer(abrt_t)
 -kernel_read_system_state(abrt_t)
++kernel_read_network_state(abrt_t)
 +kernel_request_load_module(abrt_t)
  kernel_rw_kernel_sysctl(abrt_t)
  
  corecmd_exec_bin(abrt_t)
-@@ -104,6 +164,8 @@ corenet_tcp_connect_all_ports(abrt_t)
+@@ -104,6 +165,8 @@ corenet_tcp_connect_all_ports(abrt_t)
  corenet_sendrecv_http_client_packets(abrt_t)
  
  dev_getattr_all_chr_files(abrt_t)
@@ -91324,7 +91358,7 @@ index 30861ec..6de6194 100644
  dev_read_urand(abrt_t)
  dev_rw_sysfs(abrt_t)
  dev_dontaudit_read_raw_memory(abrt_t)
-@@ -113,7 +175,8 @@ domain_read_all_domains_state(abrt_t)
+@@ -113,7 +176,8 @@ domain_read_all_domains_state(abrt_t)
  domain_signull_all_domains(abrt_t)
  
  files_getattr_all_files(abrt_t)
@@ -91334,7 +91368,7 @@ index 30861ec..6de6194 100644
  files_read_var_symlinks(abrt_t)
  files_read_var_lib_files(abrt_t)
  files_read_usr_files(abrt_t)
-@@ -121,6 +184,9 @@ files_read_generic_tmp_files(abrt_t)
+@@ -121,6 +185,9 @@ files_read_generic_tmp_files(abrt_t)
  files_read_kernel_modules(abrt_t)
  files_dontaudit_list_default(abrt_t)
  files_dontaudit_read_default_files(abrt_t)
@@ -91344,7 +91378,7 @@ index 30861ec..6de6194 100644
  
  fs_list_inotifyfs(abrt_t)
  fs_getattr_all_fs(abrt_t)
-@@ -131,22 +197,34 @@ fs_read_nfs_files(abrt_t)
+@@ -131,22 +198,34 @@ fs_read_nfs_files(abrt_t)
  fs_read_nfs_symlinks(abrt_t)
  fs_search_all(abrt_t)
  
@@ -91383,7 +91417,7 @@ index 30861ec..6de6194 100644
  ')
  
  optional_policy(`
-@@ -167,6 +245,7 @@ optional_policy(`
+@@ -167,6 +246,7 @@ optional_policy(`
  	rpm_exec(abrt_t)
  	rpm_dontaudit_manage_db(abrt_t)
  	rpm_manage_cache(abrt_t)
@@ -91391,7 +91425,7 @@ index 30861ec..6de6194 100644
  	rpm_manage_pid_files(abrt_t)
  	rpm_read_db(abrt_t)
  	rpm_signull(abrt_t)
-@@ -178,12 +257,39 @@ optional_policy(`
+@@ -178,12 +258,39 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -91432,7 +91466,7 @@ index 30861ec..6de6194 100644
  #
  
  allow abrt_helper_t self:capability { chown setgid sys_nice };
-@@ -200,23 +306,22 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
+@@ -200,23 +307,22 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
  read_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
  read_lnk_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
  
