Module bumping for 20120725

author: Sven Vermeulen <sven.vermeulen@siphos.be> 2012-07-26 22:12:22 +0200
committer: Sven Vermeulen <sven.vermeulen@siphos.be> 2012-07-26 22:12:22 +0200
commit: 94d2d2ba011723b7ad8a113f0a25277741780ba3 (patch)
tree: c268ef47fb8bb8f06f31c45660fa60e38767a7c4 /policy/modules
parent: Adding cert_home type declaration (diff)
download: hardened-refpolicy-94d2d2ba011723b7ad8a113f0a25277741780ba3.tar.gz
hardened-refpolicy-94d2d2ba011723b7ad8a113f0a25277741780ba3.tar.bz2
hardened-refpolicy-94d2d2ba011723b7ad8a113f0a25277741780ba3.zip
95 files changed, 241 insertions, 250 deletions
diff --git a/policy/modules/admin/sudo.te b/policy/modules/admin/sudo.te
index 56ead1dec..d9fce57ab 100644
--- a/policy/modules/admin/sudo.te
+++ b/policy/modules/admin/sudo.te
@@ -1,4 +1,4 @@
-policy_module(sudo, 1.9.0)
+policy_module(sudo, 1.10.0)
 
 ########################################
 #
diff --git a/policy/modules/admin/usermanage.fc b/policy/modules/admin/usermanage.fc
index fb794f9e6..f82f0ce0a 100644
--- a/policy/modules/admin/usermanage.fc
+++ b/policy/modules/admin/usermanage.fc
@@ -10,7 +10,7 @@ ifdef(`distro_gentoo',`
 /usr/bin/vigr		--	gen_context(system_u:object_r:admin_passwd_exec_t,s0)
 /usr/bin/vipw		--	gen_context(system_u:object_r:admin_passwd_exec_t,s0)
 
-/usr/lib/cracklib_dict.* -- gen_context(system_u:object_r:crack_db_t,s0)
+/usr/lib/cracklib_dict.* --	gen_context(system_u:object_r:crack_db_t,s0)
 
 /usr/sbin/crack_[a-z]*	--	gen_context(system_u:object_r:crack_exec_t,s0)
 /usr/sbin/cracklib-[a-z]* --	gen_context(system_u:object_r:crack_exec_t,s0)
diff --git a/policy/modules/admin/usermanage.te b/policy/modules/admin/usermanage.te
index 07a99a683..673180c84 100644
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@@ -1,4 +1,4 @@
-policy_module(usermanage, 1.17.0)
+policy_module(usermanage, 1.18.0)
 
 ########################################
 #
@@ -6,11 +6,9 @@ policy_module(usermanage, 1.17.0)
 #
 
 attribute_role chfn_roles;
-role chfn_roles types chfn_t;
 role system_r types chfn_t;
 
 attribute_role groupadd_roles;
-role groupadd_roles types groupadd_t;
 
 attribute_role passwd_roles;
 roleattribute system_r passwd_roles;
@@ -19,7 +17,6 @@ attribute_role sysadm_passwd_roles;
 roleattribute system_r sysadm_passwd_roles;
 
 attribute_role useradd_roles;
-role useradd_roles types useradd_t;
 
 type admin_passwd_exec_t;
 files_type(admin_passwd_exec_t)
@@ -28,6 +25,7 @@ type chfn_t;
 type chfn_exec_t;
 domain_obj_id_change_exemption(chfn_t)
 application_domain(chfn_t, chfn_exec_t)
+role chfn_roles types chfn_t;
 
 type crack_t;
 type crack_exec_t;
@@ -44,6 +42,7 @@ type groupadd_t;
 type groupadd_exec_t;
 domain_obj_id_change_exemption(groupadd_t)
 init_system_domain(groupadd_t, groupadd_exec_t)
+role groupadd_roles types groupadd_t;
 
 type passwd_t;
 type passwd_exec_t;
@@ -63,6 +62,7 @@ type useradd_t;
 type useradd_exec_t;
 domain_obj_id_change_exemption(useradd_t)
 init_system_domain(useradd_t, useradd_exec_t)
+role useradd_roles types useradd_t;
 
 ########################################
 #
@@ -337,8 +337,8 @@ logging_send_syslog_msg(passwd_t)
 
 miscfiles_read_localization(passwd_t)
 
-seutil_read_config(groupadd_t)
-seutil_read_file_contexts(groupadd_t)
+seutil_read_config(passwd_t)
+seutil_read_file_contexts(passwd_t)
 
 userdom_use_user_terminals(passwd_t)
 userdom_use_unpriv_users_fds(passwd_t)
diff --git a/policy/modules/contrib/amanda.fc b/policy/modules/contrib/amanda.fc
index 3fd0282e8..967c1ef66 100644
--- a/policy/modules/contrib/amanda.fc
+++ b/policy/modules/contrib/amanda.fc
@@ -7,9 +7,9 @@
 
 /root/restore			-d	gen_context(system_u:object_r:amanda_recover_dir_t,s0)
 
-/usr/lib/amanda		-d	gen_context(system_u:object_r:amanda_usr_lib_t,s0)
+/usr/lib/amanda			-d	gen_context(system_u:object_r:amanda_usr_lib_t,s0)
 /usr/lib/amanda/.+		--	gen_context(system_u:object_r:amanda_exec_t,s0)
-/usr/lib/amanda/amandad	--	gen_context(system_u:object_r:amanda_inetd_exec_t,s0)
+/usr/lib/amanda/amandad		--	gen_context(system_u:object_r:amanda_inetd_exec_t,s0)
 /usr/lib/amanda/amidxtaped	--	gen_context(system_u:object_r:amanda_inetd_exec_t,s0)
 /usr/lib/amanda/amindexd	--	gen_context(system_u:object_r:amanda_inetd_exec_t,s0)
 
diff --git a/policy/modules/contrib/amanda.te b/policy/modules/contrib/amanda.te
index 46d467c10..d8b5abea5 100644
--- a/policy/modules/contrib/amanda.te
+++ b/policy/modules/contrib/amanda.te
@@ -1,4 +1,4 @@
-policy_module(amanda, 1.13.0)
+policy_module(amanda, 1.14.0)
 
 #######################################
 #
diff --git a/policy/modules/contrib/amavis.te b/policy/modules/contrib/amavis.te
index c4f592497..505309b36 100644
--- a/policy/modules/contrib/amavis.te
+++ b/policy/modules/contrib/amavis.te
@@ -1,4 +1,4 @@
-policy_module(amavis, 1.13.0)
+policy_module(amavis, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/apache.fc b/policy/modules/contrib/apache.fc
index 557b4c321..fd9fa072c 100644
--- a/policy/modules/contrib/apache.fc
+++ b/policy/modules/contrib/apache.fc
@@ -25,12 +25,12 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_u
 /usr/lib/apache-ssl/.+		--	gen_context(system_u:object_r:httpd_exec_t,s0)
 /usr/lib/cgi-bin(/.*)?			gen_context(system_u:object_r:httpd_sys_script_exec_t,s0)
 /usr/lib/dirsrv/cgi-bin(/.*)?		gen_context(system_u:object_r:httpd_sys_script_exec_t,s0)
-/usr/lib/apache(/.*)?		gen_context(system_u:object_r:httpd_modules_t,s0)
-/usr/lib/apache2/modules(/.*)?	gen_context(system_u:object_r:httpd_modules_t,s0)
-/usr/lib/apache(2)?/suexec(2)? --	gen_context(system_u:object_r:httpd_suexec_exec_t,s0)
-/usr/lib/cgi-bin/(nph-)?cgiwrap(d)? -- gen_context(system_u:object_r:httpd_suexec_exec_t,s0)
-/usr/lib/httpd(/.*)?		gen_context(system_u:object_r:httpd_modules_t,s0)
-/usr/lib/lighttpd(/.*)?		gen_context(system_u:object_r:httpd_modules_t,s0)
+/usr/lib/apache(/.*)?			gen_context(system_u:object_r:httpd_modules_t,s0)
+/usr/lib/apache2/modules(/.*)?		gen_context(system_u:object_r:httpd_modules_t,s0)
+/usr/lib/apache(2)?/suexec(2)?	--	gen_context(system_u:object_r:httpd_suexec_exec_t,s0)
+/usr/lib/cgi-bin/(nph-)?cgiwrap(d)? --	gen_context(system_u:object_r:httpd_suexec_exec_t,s0)
+/usr/lib/httpd(/.*)?			gen_context(system_u:object_r:httpd_modules_t,s0)
+/usr/lib/lighttpd(/.*)?			gen_context(system_u:object_r:httpd_modules_t,s0)
 
