diff --git a/policy-20070501.patch b/policy-20070501.patch
index 655cd38..2fdf795 100644
--- a/policy-20070501.patch
+++ b/policy-20070501.patch
@@ -3020,7 +3020,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-2.6.4/policy/modules/services/apache.te
--- nsaserefpolicy/policy/modules/services/apache.te 2007-05-07 14:51:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/apache.te 2007-07-31 16:50:17.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/apache.te 2007-08-01 16:31:44.000000000 -0400
@@ -1,5 +1,5 @@
-policy_module(apache,1.6.0)
@@ -3349,7 +3349,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
')
########################################
-@@ -784,7 +890,25 @@
+@@ -784,7 +890,26 @@
miscfiles_read_localization(httpd_rotatelogs_t)
@@ -3374,6 +3374,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
+
+optional_policy(`
+ dbus_system_bus_client_template(httpd,httpd_t)
++ dbus_send_system_bus(httpd_t)
+ tunable_policy(`allow_httpd_dbus_avahi',`
+ avahi_dbus_chat(httpd_t)
+ ')
@@ -3670,10 +3671,45 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/bind
corenet_sendrecv_rndc_client_packets(ndc_t)
fs_getattr_xattr_fs(ndc_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.fc serefpolicy-2.6.4/policy/modules/services/clamav.fc
+--- nsaserefpolicy/policy/modules/services/clamav.fc 2007-05-07 14:51:01.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/clamav.fc 2007-08-01 11:30:20.000000000 -0400
+@@ -9,6 +9,8 @@
+
+ /var/run/amavis(d)?/clamd\.pid -- gen_context(system_u:object_r:clamd_var_run_t,s0)
+ /var/run/clamav(/.*)? gen_context(system_u:object_r:clamd_var_run_t,s0)
++/var/run/clamd\..* gen_context(system_u:object_r:clamd_var_run_t,s0)
++/var/run/clamav\..* gen_context(system_u:object_r:clamd_var_run_t,s0)
+ /var/lib/clamav(/.*)? gen_context(system_u:object_r:clamd_var_lib_t,s0)
+ /var/log/clamav -d gen_context(system_u:object_r:clamd_var_log_t,s0)
+ /var/log/clamav/clamav.* -- gen_context(system_u:object_r:clamd_var_log_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.te serefpolicy-2.6.4/policy/modules/services/clamav.te
--- nsaserefpolicy/policy/modules/services/clamav.te 2007-05-07 14:50:57.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/clamav.te 2007-07-31 16:39:53.000000000 -0400
-@@ -126,6 +126,7 @@
++++ serefpolicy-2.6.4/policy/modules/services/clamav.te 2007-08-01 11:29:40.000000000 -0400
+@@ -74,17 +74,19 @@
+ manage_files_pattern(clamd_t,clamd_var_lib_t,clamd_var_lib_t)
+
+ # log files
+-allow clamd_t clamd_var_log_t:dir setattr;
++manage_dirs_pattern(clamd_t,clamd_var_log_t,clamd_var_log_t)
+ manage_files_pattern(clamd_t,clamd_var_log_t,clamd_var_log_t)
+-logging_log_filetrans(clamd_t,clamd_var_log_t,file)
++logging_log_filetrans(clamd_t,clamd_var_log_t,{ dir file })
+
+ # pid file
++manage_dirs_pattern(clamd_t,clamd_var_log_t,clamd_var_log_t)
+ manage_files_pattern(clamd_t,clamd_var_run_t,clamd_var_run_t)
+ manage_sock_files_pattern(clamd_t,clamd_var_run_t,clamd_var_run_t)
+-files_pid_filetrans(clamd_t,clamd_var_run_t,file)
++files_pid_filetrans(clamd_t,clamd_var_run_t,{ file dir })
+
+ kernel_dontaudit_list_proc(clamd_t)
+ kernel_read_sysctl(clamd_t)
++kernel_read_kernel_sysctls(clamd_t)
+
+ corenet_non_ipsec_sendrecv(clamd_t)
+ corenet_tcp_sendrecv_all_if(clamd_t)
+@@ -126,6 +128,7 @@
amavis_read_lib_files(clamd_t)
amavis_read_spool_files(clamd_t)