@@ -91461,7 +91495,7 @@ index 30861ec..6de6194 100644
  	userdom_dontaudit_read_user_home_content_files(abrt_helper_t)
  	userdom_dontaudit_read_user_tmp_files(abrt_helper_t)
  	dev_dontaudit_read_all_blk_files(abrt_helper_t)
-@@ -224,4 +329,147 @@ ifdef(`hide_broken_symptoms', `
+@@ -224,4 +330,147 @@ ifdef(`hide_broken_symptoms', `
  	dev_dontaudit_write_all_chr_files(abrt_helper_t)
  	dev_dontaudit_write_all_blk_files(abrt_helper_t)
  	fs_dontaudit_rw_anon_inodefs_files(abrt_helper_t)
@@ -92372,7 +92406,7 @@ index deca9d3..1aa76b0 100644
  	spamassassin_exec_client(amavis_t)
  	spamassassin_read_lib_files(amavis_t)
 diff --git a/policy/modules/services/apache.fc b/policy/modules/services/apache.fc
-index 9e39aa5..5a21117 100644
+index 9e39aa5..2dd7d9b 100644
 --- a/policy/modules/services/apache.fc
 +++ b/policy/modules/services/apache.fc
 @@ -1,41 +1,59 @@
@@ -92394,7 +92428,7 @@ index 9e39aa5..5a21117 100644
 +/etc/init\.d/cherokee	--	gen_context(system_u:object_r:httpd_initrc_exec_t,s0)
  /etc/lighttpd(/.*)?			gen_context(system_u:object_r:httpd_config_t,s0)
  /etc/mock/koji(/.*)? 			gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
-+/etc/owncloud/config\.php      --      gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
++/etc/owncloud(/.*)?             gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
  /etc/rc\.d/init\.d/httpd	--	gen_context(system_u:object_r:httpd_initrc_exec_t,s0)
  /etc/rc\.d/init\.d/lighttpd	--	gen_context(system_u:object_r:httpd_initrc_exec_t,s0)
  
@@ -93386,7 +93420,7 @@ index 6480167..ba0521d 100644
 +	filetrans_pattern($1, { httpd_user_content_t httpd_user_script_exec_t }, httpd_user_htaccess_t, file, ".htaccess")
  ')
 diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
-index 3136c6a..30b1abf 100644
+index 3136c6a..ca7882f 100644
 --- a/policy/modules/services/apache.te
 +++ b/policy/modules/services/apache.te
 @@ -18,136 +18,275 @@ policy_module(apache, 2.2.1)
@@ -94274,11 +94308,12 @@ index 3136c6a..30b1abf 100644
  	# Allow httpd to work with postgresql
  	postgresql_stream_connect(httpd_t)
  	postgresql_unpriv_client(httpd_t)
-@@ -591,6 +1000,11 @@ optional_policy(`
+@@ -591,6 +1000,12 @@ optional_policy(`
  ')
  
  optional_policy(`
 +	smokeping_read_lib_files(httpd_t)
++    smokeping_read_pid_files(httpd_t)
 +')
 +
 +optional_policy(`
@@ -94286,7 +94321,7 @@ index 3136c6a..30b1abf 100644
  	snmp_dontaudit_read_snmp_var_lib_files(httpd_t)
  	snmp_dontaudit_write_snmp_var_lib_files(httpd_t)
  ')
-@@ -603,6 +1017,12 @@ optional_policy(`
+@@ -603,6 +1018,12 @@ optional_policy(`
  	yam_read_content(httpd_t)
  ')
  
@@ -94299,7 +94334,7 @@ index 3136c6a..30b1abf 100644
  ########################################
  #
  # Apache helper local policy
-@@ -616,7 +1036,11 @@ allow httpd_helper_t httpd_log_t:file append_file_perms;
+@@ -616,7 +1037,11 @@ allow httpd_helper_t httpd_log_t:file append_file_perms;
  
  logging_send_syslog_msg(httpd_helper_t)
  
@@ -94312,7 +94347,7 @@ index 3136c6a..30b1abf 100644
  
  ########################################
  #
-@@ -654,28 +1078,30 @@ libs_exec_lib_files(httpd_php_t)
+@@ -654,28 +1079,30 @@ libs_exec_lib_files(httpd_php_t)
  userdom_use_unpriv_users_fds(httpd_php_t)
  
  tunable_policy(`httpd_can_network_connect_db',`
@@ -94356,7 +94391,7 @@ index 3136c6a..30b1abf 100644
  ')
  