 /usr/sbin/apache(2)?		--	gen_context(system_u:object_r:httpd_exec_t,s0)
 /usr/sbin/apache-ssl(2)?	--	gen_context(system_u:object_r:httpd_exec_t,s0)
diff --git a/policy/modules/contrib/apache.te b/policy/modules/contrib/apache.te
index d2e9d6276..50659266b 100644
--- a/policy/modules/contrib/apache.te
+++ b/policy/modules/contrib/apache.te
@@ -1,4 +1,4 @@
-policy_module(apache, 2.3.0)
+policy_module(apache, 2.4.0)
 
 #
 # NOTES:
diff --git a/policy/modules/contrib/asterisk.if b/policy/modules/contrib/asterisk.if
index bd6273f13..b6168fd30 100644
--- a/policy/modules/contrib/asterisk.if
+++ b/policy/modules/contrib/asterisk.if
@@ -39,6 +39,47 @@ interface(`asterisk_stream_connect',`
 	stream_connect_pattern($1, asterisk_var_run_t, asterisk_var_run_t, asterisk_t)
 ')
 
+#######################################
+## <summary>
+##	Allow changing the attributes of the asterisk log files and directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`asterisk_setattr_logs',`
+	gen_require(`
+		type asterisk_log_t;
+	')
+
+	setattr_files_pattern($1, asterisk_log_t, asterisk_log_t)
+	setattr_dirs_pattern($1, asterisk_log_t, asterisk_log_t)
+
+	logging_search_logs($1)
+')
+
+#######################################
+## <summary>
+##	Allow changing the attributes of the asterisk PID files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`asterisk_setattr_pid_files',`
+	gen_require(`
+		type asterisk_var_run_t;
+	')
+
+	setattr_files_pattern($1, asterisk_var_run_t, asterisk_var_run_t)
+	setattr_dirs_pattern($1, asterisk_var_run_t, asterisk_var_run_t)
+	files_search_pids($1)
+')
+
 ########################################
 ## <summary>
 ##	All of the rules required to administrate
@@ -90,46 +131,3 @@ interface(`asterisk_admin',`
 	files_list_pids($1)
 	admin_pattern($1, asterisk_var_run_t)
 ')
-
-#######################################
-## <summary>
-##   Allow changing the attributes of the asterisk log files and directories
-## </summary>
-## <param name="domain">
-##   <summary>
-##     Domain allowed to change the attributes of the asterisk log files and
-##     directories
-##   </summary>
-## </param>
-#
-interface(`asterisk_setattr_logs',`
-	gen_require(`
-		type asterisk_log_t;
-	')
-
-	setattr_files_pattern($1, asterisk_log_t, asterisk_log_t)
-	setattr_dirs_pattern($1, asterisk_log_t, asterisk_log_t)
-
-	logging_search_logs($1)
-')
-
-#######################################
-## <summary>
-##   Allow changing the attributes of the asterisk PID files
-## </summary>
-## <param name="domain">
-##   <summary>
-##     Domain allowed to change the attributes of the asterisk PID files
-##   </summary>
-## </param>
-#
-interface(`asterisk_setattr_pid_files',`
-	gen_require(`
-		type asterisk_var_run_t;
-	')
-
-	setattr_files_pattern($1, asterisk_var_run_t, asterisk_var_run_t)
-	setattr_dirs_pattern($1, asterisk_var_run_t, asterisk_var_run_t)
-
-	files_search_pids($1)
-')
diff --git a/policy/modules/contrib/asterisk.te b/policy/modules/contrib/asterisk.te
index dda6c5e5c..159610b31 100644
--- a/policy/modules/contrib/asterisk.te
+++ b/policy/modules/contrib/asterisk.te
@@ -1,4 +1,4 @@
-policy_module(asterisk, 1.10.0)
+policy_module(asterisk, 1.11.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/authbind.te b/policy/modules/contrib/authbind.te
index b4285f76a..682727b80 100644
--- a/policy/modules/contrib/authbind.te
+++ b/policy/modules/contrib/authbind.te
@@ -1,4 +1,4 @@
-policy_module(authbind, 1.1.0)
+policy_module(authbind, 1.2.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/bacula.fc b/policy/modules/contrib/bacula.fc
index b70b6d29c..8768af7a0 100644
--- a/policy/modules/contrib/bacula.fc
+++ b/policy/modules/contrib/bacula.fc
@@ -10,7 +10,7 @@
 #
 /etc/bacula(/.*)?		gen_context(system_u:object_r:bacula_etc_t,s0)
 
-# 
+#
 # /var
 #
 /var/lib/bacula(/.*)?		gen_context(system_u:object_r:bacula_var_lib_t,s0)
diff --git a/policy/modules/contrib/bacula.te b/policy/modules/contrib/bacula.te
index f2ad36422..fc4ba2ab4 100644
--- a/policy/modules/contrib/bacula.te
+++ b/policy/modules/contrib/bacula.te
@@ -84,7 +84,7 @@ optional_policy(`
 	mysql_stream_connect(bacula_t)
 	mysql_tcp_connect(bacula_t)
 ')
-	
+
 optional_policy(`
 	nis_use_ypbind(bacula_t)
 ')
@@ -94,7 +94,6 @@ optional_policy(`
 	ldap_stream_connect(bacula_t)
 ')
 
-
 ########################################
 #
 # Local policy - bacula admin client
@@ -119,4 +118,3 @@ sysnet_dns_name_resolve(bacula_admin_t)
 userdom_dontaudit_search_user_home_dirs(bacula_admin_t)
 userdom_use_user_ptys(bacula_admin_t)
 
-
diff --git a/policy/modules/contrib/clamav.te b/policy/modules/contrib/clamav.te
index f75832372..a10350e23 100644
--- a/policy/modules/contrib/clamav.te
+++ b/policy/modules/contrib/clamav.te
@@ -1,4 +1,4 @@
-policy_module(clamav, 1.9.0)
+policy_module(clamav, 1.10.0)
 
 ## <desc>
 ## <p>
diff --git a/policy/modules/contrib/courier.fc b/policy/modules/contrib/courier.fc
index b7752c355..1ae79c010 100644
--- a/policy/modules/contrib/courier.fc
+++ b/policy/modules/contrib/courier.fc
@@ -11,14 +11,14 @@
 /usr/sbin/imaplogin			--	gen_context(system_u:object_r:courier_authdaemon_exec_t,s0)
 
