diff --git a/policy-f19-base.patch b/policy-f19-base.patch
index 2d1878f..63c2e65 100644
--- a/policy-f19-base.patch
+++ b/policy-f19-base.patch
@@ -22807,7 +22807,7 @@ index 6bf0ecc..307cefc 100644
 +	dontaudit $1 xserver_log_t:dir search_dir_perms;
 +')
 diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
-index 2696452..2855251 100644
+index 2696452..adbe339 100644
 --- a/policy/modules/services/xserver.te
 +++ b/policy/modules/services/xserver.te
 @@ -26,28 +26,59 @@ gen_require(`
@@ -23159,7 +23159,7 @@ index 2696452..2855251 100644
  	ssh_sigchld(xauth_t)
  	ssh_read_pipes(xauth_t)
  	ssh_dontaudit_rw_tcp_sockets(xauth_t)
-@@ -299,64 +414,107 @@ optional_policy(`
+@@ -299,64 +414,109 @@ optional_policy(`
  # XDM Local policy
  #
  
@@ -23172,7 +23172,7 @@ index 2696452..2855251 100644
 +	allow xdm_t self:process ptrace;
 +')
 +
-+allow xdm_t self:process { setexec setpgid getattr getcap setcap getsched getsession setsched setrlimit signal_perms setkeycreate };
++allow xdm_t self:process { setexec setpgid getattr getcap setcap getsched getsession setsched setrlimit signal_perms setkeycreate transition };
  allow xdm_t self:fifo_file rw_fifo_file_perms;
  allow xdm_t self:shm create_shm_perms;
  allow xdm_t self:sem create_sem_perms;
@@ -23182,13 +23182,15 @@ index 2696452..2855251 100644
  allow xdm_t self:tcp_socket create_stream_socket_perms;
  allow xdm_t self:udp_socket create_socket_perms;
 +allow xdm_t self:netlink_kobject_uevent_socket create_socket_perms;
++allow xdm_t self:netlink_selinux_socket create_socket_perms;
  allow xdm_t self:socket create_socket_perms;
  allow xdm_t self:appletalk_socket create_socket_perms;
  allow xdm_t self:key { search link write };
++allow xdm_t self:dbus { send_msg acquire_svc };
++
++allow xdm_t xauth_home_t:file manage_file_perms;
  
 -allow xdm_t xconsole_device_t:fifo_file { getattr setattr };
-+allow xdm_t xauth_home_t:file manage_file_perms;
-+
 +allow xdm_t xconsole_device_t:fifo_file { getattr_fifo_file_perms setattr_fifo_file_perms };
 +manage_dirs_pattern(xdm_t, xkb_var_lib_t, xkb_var_lib_t)
 +manage_files_pattern(xdm_t, xkb_var_lib_t, xkb_var_lib_t)
@@ -23277,7 +23279,7 @@ index 2696452..2855251 100644
  
  # connect to xdm xserver over stream socket
  stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
-@@ -365,20 +523,29 @@ stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
+@@ -365,20 +525,29 @@ stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
  delete_files_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t)
  delete_sock_files_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t)
  
@@ -23309,7 +23311,7 @@ index 2696452..2855251 100644
  corenet_all_recvfrom_netlabel(xdm_t)
  corenet_tcp_sendrecv_generic_if(xdm_t)
  corenet_udp_sendrecv_generic_if(xdm_t)
-@@ -388,38 +555,48 @@ corenet_tcp_sendrecv_all_ports(xdm_t)
+@@ -388,38 +557,49 @@ corenet_tcp_sendrecv_all_ports(xdm_t)
  corenet_udp_sendrecv_all_ports(xdm_t)
  corenet_tcp_bind_generic_node(xdm_t)
  corenet_udp_bind_generic_node(xdm_t)
@@ -23333,6 +23335,7 @@ index 2696452..2855251 100644
  dev_setattr_apm_bios_dev(xdm_t)
  dev_rw_dri(xdm_t)
  dev_rw_agp(xdm_t)
++dev_rw_wireless(xdm_t)
  dev_getattr_xserver_misc_dev(xdm_t)
  dev_setattr_xserver_misc_dev(xdm_t)
 +dev_rw_xserver_misc(xdm_t)
@@ -23362,7 +23365,7 @@ index 2696452..2855251 100644
  