  ########################################
-@@ -685,6 +1111,8 @@ optional_policy(`
+@@ -685,6 +1112,8 @@ optional_policy(`
  
  allow httpd_suexec_t self:capability { setuid setgid };
  allow httpd_suexec_t self:process signal_perms;
@@ -94365,7 +94400,7 @@ index 3136c6a..30b1abf 100644
  allow httpd_suexec_t self:unix_stream_socket create_stream_socket_perms;
  
  domtrans_pattern(httpd_t, httpd_suexec_exec_t, httpd_suexec_t)
-@@ -699,17 +1127,22 @@ manage_dirs_pattern(httpd_suexec_t, httpd_suexec_tmp_t, httpd_suexec_tmp_t)
+@@ -699,17 +1128,22 @@ manage_dirs_pattern(httpd_suexec_t, httpd_suexec_tmp_t, httpd_suexec_tmp_t)
  manage_files_pattern(httpd_suexec_t, httpd_suexec_tmp_t, httpd_suexec_tmp_t)
  files_tmp_filetrans(httpd_suexec_t, httpd_suexec_tmp_t, { file dir })
  
@@ -94391,7 +94426,7 @@ index 3136c6a..30b1abf 100644
  
  files_read_etc_files(httpd_suexec_t)
  files_read_usr_files(httpd_suexec_t)
-@@ -740,13 +1173,31 @@ tunable_policy(`httpd_can_network_connect',`
+@@ -740,13 +1174,31 @@ tunable_policy(`httpd_can_network_connect',`
  	corenet_sendrecv_all_client_packets(httpd_suexec_t)
  ')
  
@@ -94424,7 +94459,7 @@ index 3136c6a..30b1abf 100644
  	fs_read_nfs_files(httpd_suexec_t)
  	fs_read_nfs_symlinks(httpd_suexec_t)
  	fs_exec_nfs_files(httpd_suexec_t)
-@@ -769,6 +1220,25 @@ optional_policy(`
+@@ -769,6 +1221,25 @@ optional_policy(`
  	dontaudit httpd_suexec_t httpd_t:unix_stream_socket { read write };
  ')
  
@@ -94450,7 +94485,7 @@ index 3136c6a..30b1abf 100644
  ########################################
  #
  # Apache system script local policy
-@@ -789,12 +1259,17 @@ read_lnk_files_pattern(httpd_sys_script_t, squirrelmail_spool_t, squirrelmail_sp
+@@ -789,12 +1260,17 @@ read_lnk_files_pattern(httpd_sys_script_t, squirrelmail_spool_t, squirrelmail_sp
  
  kernel_read_kernel_sysctls(httpd_sys_script_t)
  
@@ -94468,7 +94503,7 @@ index 3136c6a..30b1abf 100644
  ifdef(`distro_redhat',`
  	allow httpd_sys_script_t httpd_log_t:file append_file_perms;
  ')
-@@ -803,18 +1278,50 @@ tunable_policy(`httpd_can_sendmail',`
+@@ -803,18 +1279,50 @@ tunable_policy(`httpd_can_sendmail',`
  	mta_send_mail(httpd_sys_script_t)
  ')
  
@@ -94525,7 +94560,7 @@ index 3136c6a..30b1abf 100644
  	corenet_tcp_sendrecv_all_ports(httpd_sys_script_t)
  	corenet_udp_sendrecv_all_ports(httpd_sys_script_t)
  	corenet_tcp_connect_all_ports(httpd_sys_script_t)
-@@ -822,14 +1329,39 @@ tunable_policy(`httpd_enable_cgi && httpd_can_network_connect',`
+@@ -822,14 +1330,39 @@ tunable_policy(`httpd_enable_cgi && httpd_can_network_connect',`
  ')
  
  tunable_policy(`httpd_enable_homedirs',`
@@ -94566,7 +94601,7 @@ index 3136c6a..30b1abf 100644
  tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
  	fs_read_cifs_files(httpd_sys_script_t)
  	fs_read_cifs_symlinks(httpd_sys_script_t)
-@@ -842,10 +1374,20 @@ optional_policy(`
+@@ -842,10 +1375,20 @@ optional_policy(`
  optional_policy(`
  	mysql_stream_connect(httpd_sys_script_t)
  	mysql_rw_db_sockets(httpd_sys_script_t)
@@ -94587,7 +94622,7 @@ index 3136c6a..30b1abf 100644
  ')
  