 /usr/lib/courier/(courier-)?authlib/.* --	gen_context(system_u:object_r:courier_authdaemon_exec_t,s0)
-/usr/lib/courier/courier/.*	--	gen_context(system_u:object_r:courier_exec_t,s0)
-/usr/lib/courier/courier/courierpop.* --	gen_context(system_u:object_r:courier_pop_exec_t,s0)
-/usr/lib/courier/courier/imaplogin --	gen_context(system_u:object_r:courier_pop_exec_t,s0)
-/usr/lib/courier/courier/pcpd	--	gen_context(system_u:object_r:courier_pcp_exec_t,s0)
-/usr/lib/courier/imapd		--	gen_context(system_u:object_r:courier_pop_exec_t,s0)
-/usr/lib/courier/pop3d		--	gen_context(system_u:object_r:courier_pop_exec_t,s0)
+/usr/lib/courier/courier/.*		--	gen_context(system_u:object_r:courier_exec_t,s0)
+/usr/lib/courier/courier/courierpop.*	--	gen_context(system_u:object_r:courier_pop_exec_t,s0)
+/usr/lib/courier/courier/imaplogin	--	gen_context(system_u:object_r:courier_pop_exec_t,s0)
+/usr/lib/courier/courier/pcpd		--	gen_context(system_u:object_r:courier_pcp_exec_t,s0)
+/usr/lib/courier/imapd			--	gen_context(system_u:object_r:courier_pop_exec_t,s0)
+/usr/lib/courier/pop3d			--	gen_context(system_u:object_r:courier_pop_exec_t,s0)
 /usr/lib/courier/rootcerts(/.*)?		gen_context(system_u:object_r:courier_etc_t,s0)
-/usr/lib/courier/sqwebmail/cleancache\.pl -- gen_context(system_u:object_r:sqwebmail_cron_exec_t,s0)
+/usr/lib/courier/sqwebmail/cleancache\.pl --	gen_context(system_u:object_r:sqwebmail_cron_exec_t,s0)
 
 ifdef(`distro_gentoo',`
 /usr/lib/courier-imap/couriertcpd	--	gen_context(system_u:object_r:courier_tcpd_exec_t,s0)
diff --git a/policy/modules/contrib/courier.te b/policy/modules/contrib/courier.te
index 98c312256..b5225ff06 100644
--- a/policy/modules/contrib/courier.te
+++ b/policy/modules/contrib/courier.te
@@ -1,4 +1,4 @@
-policy_module(courier, 1.12.0)
+policy_module(courier, 1.13.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/cups.fc b/policy/modules/contrib/cups.fc
index cb94caab7..848bb92a1 100644
--- a/policy/modules/contrib/cups.fc
+++ b/policy/modules/contrib/cups.fc
@@ -26,7 +26,6 @@
 /usr/bin/cups-config-daemon --	gen_context(system_u:object_r:cupsd_config_exec_t,s0)
 /usr/bin/hpijs		--	gen_context(system_u:object_r:hplip_exec_t,s0)
 
-# keep as separate lines to ensure proper sorting
 /usr/lib/cups/daemon/cups-lpd -- gen_context(system_u:object_r:cupsd_lpd_exec_t,s0)
 /usr/lib/cups/backend/cups-pdf -- gen_context(system_u:object_r:cups_pdf_exec_t,s0)
 /usr/lib/cups/backend/hp.* --	gen_context(system_u:object_r:hplip_exec_t,s0)
diff --git a/policy/modules/contrib/cups.te b/policy/modules/contrib/cups.te
index 0f28095a2..e5a8924be 100644
--- a/policy/modules/contrib/cups.te
+++ b/policy/modules/contrib/cups.te
@@ -1,4 +1,4 @@
-policy_module(cups, 1.14.0)
+policy_module(cups, 1.15.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/cyrus.fc b/policy/modules/contrib/cyrus.fc
index d58d8ec2f..8f99a5a77 100644
--- a/policy/modules/contrib/cyrus.fc
+++ b/policy/modules/contrib/cyrus.fc
@@ -1,6 +1,6 @@
 /etc/rc\.d/init\.d/cyrus		--	gen_context(system_u:object_r:cyrus_initrc_exec_t,s0)
 
-/usr/lib/cyrus/master		--	gen_context(system_u:object_r:cyrus_exec_t,s0)
+/usr/lib/cyrus/master			--	gen_context(system_u:object_r:cyrus_exec_t,s0)
 /usr/lib/cyrus-imapd/cyrus-master	--	gen_context(system_u:object_r:cyrus_exec_t,s0)
 
 /var/imap(/.*)?					gen_context(system_u:object_r:cyrus_var_lib_t,s0)
diff --git a/policy/modules/contrib/cyrus.te b/policy/modules/contrib/cyrus.te
index 2ced0233c..097fdcc39 100644
--- a/policy/modules/contrib/cyrus.te
+++ b/policy/modules/contrib/cyrus.te
@@ -1,4 +1,4 @@
-policy_module(cyrus, 1.11.0)
+policy_module(cyrus, 1.12.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/dbus.te b/policy/modules/contrib/dbus.te
index ea3d8d269..625cb32ae 100644
--- a/policy/modules/contrib/dbus.te
+++ b/policy/modules/contrib/dbus.te
@@ -1,4 +1,4 @@
-policy_module(dbus, 1.16.0)
+policy_module(dbus, 1.17.0)
 
 gen_require(`
 	class dbus all_dbus_perms;
diff --git a/policy/modules/contrib/dhcp.te b/policy/modules/contrib/dhcp.te
index ddcac941a..d7cef0566 100644
--- a/policy/modules/contrib/dhcp.te
+++ b/policy/modules/contrib/dhcp.te
@@ -1,4 +1,4 @@
-policy_module(dhcp, 1.9.0)
+policy_module(dhcp, 1.10.0)
 
 ########################################
 #
@@ -6,10 +6,10 @@ policy_module(dhcp, 1.9.0)
 #
 ## <desc>
 ## <p>
-##	Enable LDAP backend support for DHCP daemon.
+## Allow DHCP daemon to use LDAP backends
 ## </p>
 ## </desc>
-gen_tunable(dhcp_use_ldap, false)
+gen_tunable(dhcpd_use_ldap, false)
 
 type dhcpd_t;
 type dhcpd_exec_t;
@@ -72,7 +72,6 @@ corenet_tcp_sendrecv_all_ports(dhcpd_t)
 corenet_udp_sendrecv_all_ports(dhcpd_t)
 corenet_tcp_bind_generic_node(dhcpd_t)
 corenet_udp_bind_generic_node(dhcpd_t)
-corenet_udp_bind_all_unreserved_ports(dhcpd_t) # scanning available interfaces
 corenet_tcp_bind_dhcpd_port(dhcpd_t)
 corenet_udp_bind_dhcpd_port(dhcpd_t)
 corenet_udp_bind_pxe_port(dhcpd_t)
@@ -80,6 +79,8 @@ corenet_tcp_connect_all_ports(dhcpd_t)
 corenet_sendrecv_dhcpd_server_packets(dhcpd_t)
 corenet_sendrecv_pxe_server_packets(dhcpd_t)
 corenet_sendrecv_all_client_packets(dhcpd_t)
+# Needed to detect open number of interfaces (common/discover.c::begin_iface_scan)
+corenet_udp_bind_all_unreserved_ports(dhcpd_t)
 
 dev_read_sysfs(dhcpd_t)
 dev_read_rand(dhcpd_t)
@@ -112,7 +113,7 @@ ifdef(`distro_gentoo',`
 	allow dhcpd_t self:capability { chown dac_override setgid setuid sys_chroot };
 ')
 
-tunable_policy(`dhcp_use_ldap',`
+tunable_policy(`dhcpd_use_ldap',`
 	sysnet_use_ldap(dhcpd_t)
 ')
 
diff --git a/policy/modules/contrib/dpkg.te b/policy/modules/contrib/dpkg.te
index d134e6ea3..52725c415 100644
--- a/policy/modules/contrib/dpkg.te
+++ b/policy/modules/contrib/dpkg.te
@@ -1,4 +1,4 @@
-policy_module(dpkg, 1.9.0)
+policy_module(dpkg, 1.10.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/ftp.te b/policy/modules/contrib/ftp.te
index df288c3e9..80026bb9f 100644
--- a/policy/modules/contrib/ftp.te
+++ b/policy/modules/contrib/ftp.te
@@ -1,4 +1,4 @@
-policy_module(ftp, 1.13.0)
+policy_module(ftp, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/git.te b/policy/modules/contrib/git.te
index 511175bee..6e8e1f362 100644
--- a/policy/modules/contrib/git.te
+++ b/policy/modules/contrib/git.te
@@ -1,4 +1,4 @@
-policy_module(git, 1.1.0)
+policy_module(git, 1.2.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/gpg.fc b/policy/modules/contrib/gpg.fc
index 4df7fbea2..5207fc2e5 100644
--- a/policy/modules/contrib/gpg.fc
+++ b/policy/modules/contrib/gpg.fc
@@ -8,4 +8,4 @@ HOME_DIR/\.gnupg/log-socket	gen_context(system_u:object_r:gpg_agent_tmp_t,s0)
 /usr/bin/pinentry.*	--	gen_context(system_u:object_r:pinentry_exec_t,s0)
 
