diff --git a/policy-F14.patch b/policy-F14.patch
index 87509a3..d6da465 100644
--- a/policy-F14.patch
+++ b/policy-F14.patch
@@ -24744,8 +24744,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mpd.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mpd.te serefpolicy-3.9.7/policy/modules/services/mpd.te
 --- nsaserefpolicy/policy/modules/services/mpd.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.9.7/policy/modules/services/mpd.te	2010-12-06 12:44:08.064042783 +0100
-@@ -0,0 +1,125 @@
++++ serefpolicy-3.9.7/policy/modules/services/mpd.te	2010-12-16 10:26:54.914042379 +0100
+@@ -0,0 +1,126 @@
 +policy_module(mpd, 1.0.0)
 +
 +########################################
@@ -24827,6 +24827,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mpd.
 +corenet_tcp_bind_mpd_port(mpd_t)
 +corenet_tcp_bind_soundd_port(mpd_t)
 +
++dev_read_sound(mpd_t)
 +dev_read_sysfs(mpd_t)
 +
 +files_read_usr_files(mpd_t)
@@ -25474,7 +25475,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
  	allow $1 munin_t:process { ptrace signal_perms };
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.te serefpolicy-3.9.7/policy/modules/services/munin.te
 --- nsaserefpolicy/policy/modules/services/munin.te	2010-10-12 22:42:48.000000000 +0200
-+++ serefpolicy-3.9.7/policy/modules/services/munin.te	2010-12-15 17:22:37.463292475 +0100
++++ serefpolicy-3.9.7/policy/modules/services/munin.te	2010-12-16 15:13:14.373042501 +0100
 @@ -5,6 +5,8 @@
  # Declarations
  #
@@ -25599,7 +25600,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
  ')
  
  optional_policy(`
-@@ -255,13 +263,10 @@
+@@ -245,6 +253,7 @@
+ # local policy for service plugins
+ #
+ 
++allow services_munin_plugin_t self:sem create_sem_perms;
+ allow services_munin_plugin_t self:tcp_socket create_stream_socket_perms;
+ allow services_munin_plugin_t self:udp_socket create_socket_perms;
+ allow services_munin_plugin_t self:netlink_route_socket r_netlink_socket_perms;
+@@ -255,13 +264,10 @@
  dev_read_urand(services_munin_plugin_t)
  dev_read_rand(services_munin_plugin_t)
  
@@ -25614,7 +25623,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
  	cups_stream_connect(services_munin_plugin_t)
  ')
  
-@@ -286,6 +291,10 @@
+@@ -286,6 +292,10 @@
  	snmp_read_snmp_var_lib_files(services_munin_plugin_t)
  ')
  
@@ -25625,7 +25634,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
  ##################################
  #
  # local policy for system plugins
-@@ -295,13 +304,12 @@
+@@ -295,13 +305,12 @@
  
  rw_files_pattern(system_munin_plugin_t, munin_var_lib_t, munin_var_lib_t)
  
@@ -25642,7 +25651,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/muni
  dev_read_sysfs(system_munin_plugin_t)
  dev_read_urand(system_munin_plugin_t)
  
-@@ -313,3 +321,31 @@
+@@ -313,3 +322,31 @@
  sysnet_exec_ifconfig(system_munin_plugin_t)
  
  term_getattr_unallocated_ttys(system_munin_plugin_t)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 7b93378..f18313c 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -471,6 +471,9 @@ exit 0
 %endif
 
 %changelog
+* Thu Dec 16 2010 Miroslav Grepl <mgrepl@redhat.com> 3.9.7-18
+- Other fixes for munin plugins policy
+
 * Wed Dec 15 2010 Miroslav Grepl <mgrepl@redhat.com> 3.9.7-17
 - Fixes for sandbox policy
 - Add setuid capability for vpnc