  ########################################
-@@ -891,11 +1433,146 @@ optional_policy(`
+@@ -891,11 +1434,146 @@ optional_policy(`
  
  tunable_policy(`httpd_enable_cgi && httpd_unified',`
  	allow httpd_user_script_t httpdcontent:file entrypoint;
@@ -99658,10 +99693,10 @@ index 0000000..7f55959
 +')
 diff --git a/policy/modules/services/cloudform.te b/policy/modules/services/cloudform.te
 new file mode 100644
-index 0000000..7643855
+index 0000000..76faaf5
 --- /dev/null
 +++ b/policy/modules/services/cloudform.te
-@@ -0,0 +1,204 @@
+@@ -0,0 +1,205 @@
 +policy_module(cloudform, 1.0)
 +########################################
 +#
@@ -99846,6 +99881,7 @@ index 0000000..7643855
 +
 +corenet_tcp_bind_generic_node(mongod_t)
 +corenet_tcp_bind_mongod_port(mongod_t)
++corenet_tcp_connect_mongod_port(mongod_t)
 +corenet_tcp_connect_postgresql_port(mongod_t)
 +
 +kernel_read_vm_sysctls(mongod_t)
@@ -100780,7 +100816,7 @@ index 733e4e6..fa2c3cb 100644
 +	ps_process_pattern($1, colord_t)
 +')
 diff --git a/policy/modules/services/colord.te b/policy/modules/services/colord.te
-index 74505cc..0b4939f 100644
+index 74505cc..bd25188 100644
 --- a/policy/modules/services/colord.te
 +++ b/policy/modules/services/colord.te
 @@ -8,6 +8,7 @@ policy_module(colord, 1.0.0)
@@ -100863,7 +100899,7 @@ index 74505cc..0b4939f 100644
 -sysnet_dns_name_resolve(colord_t)
 +fs_getattr_tmpfs(colord_t)
 +userdom_rw_user_tmpfs_files(colord_t)
-+
++userdom_list_user_home_content(colord_t)
 +userdom_home_reader(colord_t)
  
  tunable_policy(`use_nfs_home_dirs',`
@@ -106463,7 +106499,7 @@ index 5e2cea8..2ab8a14 100644
 +	allow $1 dhcpd_unit_file_t:service all_service_perms;
  ')
 diff --git a/policy/modules/services/dhcp.te b/policy/modules/services/dhcp.te
-index d4424ad..2d44f1e 100644
+index d4424ad..953dab4 100644
 --- a/policy/modules/services/dhcp.te
 +++ b/policy/modules/services/dhcp.te
 @@ -12,6 +12,9 @@ init_daemon_domain(dhcpd_t, dhcpd_exec_t)
@@ -106481,10 +106517,10 @@ index d4424ad..2d44f1e 100644
  #
  
 -allow dhcpd_t self:capability { net_raw sys_resource };
-+allow dhcpd_t self:capability { chown dac_override sys_chroot net_raw setgid setuid sys_resource };
++allow dhcpd_t self:capability { chown dac_override sys_chroot net_raw setgid setuid sys_resource sys_nice };
  dontaudit dhcpd_t self:capability { net_admin sys_tty_config };
 -allow dhcpd_t self:process signal_perms;
-+allow dhcpd_t self:process { getcap setcap signal_perms };
++allow dhcpd_t self:process { getcap setcap signal_perms setsched getsched };
  allow dhcpd_t self:fifo_file rw_fifo_file_perms;
  allow dhcpd_t self:unix_dgram_socket create_socket_perms;
  allow dhcpd_t self:unix_stream_socket create_socket_perms;
@@ -116101,10 +116137,10 @@ index 93c14ca..640bd3e 100644
 +	mozilla_plugin_dontaudit_rw_tmp_files(lpr_t)
 +')
 diff --git a/policy/modules/services/mailman.fc b/policy/modules/services/mailman.fc
-index 14ad189..c7daa85 100644
+index 14ad189..1164ed3 100644
 --- a/policy/modules/services/mailman.fc
 +++ b/policy/modules/services/mailman.fc
-@@ -1,11 +1,14 @@
+@@ -1,11 +1,17 @@
 -/usr/lib(64)?/mailman/bin/mailmanctl --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 -/usr/lib/mailman/cron/.*	--	gen_context(system_u:object_r:mailman_queue_exec_t,s0)
  
