diff --git a/policy-20070703.patch b/policy-20070703.patch
index faf6e45..6123c15 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -6893,7 +6893,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amav
  dev_read_rand(amavis_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.fc serefpolicy-3.0.8/policy/modules/services/apache.fc
 --- nsaserefpolicy/policy/modules/services/apache.fc	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/apache.fc	2008-06-12 23:37:58.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/apache.fc	2008-08-26 20:36:50.000000000 -0400
 @@ -3,12 +3,13 @@
  /etc/apache(2)?(/.*)?			gen_context(system_u:object_r:httpd_config_t,s0)
  /etc/apache-ssl(2)?(/.*)?		gen_context(system_u:object_r:httpd_config_t,s0)
@@ -6955,12 +6955,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
  ifdef(`distro_debian', `
  /var/log/horde2(/.*)?			gen_context(system_u:object_r:httpd_log_t,s0)
  ')
-@@ -65,11 +71,24 @@
+@@ -65,11 +71,23 @@
  /var/run/apache.*			gen_context(system_u:object_r:httpd_var_run_t,s0)
  /var/run/gcache_port		-s	gen_context(system_u:object_r:httpd_var_run_t,s0)
  /var/run/httpd.*			gen_context(system_u:object_r:httpd_var_run_t,s0)
 +/var/run/lighttpd(/.*)?			gen_context(system_u:object_r:httpd_var_run_t,s0)
-+/var/run/mod_fcgid(/.*)?		gen_context(system_u:object_r:httpd_var_run_t,s0)
  
  /var/spool/gosa(/.*)?			gen_context(system_u:object_r:httpd_sys_script_rw_t,s0)
  /var/spool/squirrelmail(/.*)?		gen_context(system_u:object_r:squirrelmail_spool_t,s0)
@@ -9205,7 +9204,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron
 -') dnl end TODO
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.fc serefpolicy-3.0.8/policy/modules/services/cups.fc
 --- nsaserefpolicy/policy/modules/services/cups.fc	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/cups.fc	2008-07-30 11:33:25.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/cups.fc	2008-09-08 11:56:44.000000000 -0400
 @@ -8,24 +8,28 @@
  /etc/cups/ppd/.*	--	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
  /etc/cups/ppds\.dat	--	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
@@ -9249,7 +9248,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  /var/cache/alchemist/printconf.* gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
  /var/cache/foomatic(/.*)? 	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
-@@ -51,4 +55,8 @@
+@@ -46,9 +50,14 @@
+ /var/log/turboprint_cups\.log.* -- gen_context(system_u:object_r:cupsd_log_t,s0)
+ 
+ /var/run/cups(/.*)?		gen_context(system_u:object_r:cupsd_var_run_t,s0)
++/var/ccpd(/.*)?			gen_context(system_u:object_r:cupsd_var_run_t,s0)
+ /var/run/hp.*\.pid	--	gen_context(system_u:object_r:hplip_var_run_t,s0)
+ /var/run/hp.*\.port	--	gen_context(system_u:object_r:hplip_var_run_t,s0)
  /var/run/ptal-printd(/.*)?	gen_context(system_u:object_r:ptal_var_run_t,s0)
  /var/run/ptal-mlcd(/.*)?	gen_context(system_u:object_r:ptal_var_run_t,s0)
  
@@ -9269,7 +9274,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.0.8/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/cups.te	2008-06-12 23:37:58.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/cups.te	2008-09-08 11:56:57.000000000 -0400
 @@ -48,9 +48,8 @@
  type hplip_t;
  type hplip_exec_t;
@@ -9309,8 +9314,11 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  allow cupsd_t cupsd_exec_t:lnk_file read;
  
  manage_files_pattern(cupsd_t,cupsd_log_t,cupsd_log_t)
-@@ -122,13 +121,14 @@
+@@ -120,15 +119,17 @@
+ allow cupsd_t cupsd_var_run_t:dir setattr;
+ manage_files_pattern(cupsd_t,cupsd_var_run_t,cupsd_var_run_t)
  manage_sock_files_pattern(cupsd_t,cupsd_var_run_t,cupsd_var_run_t)
++manage_fifo_files_pattern(cupsd_t,cupsd_var_run_t,cupsd_var_run_t)
  files_pid_filetrans(cupsd_t,cupsd_var_run_t,file)
  