 /usr/lib/gnupg/.*	--	gen_context(system_u:object_r:gpg_exec_t,s0)
-/usr/lib/gnupg/gpgkeys.* -- gen_context(system_u:object_r:gpg_helper_exec_t,s0)
+/usr/lib/gnupg/gpgkeys.* --	gen_context(system_u:object_r:gpg_helper_exec_t,s0)
diff --git a/policy/modules/contrib/gpg.te b/policy/modules/contrib/gpg.te
index 8a2bd8028..18a9809fb 100644
--- a/policy/modules/contrib/gpg.te
+++ b/policy/modules/contrib/gpg.te
@@ -1,4 +1,4 @@
-policy_module(gpg, 2.5.0)
+policy_module(gpg, 2.6.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/inn.fc b/policy/modules/contrib/inn.fc
index f1973880d..29d45e47e 100644
--- a/policy/modules/contrib/inn.fc
+++ b/policy/modules/contrib/inn.fc
@@ -27,30 +27,30 @@
 /usr/lib/news/bin/ctlinnd	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/cvtbatch	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/expire	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/expireover --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/expireover	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/fastrm	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/filechan	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/getlist	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/grephistory --	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/inews	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/innconfval --	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/inndf	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/inndstart --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/grephistory	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/inews		--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/innconfval	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/inndf		--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/inndstart	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/innfeed	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/innxbatch --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/innxbatch	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/innxmit	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/makedbz	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/makehistory --	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/newsrequeue --	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/nnrpd	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/makehistory	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/newsrequeue	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/nnrpd		--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/nntpget	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/ovdb_recover --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/ovdb_recover	--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/overchan	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/prunehistory --	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/rnews	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/prunehistory	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/rnews		--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/shlock	--	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/shrinkfile --	gen_context(system_u:object_r:innd_exec_t,s0)
-/usr/lib/news/bin/startinnfeed --	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/shrinkfile	--	gen_context(system_u:object_r:innd_exec_t,s0)
+/usr/lib/news/bin/startinnfeed	--	gen_context(system_u:object_r:innd_exec_t,s0)
 
 /usr/lib/news/bin/innd 		--	gen_context(system_u:object_r:innd_exec_t,s0)
 /usr/lib/news/bin/sm		--	gen_context(system_u:object_r:innd_exec_t,s0)
diff --git a/policy/modules/contrib/inn.te b/policy/modules/contrib/inn.te
index 9fab1dc86..7311364a7 100644
--- a/policy/modules/contrib/inn.te
+++ b/policy/modules/contrib/inn.te
@@ -1,4 +1,4 @@
-policy_module(inn, 1.9.0)
+policy_module(inn, 1.10.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/java.fc b/policy/modules/contrib/java.fc
index 92c160664..0fbab3a6f 100644
--- a/policy/modules/contrib/java.fc
+++ b/policy/modules/contrib/java.fc
@@ -1,36 +1,36 @@
 #
 # /opt
 #
-/opt/(.*/)?bin/java[^/]* --	gen_context(system_u:object_r:java_exec_t,s0)
-/opt/ibm/java.*/(bin|javaws)(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
-/opt/local/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
-/opt/matlab.*/bin.*/MATLAB.* --	gen_context(system_u:object_r:java_exec_t,s0)
+/opt/(.*/)?bin/java[^/]*	--	gen_context(system_u:object_r:java_exec_t,s0)
+/opt/ibm/java.*/(bin|javaws)(/.*)? --	gen_context(system_u:object_r:java_exec_t,s0)
+/opt/local/matlab.*/bin.*/MATLAB.* --	gen_context(system_u:object_r:java_exec_t,s0)
+/opt/matlab.*/bin.*/MATLAB.*	--	gen_context(system_u:object_r:java_exec_t,s0)
 
 #
 # /usr
 #
-/usr/(.*/)?bin/java 	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/fastjar	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/frysk		--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/gappletviewer	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/gcj-dbtool	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/gij		--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/gjarsigner	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/gkeytool	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/grmic		--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/grmiregistry	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/jv-convert	--	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/bin/octave-[^/]*	--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/(.*/)?bin/java[^-]* 	--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/fastjar		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/frysk			--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/gappletviewer		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/gcj-dbtool		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/gij			--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/gjarsigner		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/gkeytool		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/grmic			--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/grmiregistry		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/jv-convert		--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/bin/octave-[^/]*		--	gen_context(system_u:object_r:java_exec_t,s0)
 
-/usr/lib(.*/)?bin/java[^/]* --	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/lib/eclipse/eclipse --	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/lib/jvm/java(.*/)bin(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0)
-/usr/lib/opera(/.*)?/opera --	gen_context(system_u:object_r:java_exec_t,s0)
-/usr/lib/opera(/.*)?/works --	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/lib/bin/java[^/]*	--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/lib/eclipse/eclipse	--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/lib/jvm/java(.*/)bin(/.*)?	--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/lib/opera(/.*)?/opera	--	gen_context(system_u:object_r:java_exec_t,s0)
+/usr/lib/opera(/.*)?/works	--	gen_context(system_u:object_r:java_exec_t,s0)
 
-/usr/local/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
+/usr/local/matlab.*/bin.*/MATLAB.* --	gen_context(system_u:object_r:java_exec_t,s0)
 
-/usr/matlab.*/bin.*/MATLAB.* -- gen_context(system_u:object_r:java_exec_t,s0)
+/usr/matlab.*/bin.*/MATLAB.*	--	gen_context(system_u:object_r:java_exec_t,s0)
 
 ifdef(`distro_redhat',`
 /usr/java/eclipse[^/]*/eclipse	--	gen_context(system_u:object_r:java_exec_t,s0)
diff --git a/policy/modules/contrib/java.te b/policy/modules/contrib/java.te
index 30687899e..f59610cae 100644
--- a/policy/modules/contrib/java.te
+++ b/policy/modules/contrib/java.te
@@ -1,4 +1,4 @@
-policy_module(java, 2.5.0)
+policy_module(java, 2.6.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/mailman.fc b/policy/modules/contrib/mailman.fc
index b0c5d98db..1083f9815 100644
--- a/policy/modules/contrib/mailman.fc
+++ b/policy/modules/contrib/mailman.fc
@@ -25,10 +25,10 @@ ifdef(`distro_debian', `
 ifdef(`distro_redhat', `
 /etc/mailman(/.*)?			gen_context(system_u:object_r:mailman_data_t,s0)
 
-/usr/lib/mailman/bin/qrunner --	gen_context(system_u:object_r:mailman_queue_exec_t,s0)
-/usr/lib/mailman/cgi-bin/.* --	gen_context(system_u:object_r:mailman_cgi_exec_t,s0)
-/usr/lib/mailman/mail/mailman --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
-/usr/lib/mailman/scripts/mailman -- gen_context(system_u:object_r:mailman_mail_exec_t,s0)
+/usr/lib/mailman/bin/qrunner	--	gen_context(system_u:object_r:mailman_queue_exec_t,s0)
+/usr/lib/mailman/cgi-bin/.*	--	gen_context(system_u:object_r:mailman_cgi_exec_t,s0)
+/usr/lib/mailman/mail/mailman	--	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
+/usr/lib/mailman/scripts/mailman --	gen_context(system_u:object_r:mailman_mail_exec_t,s0)
 