@@ -116113,12 +116149,15 @@ index 14ad189..c7daa85 100644
 -/var/lock/mailman(/.*)?			gen_context(system_u:object_r:mailman_lock_t,s0)
 -/var/log/mailman(/.*)?			gen_context(system_u:object_r:mailman_log_t,s0)
 -/var/run/mailman(/.*)?			gen_context(system_u:object_r:mailman_lock_t,s0)
++/usr/lib/mailman/bin/mailmanctl    --  gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 +/usr/lib/mailman.*/bin/mailmanctl --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
++/usr/lib/mailman/bin/mm-handler.*  --  gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 +/usr/lib/mailman.*/bin/mm-handler.* --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 +/usr/lib/mailman.*/cron/.*	--	gen_context(system_u:object_r:mailman_queue_exec_t,s0)
 +/usr/share/doc/mailman.*/mm-handler.* --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 +
 +/var/lib/mailman.*			gen_context(system_u:object_r:mailman_data_t,s0)
++/var/lib/mailman(/.*)? gen_context(system_u:object_r:mailman_data_t,s0)
 +/var/lib/mailman.*/archives(/.*)?	gen_context(system_u:object_r:mailman_archive_t,s0)
 +/var/lock/mailman.*			gen_context(system_u:object_r:mailman_lock_t,s0)
 +/var/log/mailman.*			gen_context(system_u:object_r:mailman_log_t,s0)
@@ -116126,7 +116165,7 @@ index 14ad189..c7daa85 100644
  
  #
  # distro_debian
-@@ -23,12 +26,12 @@ ifdef(`distro_debian', `
+@@ -23,12 +29,12 @@ ifdef(`distro_debian', `
  # distro_redhat
  #
  ifdef(`distro_redhat', `
@@ -116146,7 +116185,7 @@ index 14ad189..c7daa85 100644
 +/var/spool/mailman.*		gen_context(system_u:object_r:mailman_data_t,s0)
  ')
 diff --git a/policy/modules/services/mailman.if b/policy/modules/services/mailman.if
-index 67c7fdd..d7338be 100644
+index 67c7fdd..8bcc9cb 100644
 --- a/policy/modules/services/mailman.if
 +++ b/policy/modules/services/mailman.if
 @@ -16,7 +16,7 @@
@@ -116199,6 +116238,30 @@ index 67c7fdd..d7338be 100644
  #######################################
  ## <summary>
  ##	Execute mailman CGI scripts in the 
+@@ -295,6 +320,23 @@ interface(`mailman_append_log',`
+ 
+ #######################################
+ ## <summary>
++##	Allow domain to read and write to mailman logs.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`mailman_rw_log',`
++	gen_require(`
++		type mailman_log_t;
++	')
++
++	rw_files_pattern($1, mailman_log_t, mailman_log_t)
++')
++#######################################
++## <summary>
+ ##	Create, read, write, and delete
+ ##	mailman logs.
+ ## </summary>
 diff --git a/policy/modules/services/mailman.te b/policy/modules/services/mailman.te
 index af4d572..e0f41bb 100644
 --- a/policy/modules/services/mailman.te
@@ -152220,7 +152283,7 @@ index 94fd8dd..09f0ac4 100644
 +	allow $1 init_t:system undefined;
 +')
 diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
-index 29a9565..72897c6 100644
+index 29a9565..259ffb7 100644
 --- a/policy/modules/system/init.te
 +++ b/policy/modules/system/init.te
 @@ -16,6 +16,34 @@ gen_require(`
@@ -152446,11 +152509,12 @@ index 29a9565..72897c6 100644
  