 -read_files_pattern(cupsd_t,hplip_etc_t,hplip_etc_t)
@@ -9326,7 +9334,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  kernel_read_system_state(cupsd_t)
  kernel_read_network_state(cupsd_t)
  kernel_read_all_sysctls(cupsd_t)
-@@ -150,21 +150,27 @@
+@@ -150,21 +151,27 @@
  corenet_tcp_bind_reserved_port(cupsd_t)
  corenet_dontaudit_tcp_bind_all_reserved_ports(cupsd_t)
  corenet_tcp_connect_all_ports(cupsd_t)
@@ -9355,7 +9363,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  mls_file_downgrade(cupsd_t)
  mls_file_write_all_levels(cupsd_t)
  mls_file_read_all_levels(cupsd_t)
-@@ -174,6 +180,7 @@
+@@ -174,6 +181,7 @@
  term_search_ptys(cupsd_t)
  
  auth_domtrans_chk_passwd(cupsd_t)
@@ -9363,7 +9371,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  auth_dontaudit_read_pam_pid(cupsd_t)
  
  # Filter scripts may be shell scripts, and may invoke progs like /bin/mktemp
-@@ -187,7 +194,7 @@
+@@ -187,7 +195,7 @@
  # read python modules
  files_read_usr_files(cupsd_t)
  # for /var/lib/defoma
@@ -9372,7 +9380,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  files_list_world_readable(cupsd_t)
  files_read_world_readable_files(cupsd_t)
  files_read_world_readable_symlinks(cupsd_t)
-@@ -196,12 +203,9 @@
+@@ -196,12 +204,9 @@
  files_read_var_symlinks(cupsd_t)
  # for /etc/printcap
  files_dontaudit_write_etc_files(cupsd_t)
@@ -9386,7 +9394,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  init_exec_script_files(cupsd_t)
  
-@@ -220,18 +224,41 @@
+@@ -220,18 +225,41 @@
  seutil_read_config(cupsd_t)
  
  sysnet_read_config(cupsd_t)
@@ -9428,7 +9436,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  	apm_domtrans_client(cupsd_t)
  ')
  
-@@ -263,16 +290,16 @@
+@@ -263,16 +291,16 @@
  ')
  
  optional_policy(`
@@ -9449,7 +9457,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  	seutil_sigchld_newrole(cupsd_t)
  ')
  
-@@ -331,6 +358,7 @@
+@@ -331,6 +359,7 @@
  dev_read_sysfs(cupsd_config_t)
  dev_read_urand(cupsd_config_t)
  dev_read_rand(cupsd_config_t)
@@ -9457,7 +9465,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  fs_getattr_all_fs(cupsd_config_t)
  fs_search_auto_mountpoints(cupsd_config_t)
-@@ -356,6 +384,7 @@
+@@ -356,6 +385,7 @@
  logging_send_syslog_msg(cupsd_config_t)
  
  miscfiles_read_localization(cupsd_config_t)
@@ -9465,7 +9473,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  seutil_dontaudit_search_config(cupsd_config_t)
  
-@@ -377,6 +406,14 @@
+@@ -377,6 +407,14 @@
  ')
  
  optional_policy(`
@@ -9480,7 +9488,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  	cron_system_entry(cupsd_config_t, cupsd_config_exec_t)
  ')
  
-@@ -393,6 +430,7 @@
+@@ -393,6 +431,7 @@
  optional_policy(`
  	hal_domtrans(cupsd_config_t)
  	hal_read_tmp_files(cupsd_config_t)
@@ -9488,7 +9496,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  ')
  
  optional_policy(`
-@@ -482,6 +520,8 @@
+@@ -482,6 +521,8 @@
  
  files_read_etc_files(cupsd_lpd_t)
  