  files_read_etc_files(xdm_t)
  files_read_var_files(xdm_t)
-@@ -430,9 +607,28 @@ files_list_mnt(xdm_t)
+@@ -430,9 +610,28 @@ files_list_mnt(xdm_t)
  files_read_usr_files(xdm_t)
  # Poweroff wants to create the /poweroff file when run from xdm
  files_create_boot_flag(xdm_t)
@@ -23391,7 +23394,7 @@ index 2696452..2855251 100644
  
  storage_dontaudit_read_fixed_disk(xdm_t)
  storage_dontaudit_write_fixed_disk(xdm_t)
-@@ -441,28 +637,45 @@ storage_dontaudit_raw_read_removable_device(xdm_t)
+@@ -441,28 +640,45 @@ storage_dontaudit_raw_read_removable_device(xdm_t)
  storage_dontaudit_raw_write_removable_device(xdm_t)
  storage_dontaudit_setattr_removable_dev(xdm_t)
  storage_dontaudit_rw_scsi_generic(xdm_t)
@@ -23440,7 +23443,7 @@ index 2696452..2855251 100644
  
  userdom_dontaudit_use_unpriv_user_fds(xdm_t)
  userdom_create_all_users_keys(xdm_t)
-@@ -471,24 +684,144 @@ userdom_read_user_home_content_files(xdm_t)
+@@ -471,24 +687,144 @@ userdom_read_user_home_content_files(xdm_t)
  # Search /proc for any user domain processes.
  userdom_read_all_users_state(xdm_t)
  userdom_signal_all_users(xdm_t)
@@ -23591,7 +23594,7 @@ index 2696452..2855251 100644
  tunable_policy(`xdm_sysadm_login',`
  	userdom_xsession_spec_domtrans_all_users(xdm_t)
  	# FIXME:
-@@ -502,11 +835,26 @@ tunable_policy(`xdm_sysadm_login',`
+@@ -502,11 +838,26 @@ tunable_policy(`xdm_sysadm_login',`
  ')
  
  optional_policy(`
@@ -23618,11 +23621,12 @@ index 2696452..2855251 100644
  ')
  
  optional_policy(`
-@@ -514,12 +862,56 @@ optional_policy(`
+@@ -514,12 +865,57 @@ optional_policy(`
  ')
  
  optional_policy(`
 +	dbus_system_bus_client(xdm_t)
++	dbus_connect_system_bus(xdm_t)
 +
 +	optional_policy(`
 +		bluetooth_dbus_chat(xdm_t)
@@ -23675,7 +23679,7 @@ index 2696452..2855251 100644
  	hostname_exec(xdm_t)
  ')
  
-@@ -537,28 +929,78 @@ optional_policy(`
+@@ -537,28 +933,78 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -23763,7 +23767,7 @@ index 2696452..2855251 100644
  ')
  
  optional_policy(`
-@@ -570,6 +1012,14 @@ optional_policy(`
+@@ -570,6 +1016,14 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -23778,7 +23782,16 @@ index 2696452..2855251 100644
  	xfs_stream_connect(xdm_t)
  ')
  
-@@ -594,8 +1044,11 @@ allow xserver_t input_xevent_t:x_event send;
+@@ -584,7 +1038,7 @@ type_transition xserver_t xserver_t:x_colormap root_xcolormap_t;
+ type_transition root_xdrawable_t input_xevent_t:x_event root_input_xevent_t;
+ 
+ allow xserver_t { root_xdrawable_t x_domain }:x_drawable send;
+-allow xserver_t input_xevent_t:x_event send;
++allow xserver_t xevent_type:x_event send;
+ 
+ # setuid/setgid for the wrapper program to change UID
+ # sys_rawio is for iopl access - should not be needed for frame-buffer
+@@ -594,8 +1048,11 @@ allow xserver_t input_xevent_t:x_event send;
  # execheap needed until the X module loader is fixed.
  # NVIDIA Needs execstack
  