 +storage_raw_rw_fixed_disk(init_t)
 +
-+optional_policy(`
+ optional_policy(`
+-	auth_rw_login_records(init_t)
 +	modutils_domtrans_insmod(init_t)
-+')
-+
-+optional_policy(`
+ ')
+ 
+ optional_policy(`
 +	postfix_exec(init_t)
 +	postfix_list_spool(init_t)
 +	mta_read_aliases(init_t)
@@ -152555,12 +152619,11 @@ index 29a9565..72897c6 100644
 +auth_use_nsswitch(init_t)
 +auth_rw_login_records(init_t)
 +
- optional_policy(`
--	auth_rw_login_records(init_t)
++optional_policy(`
 +	lvm_rw_pipes(init_t)
- ')
- 
- optional_policy(`
++')
++
++optional_policy(`
 +	consolekit_manage_log(init_t)
 +')
 +
@@ -152844,7 +152907,7 @@ index 29a9565..72897c6 100644
  
  	miscfiles_read_fonts(initrc_t)
  	miscfiles_read_hwdata(initrc_t)
-@@ -522,8 +786,35 @@ ifdef(`distro_redhat',`
+@@ -522,8 +786,39 @@ ifdef(`distro_redhat',`
  	')
  
  	optional_policy(`
@@ -152875,12 +152938,16 @@ index 29a9565..72897c6 100644
 +		ldap_read_db_files(initrc_t)
 +	')
 +
++    optional_policy(`
++        mailman_rw_log(initrc_t)
++    ')
++
 +	optional_policy(`
 +		pulseaudio_stream_connect(initrc_t)
  	')
  
  	optional_policy(`
-@@ -531,14 +822,27 @@ ifdef(`distro_redhat',`
+@@ -531,14 +826,27 @@ ifdef(`distro_redhat',`
  		rpc_write_exports(initrc_t)
  		rpc_manage_nfs_state_data(initrc_t)
  	')
@@ -152908,7 +152975,7 @@ index 29a9565..72897c6 100644
  	')
  ')
  
-@@ -549,6 +853,41 @@ ifdef(`distro_suse',`
+@@ -549,6 +857,41 @@ ifdef(`distro_suse',`
  	')
  ')
  
@@ -152950,7 +153017,7 @@ index 29a9565..72897c6 100644
  optional_policy(`
  	amavis_search_lib(initrc_t)
  	amavis_setattr_pid_files(initrc_t)
-@@ -561,6 +900,8 @@ optional_policy(`
+@@ -561,6 +904,8 @@ optional_policy(`
  optional_policy(`
  	apache_read_config(initrc_t)
  	apache_list_modules(initrc_t)
@@ -152959,7 +153026,7 @@ index 29a9565..72897c6 100644
  ')
  
  optional_policy(`
-@@ -577,6 +918,7 @@ optional_policy(`
+@@ -577,6 +922,7 @@ optional_policy(`
  
  optional_policy(`
  	cgroup_stream_connect_cgred(initrc_t)
@@ -152967,7 +153034,7 @@ index 29a9565..72897c6 100644
  ')
  
  optional_policy(`
-@@ -589,6 +931,17 @@ optional_policy(`
+@@ -589,6 +935,17 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -152985,7 +153052,7 @@ index 29a9565..72897c6 100644
  	dev_getattr_printer_dev(initrc_t)
  
  	cups_read_log(initrc_t)
-@@ -605,9 +958,13 @@ optional_policy(`
+@@ -605,9 +962,13 @@ optional_policy(`
  	dbus_connect_system_bus(initrc_t)
  	dbus_system_bus_client(initrc_t)
  	dbus_read_config(initrc_t)
@@ -152999,7 +153066,7 @@ index 29a9565..72897c6 100644
  	')
  
  	optional_policy(`
-@@ -632,6 +989,10 @@ optional_policy(`
+@@ -632,6 +993,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153010,7 +153077,7 @@ index 29a9565..72897c6 100644
  	gpm_setattr_gpmctl(initrc_t)
  ')
  