@@ -9497,7 +9505,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  libs_use_ld_so(cupsd_lpd_t)
  libs_use_shared_libs(cupsd_lpd_t)
  
-@@ -489,22 +529,12 @@
+@@ -489,22 +530,12 @@
  
  miscfiles_read_localization(cupsd_lpd_t)
  
@@ -9520,7 +9528,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  ########################################
  #
  # HPLIP local policy
-@@ -522,14 +552,12 @@
+@@ -522,14 +553,12 @@
  allow hplip_t self:udp_socket create_socket_perms;
  allow hplip_t self:rawip_socket create_socket_perms;
  
@@ -9539,7 +9547,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  manage_files_pattern(hplip_t,hplip_var_run_t,hplip_var_run_t)
  files_pid_filetrans(hplip_t,hplip_var_run_t,file)
-@@ -560,7 +588,7 @@
+@@ -560,7 +589,7 @@
  dev_read_urand(hplip_t)
  dev_read_rand(hplip_t)
  dev_rw_generic_usb_dev(hplip_t)
@@ -9548,7 +9556,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  fs_getattr_all_fs(hplip_t)
  fs_search_auto_mountpoints(hplip_t)
-@@ -587,7 +615,7 @@
+@@ -587,7 +616,7 @@
  userdom_dontaudit_search_sysadm_home_dirs(hplip_t)
  userdom_dontaudit_search_all_users_home_content(hplip_t)
  
@@ -9557,7 +9565,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  
  optional_policy(`
  	seutil_sigchld_newrole(hplip_t)
-@@ -668,3 +696,15 @@
+@@ -668,3 +697,15 @@
  optional_policy(`
  	udev_read_db(ptal_t)
  ')
@@ -11826,7 +11834,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail
  ## <param name="domain">
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mailman.te serefpolicy-3.0.8/policy/modules/services/mailman.te
 --- nsaserefpolicy/policy/modules/services/mailman.te	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/mailman.te	2008-06-12 23:37:58.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/mailman.te	2008-08-28 09:25:27.000000000 -0400
 @@ -55,6 +55,8 @@
  	apache_use_fds(mailman_cgi_t)
  	apache_dontaudit_append_log(mailman_cgi_t)
@@ -11840,7 +11848,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail
  #
  
  allow mailman_mail_t self:unix_dgram_socket create_socket_perms;
-+allow mailman_mail_t self:process signal;
++allow mailman_mail_t self:process { signal signull };
 +allow mailman_mail_t initrc_t:process signal;
 +allow mailman_mail_t self:capability { setuid setgid };
 +
@@ -19381,7 +19389,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.0.8/policy/modules/system/authlogin.te
 --- nsaserefpolicy/policy/modules/system/authlogin.te	2008-06-12 23:37:57.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.te	2008-07-24 06:57:59.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.te	2008-08-29 12:42:00.000000000 -0400
 @@ -1,4 +1,4 @@
 -
 +	
@@ -19453,7 +19461,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +userdom_write_unpriv_users_tmp_files(pam_t)
 +userdom_unlink_unpriv_users_tmp_files(pam_t)
 +userdom_dontaudit_read_unpriv_users_home_content_files(pam_t)
-+userdom_dontaudit_write_user_home_content_files(user, pam_t)
++userdom_dontaudit_write_unpriv_user_home_content_files(pam_t)
 +userdom_append_unpriv_users_home_content_files(pam_t)
 +userdom_dontaudit_read_user_tmp_files(user, pam_t)
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index b9d64a6..ddbfc26 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 114%{?dist}
+Release: 115%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -381,6 +381,9 @@ exit 0
 %endif
 
 %changelog
+* Tue Aug 26 2008 Dan Walsh <dwalsh@redhat.com> 3.0.8-115
+- Remove definition for /var/run/mod_fcgid(/.*)?	
+
 * Tue Aug 12 2008 Dan Walsh <dwalsh@redhat.com> 3.0.8-114
 - Allow bluetooth to read hwdate