@@ -23791,7 +23804,7 @@ index 2696452..2855251 100644
  allow xserver_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
  allow xserver_t self:fd use;
  allow xserver_t self:fifo_file rw_fifo_file_perms;
-@@ -608,8 +1061,15 @@ allow xserver_t self:unix_dgram_socket { create_socket_perms sendto };
+@@ -608,8 +1065,15 @@ allow xserver_t self:unix_dgram_socket { create_socket_perms sendto };
  allow xserver_t self:unix_stream_socket { create_stream_socket_perms connectto };
  allow xserver_t self:tcp_socket create_stream_socket_perms;
  allow xserver_t self:udp_socket create_socket_perms;
@@ -23807,7 +23820,7 @@ index 2696452..2855251 100644
  manage_dirs_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
  manage_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
  manage_sock_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
-@@ -617,6 +1077,10 @@ files_tmp_filetrans(xserver_t, xserver_tmp_t, { file dir sock_file })
+@@ -617,6 +1081,10 @@ files_tmp_filetrans(xserver_t, xserver_tmp_t, { file dir sock_file })
  
  filetrans_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t, sock_file)
  
@@ -23818,7 +23831,7 @@ index 2696452..2855251 100644
  manage_dirs_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
  manage_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
  manage_lnk_files_pattern(xserver_t, xserver_tmpfs_t, xserver_tmpfs_t)
-@@ -628,12 +1092,19 @@ manage_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
+@@ -628,12 +1096,19 @@ manage_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
  manage_lnk_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
  files_search_var_lib(xserver_t)
  
@@ -23840,7 +23853,7 @@ index 2696452..2855251 100644
  
  kernel_read_system_state(xserver_t)
  kernel_read_device_sysctls(xserver_t)
-@@ -641,12 +1112,12 @@ kernel_read_modprobe_sysctls(xserver_t)
+@@ -641,12 +1116,12 @@ kernel_read_modprobe_sysctls(xserver_t)
  # Xorg wants to check if kernel is tainted
  kernel_read_kernel_sysctls(xserver_t)
  kernel_write_proc_files(xserver_t)
@@ -23854,7 +23867,7 @@ index 2696452..2855251 100644
  corenet_all_recvfrom_netlabel(xserver_t)
  corenet_tcp_sendrecv_generic_if(xserver_t)
  corenet_udp_sendrecv_generic_if(xserver_t)
-@@ -667,23 +1138,28 @@ dev_rw_apm_bios(xserver_t)
+@@ -667,23 +1142,28 @@ dev_rw_apm_bios(xserver_t)
  dev_rw_agp(xserver_t)
  dev_rw_framebuffer(xserver_t)
  dev_manage_dri_dev(xserver_t)
@@ -23886,7 +23899,7 @@ index 2696452..2855251 100644
  
  # brought on by rhgb
  files_search_mnt(xserver_t)
-@@ -694,7 +1170,16 @@ fs_getattr_xattr_fs(xserver_t)
+@@ -694,7 +1174,16 @@ fs_getattr_xattr_fs(xserver_t)
  fs_search_nfs(xserver_t)
  fs_search_auto_mountpoints(xserver_t)
  fs_search_ramfs(xserver_t)
@@ -23904,7 +23917,7 @@ index 2696452..2855251 100644
  mls_xwin_read_to_clearance(xserver_t)
  
  selinux_validate_context(xserver_t)
-@@ -708,20 +1193,18 @@ init_getpgid(xserver_t)
+@@ -708,20 +1197,18 @@ init_getpgid(xserver_t)
  term_setattr_unallocated_ttys(xserver_t)
  term_use_unallocated_ttys(xserver_t)
  
@@ -23928,7 +23941,7 @@ index 2696452..2855251 100644
  
  userdom_search_user_home_dirs(xserver_t)
  userdom_use_user_ttys(xserver_t)
-@@ -729,8 +1212,6 @@ userdom_setattr_user_ttys(xserver_t)
+@@ -729,8 +1216,6 @@ userdom_setattr_user_ttys(xserver_t)
  userdom_read_user_tmp_files(xserver_t)
  userdom_rw_user_tmpfs_files(xserver_t)
  