 /var/spool/mailman(/.*)?		gen_context(system_u:object_r:mailman_data_t,s0)
 ')
diff --git a/policy/modules/contrib/mailman.te b/policy/modules/contrib/mailman.te
index af4d5728a..80b69b93c 100644
--- a/policy/modules/contrib/mailman.te
+++ b/policy/modules/contrib/mailman.te
@@ -1,4 +1,4 @@
-policy_module(mailman, 1.8.0)
+policy_module(mailman, 1.9.0)
 
 ########################################
 #
@@ -125,4 +125,4 @@ optional_policy(`
 
 optional_policy(`
 	su_exec(mailman_queue_t)
-')
-\ No newline at end of file
+')
diff --git a/policy/modules/contrib/mozilla.te b/policy/modules/contrib/mozilla.te
index 5a9c4934f..4584438e5 100644
--- a/policy/modules/contrib/mozilla.te
+++ b/policy/modules/contrib/mozilla.te
@@ -1,4 +1,4 @@
-policy_module(mozilla, 2.5.0)
+policy_module(mozilla, 2.6.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/mta.fc b/policy/modules/contrib/mta.fc
index 8d468d624..afa18c8c8 100644
--- a/policy/modules/contrib/mta.fc
+++ b/policy/modules/contrib/mta.fc
@@ -11,10 +11,10 @@ ifdef(`distro_redhat',`
 /etc/postfix/aliases.*		gen_context(system_u:object_r:etc_aliases_t,s0)
 ')
 
-/usr/bin/esmtp			-- gen_context(system_u:object_r:sendmail_exec_t,s0)
+/usr/bin/esmtp		--	gen_context(system_u:object_r:sendmail_exec_t,s0)
 
 /usr/lib/sendmail	--	gen_context(system_u:object_r:sendmail_exec_t,s0)
-/usr/lib/courier/bin/sendmail	--	gen_context(system_u:object_r:sendmail_exec_t,s0)
+/usr/lib/courier/bin/sendmail -- gen_context(system_u:object_r:sendmail_exec_t,s0)
 
 /usr/sbin/rmail		--	gen_context(system_u:object_r:sendmail_exec_t,s0)
 /usr/sbin/sendmail\.postfix --	gen_context(system_u:object_r:sendmail_exec_t,s0)
diff --git a/policy/modules/contrib/mta.te b/policy/modules/contrib/mta.te
index 51be8ac7a..84a7d66c5 100644
--- a/policy/modules/contrib/mta.te
+++ b/policy/modules/contrib/mta.te
@@ -1,4 +1,4 @@
-policy_module(mta, 2.4.0)
+policy_module(mta, 2.5.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/nagios.fc b/policy/modules/contrib/nagios.fc
index c9ae2637d..1238f2ee8 100644
--- a/policy/modules/contrib/nagios.fc
+++ b/policy/modules/contrib/nagios.fc
@@ -6,7 +6,7 @@
 /usr/s?bin/nagios				--	gen_context(system_u:object_r:nagios_exec_t,s0)
 /usr/s?bin/nrpe					--	gen_context(system_u:object_r:nrpe_exec_t,s0)
 
-/usr/lib/cgi-bin/netsaint(/.*)?			gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
+/usr/lib/cgi-bin/netsaint(/.*)?				gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
 /usr/lib/nagios/cgi(/.*)?				gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
 
 /var/log/nagios(/.*)?					gen_context(system_u:object_r:nagios_log_t,s0)
@@ -19,70 +19,70 @@
 ifdef(`distro_debian',`
 /usr/sbin/nagios				--	gen_context(system_u:object_r:nagios_exec_t,s0)
 ')
-/usr/lib/cgi-bin/nagios(/.+)?			gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
-/usr/lib/nagios/cgi-bin(/.*)?			gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
+/usr/lib/cgi-bin/nagios(/.+)?				gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
+/usr/lib/nagios/cgi-bin(/.*)?				gen_context(system_u:object_r:httpd_nagios_script_exec_t,s0)
 
 # admin plugins
-/usr/lib/nagios/plugins/check_file_age	--	gen_context(system_u:object_r:nagios_admin_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_file_age		--	gen_context(system_u:object_r:nagios_admin_plugin_exec_t,s0)
 
 # check disk plugins
 /usr/lib/nagios/plugins/check_disk		--	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_disk_smb	--	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_ide_smart	--	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_disk_smb		--	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_ide_smart		--	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_linux_raid	--	gen_context(system_u:object_r:nagios_checkdisk_plugin_exec_t,s0)
 
 # mail plugins
-/usr/lib/nagios/plugins/check_mailq	--	gen_context(system_u:object_r:nagios_mail_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_mailq		--	gen_context(system_u:object_r:nagios_mail_plugin_exec_t,s0)
 
 # system plugins
-/usr/lib/nagios/plugins/check_breeze	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_dummy	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_flexlm	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_breeze		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_dummy		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_flexlm		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_ifoperstatus	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_ifstatus	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_ifstatus		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_load		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_log		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_mrtg		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_mrtgtraf	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_nagios	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_nwstat	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_overcr	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_procs	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_sensors	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_mrtgtraf		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_nagios		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_nwstat		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_overcr		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_procs		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_sensors		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_swap		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_users	--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_users		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_wave		--	gen_context(system_u:object_r:nagios_system_plugin_exec_t,s0)
 
 # services plugins
-/usr/lib/nagios/plugins/check_cluster	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_cluster		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_dhcp		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_dig		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_dns		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_game		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_fping	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_fping		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_hpjd		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_http		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_icmp		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_ircd		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_ldap		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_mysql	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_mysql		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_mysql_query 	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_nrpe		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_nt		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_ntp.*	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_oracle	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_pgsql	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_ntp.*		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_oracle		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_pgsql		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_ping		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_radius	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_radius		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_real		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_rpc		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_tcp		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_time		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_sip		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_smtp		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
-/usr/lib/nagios/plugins/check_snmp.*	--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_snmp.*		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_ssh		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 /usr/lib/nagios/plugins/check_ups		--	gen_context(system_u:object_r:nagios_services_plugin_exec_t,s0)
 
 # unconfined plugins
-/usr/lib/nagios/plugins/check_by_ssh	--	gen_context(system_u:object_r:nagios_unconfined_plugin_exec_t,s0)
+/usr/lib/nagios/plugins/check_by_ssh		--	gen_context(system_u:object_r:nagios_unconfined_plugin_exec_t,s0)
diff --git a/policy/modules/contrib/nagios.te b/policy/modules/contrib/nagios.te
index e3e005b09..c3e2a2dfd 100644
--- a/policy/modules/contrib/nagios.te
+++ b/policy/modules/contrib/nagios.te
@@ -1,4 +1,4 @@
-policy_module(nagios, 1.11.0)
+policy_module(nagios, 1.12.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/nessus.fc b/policy/modules/contrib/nessus.fc
index b94bb3b55..2f96bb9d3 100644
--- a/policy/modules/contrib/nessus.fc
+++ b/policy/modules/contrib/nessus.fc
@@ -1,7 +1,7 @@
 
 /etc/nessus/nessusd\.conf --	gen_context(system_u:object_r:nessusd_etc_t,s0)
 
-/usr/lib/nessus/plugins/.* -- gen_context(system_u:object_r:nessusd_exec_t,s0)
+/usr/lib/nessus/plugins/.* --	gen_context(system_u:object_r:nessusd_exec_t,s0)
 