-@@ -649,6 +1010,15 @@ optional_policy(`
+@@ -649,6 +1014,15 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153026,7 +153093,7 @@ index 29a9565..72897c6 100644
  	inn_exec_config(initrc_t)
  ')
  
-@@ -689,6 +1059,7 @@ optional_policy(`
+@@ -689,6 +1063,7 @@ optional_policy(`
  	lpd_list_spool(initrc_t)
  
  	lpd_read_config(initrc_t)
@@ -153034,7 +153101,7 @@ index 29a9565..72897c6 100644
  ')
  
  optional_policy(`
-@@ -706,7 +1077,13 @@ optional_policy(`
+@@ -706,7 +1081,13 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153048,7 +153115,7 @@ index 29a9565..72897c6 100644
  	mta_dontaudit_read_spool_symlinks(initrc_t)
  ')
  
-@@ -729,6 +1106,10 @@ optional_policy(`
+@@ -729,6 +1110,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153059,7 +153126,7 @@ index 29a9565..72897c6 100644
  	postgresql_manage_db(initrc_t)
  	postgresql_read_config(initrc_t)
  ')
-@@ -738,10 +1119,20 @@ optional_policy(`
+@@ -738,10 +1123,20 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153080,7 +153147,7 @@ index 29a9565..72897c6 100644
  	quota_manage_flags(initrc_t)
  ')
  
-@@ -750,6 +1141,10 @@ optional_policy(`
+@@ -750,6 +1145,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153091,7 +153158,7 @@ index 29a9565..72897c6 100644
  	fs_write_ramfs_sockets(initrc_t)
  	fs_search_ramfs(initrc_t)
  
-@@ -771,8 +1166,6 @@ optional_policy(`
+@@ -771,8 +1170,6 @@ optional_policy(`
  	# bash tries ioctl for some reason
  	files_dontaudit_ioctl_all_pids(initrc_t)
  
@@ -153100,7 +153167,7 @@ index 29a9565..72897c6 100644
  ')
  
  optional_policy(`
-@@ -781,6 +1174,10 @@ optional_policy(`
+@@ -781,6 +1178,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153111,7 +153178,7 @@ index 29a9565..72897c6 100644
  	# shorewall-init script run /var/lib/shorewall/firewall
  	shorewall_lib_domtrans(initrc_t)
  ')
-@@ -790,10 +1187,12 @@ optional_policy(`
+@@ -790,10 +1191,12 @@ optional_policy(`
  	squid_manage_logs(initrc_t)
  ')
  
@@ -153124,7 +153191,7 @@ index 29a9565..72897c6 100644
  
  optional_policy(`
  	ssh_dontaudit_read_server_keys(initrc_t)
-@@ -805,7 +1204,6 @@ optional_policy(`
+@@ -805,7 +1208,6 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153132,7 +153199,7 @@ index 29a9565..72897c6 100644
  	udev_manage_pid_files(initrc_t)
  	udev_manage_rules_files(initrc_t)
  ')
-@@ -815,11 +1213,30 @@ optional_policy(`
+@@ -815,11 +1217,30 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153164,7 +153231,7 @@ index 29a9565..72897c6 100644
  
  	ifdef(`distro_redhat',`
  		# system-config-services causes avc messages that should be dontaudited
-@@ -829,6 +1246,18 @@ optional_policy(`
+@@ -829,6 +1250,18 @@ optional_policy(`
  	optional_policy(`
  		mono_domtrans(initrc_t)
  	')
@@ -153183,7 +153250,7 @@ index 29a9565..72897c6 100644
  ')
  
  optional_policy(`
-@@ -844,6 +1273,10 @@ optional_policy(`
+@@ -844,6 +1277,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -153194,7 +153261,7 @@ index 29a9565..72897c6 100644
  	# Set device ownerships/modes.
  	xserver_setattr_console_pipes(initrc_t)
  