@@ -23937,7 +23950,7 @@ index 2696452..2855251 100644
  ifndef(`distro_redhat',`
  	allow xserver_t self:process { execmem execheap execstack };
  	domain_mmap_low_uncond(xserver_t)
-@@ -775,16 +1256,44 @@ optional_policy(`
+@@ -775,16 +1260,44 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -23983,7 +23996,7 @@ index 2696452..2855251 100644
  	unconfined_domtrans(xserver_t)
  ')
  
-@@ -793,6 +1302,10 @@ optional_policy(`
+@@ -793,6 +1306,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -23994,7 +24007,7 @@ index 2696452..2855251 100644
  	xfs_stream_connect(xserver_t)
  ')
  
-@@ -808,10 +1321,10 @@ allow xserver_t xdm_t:shm rw_shm_perms;
+@@ -808,10 +1325,10 @@ allow xserver_t xdm_t:shm rw_shm_perms;
  
  # NB we do NOT allow xserver_t xdm_var_lib_t:dir, only access to an open
  # handle of a file inside the dir!!!
@@ -24008,7 +24021,7 @@ index 2696452..2855251 100644
  
  # Label pid and temporary files with derived types.
  manage_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
-@@ -819,7 +1332,7 @@ manage_lnk_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
+@@ -819,7 +1336,7 @@ manage_lnk_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
  manage_sock_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
  
  # Run xkbcomp.
@@ -24017,7 +24030,7 @@ index 2696452..2855251 100644
  can_exec(xserver_t, xkb_var_lib_t)
  
  # VNC v4 module in X server
-@@ -832,26 +1345,21 @@ init_use_fds(xserver_t)
+@@ -832,26 +1349,21 @@ init_use_fds(xserver_t)
  # to read ROLE_home_t - examine this in more detail
  # (xauth?)
  userdom_read_user_home_content_files(xserver_t)
@@ -24052,7 +24065,7 @@ index 2696452..2855251 100644
  ')
  
  optional_policy(`
-@@ -902,7 +1410,7 @@ allow x_domain xproperty_t:x_property { getattr create read write append destroy
+@@ -902,7 +1414,7 @@ allow x_domain xproperty_t:x_property { getattr create read write append destroy
  allow x_domain root_xdrawable_t:x_drawable { getattr setattr list_child add_child remove_child send receive hide show };
  # operations allowed on my windows
  allow x_domain self:x_drawable { create destroy getattr setattr read write show hide list_child add_child remove_child manage send receive };
@@ -24061,7 +24074,7 @@ index 2696452..2855251 100644
  # operations allowed on all windows
  allow x_domain x_domain:x_drawable { getattr get_property set_property remove_child };
  
-@@ -956,11 +1464,31 @@ allow x_domain self:x_resource { read write };
+@@ -956,11 +1468,31 @@ allow x_domain self:x_resource { read write };
  # can mess with the screensaver
  allow x_domain xserver_t:x_screen { getattr saver_getattr };
  
@@ -24093,7 +24106,7 @@ index 2696452..2855251 100644
  tunable_policy(`! xserver_object_manager',`
  	# should be xserver_unconfined(x_domain),
  	# but typeattribute doesnt work in conditionals
-@@ -982,18 +1510,150 @@ tunable_policy(`! xserver_object_manager',`
+@@ -982,18 +1514,150 @@ tunable_policy(`! xserver_object_manager',`
  	allow x_domain xevent_type:{ x_event x_synthetic_event } *;
  ')
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index cf7fb4e..075ff93 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.12.1
-Release: 74.12%{?dist}
+Release: 74.13%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -539,6 +539,9 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Mon Nov 11 2013 Miroslav Grepl <mgrepl@redhat.com> 3.12.1-74.13
+- Update xserver.te to make GDM working
+
 * Fri Nov 08 2013 Lukas Vrabec <lvrabec@redhat.com> 3.12.1-74.12
 - Fixed userdom_dontaudit_delete_user_tmp_files
 - Add auth_exec_chkpwd interface