 /usr/sbin/nessusd	--	gen_context(system_u:object_r:nessusd_exec_t,s0)
 
diff --git a/policy/modules/contrib/nessus.te b/policy/modules/contrib/nessus.te
index b16c38731..abf25dadf 100644
--- a/policy/modules/contrib/nessus.te
+++ b/policy/modules/contrib/nessus.te
@@ -1,4 +1,4 @@
-policy_module(nessus, 1.7.0)
+policy_module(nessus, 1.8.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/nis.te b/policy/modules/contrib/nis.te
index 4876caec4..f27899cdc 100644
--- a/policy/modules/contrib/nis.te
+++ b/policy/modules/contrib/nis.te
@@ -1,4 +1,4 @@
-policy_module(nis, 1.10.0)
+policy_module(nis, 1.11.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/nslcd.te b/policy/modules/contrib/nslcd.te
index 0d4a89245..01594c8be 100644
--- a/policy/modules/contrib/nslcd.te
+++ b/policy/modules/contrib/nslcd.te
@@ -1,4 +1,4 @@
-policy_module(nslcd, 1.2.0)
+policy_module(nslcd, 1.3.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/oddjob.te b/policy/modules/contrib/oddjob.te
index f0535b913..a17ba31b2 100644
--- a/policy/modules/contrib/oddjob.te
+++ b/policy/modules/contrib/oddjob.te
@@ -1,4 +1,4 @@
-policy_module(oddjob, 1.8.0)
+policy_module(oddjob, 1.9.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/portage.fc b/policy/modules/contrib/portage.fc
index 7e79dffa3..5f19b96ab 100644
--- a/policy/modules/contrib/portage.fc
+++ b/policy/modules/contrib/portage.fc
@@ -8,18 +8,18 @@
 /usr/bin/layman			--	gen_context(system_u:object_r:portage_fetch_exec_t,s0)
 /usr/bin/sandbox		--	gen_context(system_u:object_r:portage_exec_t,s0)
 
-/usr/lib/portage/bin/ebuild --	gen_context(system_u:object_r:portage_exec_t,s0)
-/usr/lib/portage/bin/emerge --	gen_context(system_u:object_r:portage_exec_t,s0)
+/usr/lib/portage/bin/ebuild	--	gen_context(system_u:object_r:portage_exec_t,s0)
+/usr/lib/portage/bin/emerge	--	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib/portage/bin/emerge-webrsync -- gen_context(system_u:object_r:portage_fetch_exec_t,s0)
-/usr/lib/portage/bin/quickpkg --	gen_context(system_u:object_r:portage_exec_t,s0)
+/usr/lib/portage/bin/quickpkg	--	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib/portage/bin/ebuild\.sh --	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib/portage/bin/regenworld --	gen_context(system_u:object_r:portage_exec_t,s0)
-/usr/lib/portage/bin/sandbox --	gen_context(system_u:object_r:portage_exec_t,s0)
+/usr/lib/portage/bin/sandbox	--	gen_context(system_u:object_r:portage_exec_t,s0)
 
 /usr/portage(/.*)?			gen_context(system_u:object_r:portage_ebuild_t,s0)
 /usr/portage/distfiles/cvs-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
-/usr/portage/distfiles/git-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
 /usr/portage/distfiles/egit-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
+/usr/portage/distfiles/git-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
 /usr/portage/distfiles/svn-src(/.*)?	gen_context(system_u:object_r:portage_srcrepo_t,s0)
 
 /var/db/pkg(/.*)?			gen_context(system_u:object_r:portage_db_t,s0)
diff --git a/policy/modules/contrib/portage.te b/policy/modules/contrib/portage.te
index 8b46f525c..21a76486b 100644
--- a/policy/modules/contrib/portage.te
+++ b/policy/modules/contrib/portage.te
@@ -1,4 +1,4 @@
-policy_module(portage, 1.12.0)
+policy_module(portage, 1.13.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/postfix.fc b/policy/modules/contrib/postfix.fc
index 58ea18bd2..90bf84e1e 100644
--- a/policy/modules/contrib/postfix.fc
+++ b/policy/modules/contrib/postfix.fc
@@ -16,19 +16,19 @@ ifdef(`distro_redhat', `
 /usr/libexec/postfix/pipe --	gen_context(system_u:object_r:postfix_pipe_exec_t,s0)
 /usr/libexec/postfix/virtual --	gen_context(system_u:object_r:postfix_virtual_exec_t,s0)
 ', `
-/usr/lib/postfix/.*	-- gen_context(system_u:object_r:postfix_exec_t,s0)
-/usr/lib/postfix/cleanup -- gen_context(system_u:object_r:postfix_cleanup_exec_t,s0)
-/usr/lib/postfix/local	-- gen_context(system_u:object_r:postfix_local_exec_t,s0)
-/usr/lib/postfix/master	-- gen_context(system_u:object_r:postfix_master_exec_t,s0)
-/usr/lib/postfix/pickup	-- gen_context(system_u:object_r:postfix_pickup_exec_t,s0)
-/usr/lib/postfix/(n)?qmgr -- gen_context(system_u:object_r:postfix_qmgr_exec_t,s0)
-/usr/lib/postfix/smtp	-- gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
-/usr/lib/postfix/lmtp	-- gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
-/usr/lib/postfix/scache	-- gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
-/usr/lib/postfix/smtpd	-- gen_context(system_u:object_r:postfix_smtpd_exec_t,s0)
-/usr/lib/postfix/bounce	-- gen_context(system_u:object_r:postfix_bounce_exec_t,s0)
-/usr/lib/postfix/pipe	-- gen_context(system_u:object_r:postfix_pipe_exec_t,s0)
-/usr/lib/postfix/virtual -- gen_context(system_u:object_r:postfix_virtual_exec_t,s0)
+/usr/lib/postfix/.*	--	gen_context(system_u:object_r:postfix_exec_t,s0)
+/usr/lib/postfix/cleanup --	gen_context(system_u:object_r:postfix_cleanup_exec_t,s0)
+/usr/lib/postfix/local	--	gen_context(system_u:object_r:postfix_local_exec_t,s0)
+/usr/lib/postfix/master	--	gen_context(system_u:object_r:postfix_master_exec_t,s0)
+/usr/lib/postfix/pickup	--	gen_context(system_u:object_r:postfix_pickup_exec_t,s0)
+/usr/lib/postfix/(n)?qmgr --	gen_context(system_u:object_r:postfix_qmgr_exec_t,s0)
+/usr/lib/postfix/smtp	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
+/usr/lib/postfix/lmtp	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
+/usr/lib/postfix/scache	--	gen_context(system_u:object_r:postfix_smtp_exec_t,s0)
+/usr/lib/postfix/smtpd	--	gen_context(system_u:object_r:postfix_smtpd_exec_t,s0)
+/usr/lib/postfix/bounce	--	gen_context(system_u:object_r:postfix_bounce_exec_t,s0)
+/usr/lib/postfix/pipe	--	gen_context(system_u:object_r:postfix_pipe_exec_t,s0)
+/usr/lib/postfix/virtual --	gen_context(system_u:object_r:postfix_virtual_exec_t,s0)
 ')
 /etc/postfix/postfix-script.* -- gen_context(system_u:object_r:postfix_exec_t,s0)
 /etc/postfix/prng_exch	--	gen_context(system_u:object_r:postfix_prng_t,s0)
@@ -44,7 +44,7 @@ ifdef(`distro_redhat', `
 
 /var/lib/postfix(/.*)?		gen_context(system_u:object_r:postfix_data_t,s0)
 
-/var/spool/postfix(/.*)?		gen_context(system_u:object_r:postfix_spool_t,s0)
+/var/spool/postfix(/.*)?	gen_context(system_u:object_r:postfix_spool_t,s0)
 /var/spool/postfix/maildrop(/.*)? gen_context(system_u:object_r:postfix_spool_maildrop_t,s0)
 /var/spool/postfix/pid(/.*)?	gen_context(system_u:object_r:postfix_var_run_t,s0)
 /var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0)
diff --git a/policy/modules/contrib/postfix.te b/policy/modules/contrib/postfix.te
index 499ea264f..1cc9b99f9 100644
--- a/policy/modules/contrib/postfix.te
+++ b/policy/modules/contrib/postfix.te
@@ -1,4 +1,4 @@
-policy_module(postfix, 1.13.0)
+policy_module(postfix, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/puppet.te b/policy/modules/contrib/puppet.te
index 647bbc620..042bec06c 100644
--- a/policy/modules/contrib/puppet.te
+++ b/policy/modules/contrib/puppet.te
@@ -1,4 +1,4 @@
-policy_module(puppet, 1.2.0)
+policy_module(puppet, 1.3.0)
 