-@@ -854,3 +1287,170 @@ optional_policy(`
+@@ -854,3 +1291,170 @@ optional_policy(`
  optional_policy(`
  	zebra_read_config(initrc_t)
  ')
@@ -153869,7 +153936,7 @@ index ddbd8be..b267b3f 100644
  domain_use_interactive_fds(iscsid_t)
  domain_dontaudit_read_all_domains_state(iscsid_t)
 diff --git a/policy/modules/system/libraries.fc b/policy/modules/system/libraries.fc
-index 560dc48..64acf0b 100644
+index 560dc48..1540998 100644
 --- a/policy/modules/system/libraries.fc
 +++ b/policy/modules/system/libraries.fc
 @@ -28,26 +28,24 @@ ifdef(`distro_redhat',`
@@ -154026,7 +154093,7 @@ index 560dc48..64acf0b 100644
  ')
  
  ifdef(`distro_gentoo',`
-@@ -195,7 +196,6 @@ HOME_DIR/.*/plugins/nppdf\.so.* --	gen_context(system_u:object_r:textrel_shlib_t
+@@ -195,94 +196,95 @@ HOME_DIR/.*/plugins/nppdf\.so.* --	gen_context(system_u:object_r:textrel_shlib_t
  /usr/lib/allegro/(.*/)?alleg-vga\.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/firefox-[^/]*/extensions(/.*)?/libqfaservices.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/firefox-[^/]*/plugins/nppdf.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -154034,7 +154101,8 @@ index 560dc48..64acf0b 100644
  /usr/lib/libFLAC\.so.*			--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/libfglrx_gamma\.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/mozilla/plugins/nppdf\.so 	-- 	gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -203,86 +203,87 @@ HOME_DIR/.*/plugins/nppdf\.so.* --	gen_context(system_u:object_r:textrel_shlib_t
++/usr/lib/mozilla/plugins/nswrapper_.*\.nppdf.so --  gen_context(system_u:object_r:textrel_shlib_t,s0)
+ /usr/lib/mozilla/plugins/libvlcplugin\.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/nx/libXcomp\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/nx/libjpeg\.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/VBoxVMM\.so			--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -154179,7 +154247,7 @@ index 560dc48..64acf0b 100644
  
  /usr/(local/)?Adobe/(.*/)?intellinux/nppdf\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/(local/)?Adobe/(.*/)?intellinux/sidecars/* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-@@ -303,8 +304,7 @@ HOME_DIR/.mozilla/plugins/nprhapengine\.so.* --	gen_context(system_u:object_r:te
+@@ -303,8 +305,7 @@ HOME_DIR/.mozilla/plugins/nprhapengine\.so.* --	gen_context(system_u:object_r:te
  /usr/lib/acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/acroread/.+\.api		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
  /usr/lib/acroread/(.*/)?ADMPlugin\.apl	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -154189,7 +154257,7 @@ index 560dc48..64acf0b 100644
  ') dnl end distro_redhat
  
  #
-@@ -312,17 +312,157 @@ HOME_DIR/.mozilla/plugins/nprhapengine\.so.* --	gen_context(system_u:object_r:te
+@@ -312,17 +313,157 @@ HOME_DIR/.mozilla/plugins/nprhapengine\.so.* --	gen_context(system_u:object_r:te
  #
  /var/cache/ldconfig(/.*)?			gen_context(system_u:object_r:ldconfig_cache_t,s0)
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index f643b00..0663bc9 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.10.0
-Release: 170%{?dist}
+Release: 171%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -479,6 +479,9 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Mon Jul 16 2013 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-171
+- Latest F17 fixes before EOL
+
 * Thu Jun 6 2013 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-170
 - Back port to allow l2tpd to read NM conf file
 - Add labeling for /run/nm-xl2tpd.conf