 ########################################
 #
@@ -137,11 +137,6 @@ sysnet_use_ldap(puppet_t)
 
 usermanage_domtrans_passwd(puppet_t)
 
-tunable_policy(`gentoo_try_dontaudit',`
-	dontaudit puppet_t self:capability dac_read_search;
-	userdom_dontaudit_use_user_terminals(puppet_t)
-')
-
 tunable_policy(`puppet_manage_all_files',`
 	files_manage_non_auth_files(puppet_t)
 
@@ -149,7 +144,7 @@ tunable_policy(`puppet_manage_all_files',`
 	# seutil_relabelto_bin_policy which sets a "typeattribute type attr",
 	# which is not allowed within a tunable_policy.
 	# So, we duplicate the content of files_relabel_all_files except for
-	# the policy configuration stuff and hope users do that through Portage.
+	# the policy configuration stuff and hope users do that through Portage
 
 	gen_require(`
 		attribute file_type;
diff --git a/policy/modules/contrib/qemu.te b/policy/modules/contrib/qemu.te
index 44f407cec..aeae4f1ca 100644
--- a/policy/modules/contrib/qemu.te
+++ b/policy/modules/contrib/qemu.te
@@ -1,4 +1,4 @@
-policy_module(qemu, 1.6.0)
+policy_module(qemu, 1.7.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/raid.te b/policy/modules/contrib/raid.te
index 458d42eca..a8a12b7f5 100644
--- a/policy/modules/contrib/raid.te
+++ b/policy/modules/contrib/raid.te
@@ -1,4 +1,4 @@
-policy_module(raid, 1.11.0)
+policy_module(raid, 1.12.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/rgmanager.te b/policy/modules/contrib/rgmanager.te
index 37407763a..3786c4536 100644
--- a/policy/modules/contrib/rgmanager.te
+++ b/policy/modules/contrib/rgmanager.te
@@ -1,4 +1,4 @@
-policy_module(rgmanager, 1.1.0)
+policy_module(rgmanager, 1.2.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/rlogin.fc b/policy/modules/contrib/rlogin.fc
index 7d6d33237..2fae3f092 100644
--- a/policy/modules/contrib/rlogin.fc
+++ b/policy/modules/contrib/rlogin.fc
@@ -2,6 +2,6 @@ HOME_DIR/\.rlogin		--	gen_context(system_u:object_r:rlogind_home_t,s0)
 
 /usr/kerberos/sbin/klogind	--	gen_context(system_u:object_r:rlogind_exec_t,s0)
 
-/usr/lib/telnetlogin	--	gen_context(system_u:object_r:rlogind_exec_t,s0)
+/usr/lib/telnetlogin		--	gen_context(system_u:object_r:rlogind_exec_t,s0)
 
 /usr/sbin/in\.rlogind		--	gen_context(system_u:object_r:rlogind_exec_t,s0)
diff --git a/policy/modules/contrib/rlogin.te b/policy/modules/contrib/rlogin.te
index 779fa445f..16304ec9e 100644
--- a/policy/modules/contrib/rlogin.te
+++ b/policy/modules/contrib/rlogin.te
@@ -1,4 +1,4 @@
-policy_module(rlogin, 1.9.0)
+policy_module(rlogin, 1.10.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/rpc.te b/policy/modules/contrib/rpc.te
index 90d4a2c30..e131ce3c6 100644
--- a/policy/modules/contrib/rpc.te
+++ b/policy/modules/contrib/rpc.te
@@ -1,4 +1,4 @@
-policy_module(rpc, 1.13.0)
+policy_module(rpc, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/rpm.te b/policy/modules/contrib/rpm.te
index b70ad5fa4..60149a5bb 100644
--- a/policy/modules/contrib/rpm.te
+++ b/policy/modules/contrib/rpm.te
@@ -1,4 +1,4 @@
-policy_module(rpm, 1.14.0)
+policy_module(rpm, 1.15.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/rsync.te b/policy/modules/contrib/rsync.te
index 0ef3870d4..2834d86ed 100644
--- a/policy/modules/contrib/rsync.te
+++ b/policy/modules/contrib/rsync.te
@@ -1,4 +1,4 @@
-policy_module(rsync, 1.11.0)
+policy_module(rsync, 1.12.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/samba.te b/policy/modules/contrib/samba.te
index 05e2463b3..905883f20 100644
--- a/policy/modules/contrib/samba.te
+++ b/policy/modules/contrib/samba.te
@@ -1,4 +1,4 @@
-policy_module(samba, 1.14.0)
+policy_module(samba, 1.15.0)
 
 #################################
 #
diff --git a/policy/modules/contrib/snmp.te b/policy/modules/contrib/snmp.te
index 24d3033da..56f074ce6 100644
--- a/policy/modules/contrib/snmp.te
+++ b/policy/modules/contrib/snmp.te
@@ -1,4 +1,4 @@
-policy_module(snmp, 1.12.0)
+policy_module(snmp, 1.13.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/sosreport.te b/policy/modules/contrib/sosreport.te
index 5b653e302..c6079a5be 100644
--- a/policy/modules/contrib/sosreport.te
+++ b/policy/modules/contrib/sosreport.te
@@ -1,4 +1,4 @@
-policy_module(sosreport, 1.1.0)
+policy_module(sosreport, 1.2.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/squid.te b/policy/modules/contrib/squid.te
index 4b2230e78..c38de7a71 100644
--- a/policy/modules/contrib/squid.te
+++ b/policy/modules/contrib/squid.te
@@ -1,4 +1,4 @@
-policy_module(squid, 1.10.0)
+policy_module(squid, 1.11.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/sxid.te b/policy/modules/contrib/sxid.te
index 915467113..829630337 100644
--- a/policy/modules/contrib/sxid.te
+++ b/policy/modules/contrib/sxid.te
@@ -1,4 +1,4 @@
-policy_module(sxid, 1.6.0)
+policy_module(sxid, 1.7.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/sysstat.te b/policy/modules/contrib/sysstat.te
index 52f0d6c29..0ecd8a7eb 100644
--- a/policy/modules/contrib/sysstat.te
+++ b/policy/modules/contrib/sysstat.te
@@ -1,4 +1,4 @@
-policy_module(sysstat, 1.6.0)
+policy_module(sysstat, 1.7.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/telepathy.te b/policy/modules/contrib/telepathy.te
index 59809b7d3..964978bf3 100644
--- a/policy/modules/contrib/telepathy.te
+++ b/policy/modules/contrib/telepathy.te
@@ -1,4 +1,4 @@
-policy_module(telepathy, 1.2.0)
+policy_module(telepathy, 1.3.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/virt.te b/policy/modules/contrib/virt.te
index 910176764..947bbc6db 100644
--- a/policy/modules/contrib/virt.te
+++ b/policy/modules/contrib/virt.te
@@ -1,4 +1,4 @@
-policy_module(virt, 1.4.0)
+policy_module(virt, 1.5.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/vmware.te b/policy/modules/contrib/vmware.te
index fed680801..7d334c4eb 100644
--- a/policy/modules/contrib/vmware.te
+++ b/policy/modules/contrib/vmware.te
@@ -1,4 +1,4 @@
-policy_module(vmware, 2.5.0)
+policy_module(vmware, 2.6.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/xen.te b/policy/modules/contrib/xen.te
index c4d18e894..07033bb47 100644
--- a/policy/modules/contrib/xen.te
+++ b/policy/modules/contrib/xen.te
@@ -1,4 +1,4 @@
-policy_module(xen, 1.11.0)
+policy_module(xen, 1.12.0)
 
 ########################################
 #
diff --git a/policy/modules/contrib/zarafa.te b/policy/modules/contrib/zarafa.te
index 1a7d9bf30..91267bc37 100644
--- a/policy/modules/contrib/zarafa.te
+++ b/policy/modules/contrib/zarafa.te
@@ -1,4 +1,4 @@
-policy_module(zarafa, 1.0.0)
+policy_module(zarafa, 1.1.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index 4fc5a9cbc..1dd042727 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.16.0)
+policy_module(corecommands, 1.17.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index 46fb51145..a5276af2a 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
 # This is a generated file!  Instead of modifying this file, the
 # corenetwork.te.in or corenetwork.te.m4 file should be modified.
 #
-policy_module(corenetwork, 1.17.0)
+policy_module(corenetwork, 1.18.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index e50dfedcd..1b812ebae 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.17.0)
+policy_module(corenetwork, 1.18.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 74894d7e8..06eda45d8 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.13.1)
+policy_module(devices, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index a587e8774..52ef84e78 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.16.0)
+policy_module(files, 1.17.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index f1ab8c6d2..376bae874 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.15.1)
+policy_module(filesystem, 1.16.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 1fd114e55..8d29e0a9f 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.15.0)
+policy_module(kernel, 1.16.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 9c0628d90..f846a096e 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -1,4 +1,4 @@
-policy_module(selinux, 1.11.0)
+policy_module(selinux, 1.12.0)
 
 ########################################
 #
diff --git a/policy/modules/kernel/storage.te b/policy/modules/kernel/storage.te
index bb1554d4b..156c33310 100644
--- a/policy/modules/kernel/storage.te
+++ b/policy/modules/kernel/storage.te
@@ -1,4 +1,4 @@
-policy_module(storage, 1.10.0)
+policy_module(storage, 1.11.0)
 
 ########################################
 #
diff --git a/policy/modules/roles/secadm.te b/policy/modules/roles/secadm.te
index 63f22d561..da111206f 100644
--- a/policy/modules/roles/secadm.te
+++ b/policy/modules/roles/secadm.te
@@ -1,4 +1,4 @@
-policy_module(secadm, 2.3.0)
+policy_module(secadm, 2.4.0)
 
 ########################################
 #
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index 317e327b7..420283221 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -1,4 +1,4 @@
-policy_module(sysadm, 2.4.0)
+policy_module(sysadm, 2.5.0)
 
 ########################################
 #
diff --git a/policy/modules/services/postgresql.te b/policy/modules/services/postgresql.te
index 185559593..c8356ae75 100644
--- a/policy/modules/services/postgresql.te
+++ b/policy/modules/services/postgresql.te
@@ -1,4 +1,4 @@
-policy_module(postgresql, 1.14.0)
+policy_module(postgresql, 1.15.0)
 
 gen_require(`
 	class db_database all_db_database_perms;
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index ce12f7f52..55899bb73 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -1,4 +1,4 @@
-policy_module(xserver, 3.7.0)
+policy_module(xserver, 3.8.0)
 
 gen_require(`
 	class x_drawable all_x_drawable_perms;
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index 312da5d9c..60ae70169 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -1,4 +1,4 @@
-policy_module(authlogin, 2.3.0)
+policy_module(authlogin, 2.4.0)
 
 ########################################
 #
diff --git a/policy/modules/system/hostname.te b/policy/modules/system/hostname.te
index 5307361c4..f6cbda923 100644
--- a/policy/modules/system/hostname.te
+++ b/policy/modules/system/hostname.te
@@ -1,4 +1,4 @@
-policy_module(hostname, 1.7.0)
+policy_module(hostname, 1.8.0)
 
 ########################################
 #
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 6b56b57f8..47bb8c5f5 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -1,4 +1,4 @@
-policy_module(init, 1.18.0)
+policy_module(init, 1.19.0)
 
 gen_require(`
 	class passwd rootok;
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
index 21b8a8cc8..a30840c32 100644
--- a/policy/modules/system/ipsec.te
+++ b/policy/modules/system/ipsec.te
@@ -1,4 +1,4 @@
-policy_module(ipsec, 1.12.0)
+policy_module(ipsec, 1.13.0)
 
 ########################################
 #
diff --git a/policy/modules/system/libraries.te b/policy/modules/system/libraries.te
index 5a16f990e..ad0188377 100644
--- a/policy/modules/system/libraries.te
+++ b/policy/modules/system/libraries.te
@@ -1,4 +1,4 @@
-policy_module(libraries, 2.8.0)
+policy_module(libraries, 2.9.0)
 
 ########################################
 #
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 7674d4bd0..eb9ce35d5 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -1,4 +1,4 @@
-policy_module(logging, 1.18.0)
+policy_module(logging, 1.19.0)
 
 ########################################
 #
diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
index 44b78441b..61c219df8 100644
--- a/policy/modules/system/lvm.te
+++ b/policy/modules/system/lvm.te
@@ -1,4 +1,4 @@
-policy_module(lvm, 1.13.0)
+policy_module(lvm, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/system/miscfiles.te b/policy/modules/system/miscfiles.te
index fab61bc3b..fa633c4ac 100644
--- a/policy/modules/system/miscfiles.te
+++ b/policy/modules/system/miscfiles.te
@@ -1,4 +1,4 @@
-policy_module(miscfiles, 1.9.0)
+policy_module(miscfiles, 1.10.0)
 
 ########################################
 #
diff --git a/policy/modules/system/modutils.te b/policy/modules/system/modutils.te
index 78137a56a..966893e19 100644
--- a/policy/modules/system/modutils.te
+++ b/policy/modules/system/modutils.te
@@ -1,4 +1,4 @@
-policy_module(modutils, 1.12.0)
+policy_module(modutils, 1.13.0)
 
 ########################################
 #
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
index ab4130731..36f33d3f7 100644
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@@ -1,4 +1,4 @@
-policy_module(mount, 1.14.0)
+policy_module(mount, 1.15.0)
 
 ########################################
 #
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index c489ed5df..a43062eea 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -1,4 +1,4 @@
-policy_module(selinuxutil, 1.16.0)
+policy_module(selinuxutil, 1.17.0)
 
 gen_require(`
 	bool secure_mode;
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index db76550e0..8464a4d1c 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -1,4 +1,4 @@
-policy_module(sysnetwork, 1.13.0)
+policy_module(sysnetwork, 1.14.0)
 
 ########################################
 #
diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index ce479f289..b4fbfef7e 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -1,4 +1,4 @@
-policy_module(udev, 1.14.0)
+policy_module(udev, 1.15.0)
 
 ########################################
 #
diff --git a/policy/modules/system/unconfined.te b/policy/modules/system/unconfined.te
index 1167b7392..e7ea6c4d4 100644
--- a/policy/modules/system/unconfined.te
+++ b/policy/modules/system/unconfined.te
@@ -1,4 +1,4 @@
-policy_module(unconfined, 3.4.0)
+policy_module(unconfined, 3.5.0)
 
 ########################################
 #
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
index f85814462..6a4bd852f 100644
--- a/policy/modules/system/userdomain.te
+++ b/policy/modules/system/userdomain.te
@@ -1,4 +1,4 @@
-policy_module(userdomain, 4.7.0)
+policy_module(userdomain, 4.8.0)
 
 ########################################
 #
author	Sven Vermeulen <sven.vermeulen@siphos.be>	2012-07-26 22:12:22 +0200
committer	Sven Vermeulen <sven.vermeulen@siphos.be>	2012-07-26 22:12:22 +0200
commit	94d2d2ba011723b7ad8a113f0a25277741780ba3 (patch)
tree	c268ef47fb8bb8f06f31c45660fa60e38767a7c4 /policy/modules
parent	Adding cert_home type declaration (diff)
download	hardened-refpolicy-94d2d2ba011723b7ad8a113f0a25277741780ba3.tar.gz hardened-refpolicy-94d2d2ba011723b7ad8a113f0a25277741780ba3.tar.bz2 hardened-refpolicy-94d2d2ba011723b7ad8a113f0a25277741780ba3.zip