amavis_spool_filetrans(clamd_t,clamd_var_run_t,sock_file)
@@ -3681,7 +3717,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
')
########################################
-@@ -213,6 +214,9 @@
+@@ -213,6 +216,9 @@
read_files_pattern(clamscan_t,clamd_var_lib_t,clamd_var_lib_t)
allow clamscan_t clamd_var_lib_t:dir list_dir_perms;
@@ -3691,7 +3727,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
kernel_read_kernel_sysctls(clamscan_t)
files_read_etc_files(clamscan_t)
-@@ -228,5 +232,13 @@
+@@ -228,5 +234,13 @@
clamav_stream_connect(clamscan_t)
optional_policy(`
@@ -4314,7 +4350,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cyru
optional_policy(`
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-2.6.4/policy/modules/services/dbus.if
--- nsaserefpolicy/policy/modules/services/dbus.if 2007-05-07 14:50:57.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/dbus.if 2007-07-31 16:39:53.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/dbus.if 2007-08-01 16:31:15.000000000 -0400
@@ -49,6 +49,12 @@
##
#
@@ -5426,6 +5462,20 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.
cron_dontaudit_write_pipes(system_mail_t)
')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.fc serefpolicy-2.6.4/policy/modules/services/nagios.fc
+--- nsaserefpolicy/policy/modules/services/nagios.fc 2007-05-07 14:51:01.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/services/nagios.fc 2007-08-01 16:25:39.000000000 -0400
+@@ -4,8 +4,8 @@
+ /usr/bin/nagios -- gen_context(system_u:object_r:nagios_exec_t,s0)
+ /usr/bin/nrpe -- gen_context(system_u:object_r:nrpe_exec_t,s0)
+
+-/usr/lib(64)?/cgi-bin/netsaint/.+ -- gen_context(system_u:object_r:nagios_cgi_exec_t,s0)
+-/usr/lib(64)?/nagios/cgi/.+ -- gen_context(system_u:object_r:nagios_cgi_exec_t,s0)
++/usr/lib(64)?/cgi-bin/netsaint(/.*)? gen_context(system_u:object_r:nagios_cgi_exec_t,s0)
++/usr/lib(64)?/nagios/cgi(/.*)? gen_context(system_u:object_r:nagios_cgi_exec_t,s0)
+
+ /var/log/nagios(/.*)? gen_context(system_u:object_r:nagios_log_t,s0)
+ /var/log/netsaint(/.*)? gen_context(system_u:object_r:nagios_log_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/nagios.te serefpolicy-2.6.4/policy/modules/services/nagios.te
--- nsaserefpolicy/policy/modules/services/nagios.te 2007-05-07 14:51:01.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/services/nagios.te 2007-07-31 16:39:53.000000000 -0400
@@ -6808,8 +6858,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
fs_search_auto_mountpoints($1_t)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-2.6.4/policy/modules/services/rpc.te
--- nsaserefpolicy/policy/modules/services/rpc.te 2007-05-07 14:51:01.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/services/rpc.te 2007-07-31 16:39:53.000000000 -0400
-@@ -59,10 +59,13 @@
++++ serefpolicy-2.6.4/policy/modules/services/rpc.te 2007-08-01 13:05:59.000000000 -0400
+@@ -59,10 +59,14 @@
manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t)
files_pid_filetrans(rpcd_t,rpcd_var_run_t,file)
@@ -6819,11 +6869,12 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
kernel_search_network_state(rpcd_t)
# for rpc.rquotad
kernel_read_sysctl(rpcd_t)
++kernel_read_fs_sysctls(rpcd_t)
+kernel_getattr_core_if(nfsd_t)
fs_list_rpc(rpcd_t)
fs_read_rpc_files(rpcd_t)
-@@ -79,6 +82,7 @@
+@@ -79,6 +83,7 @@
optional_policy(`
nis_read_ypserv_config(rpcd_t)
@@ -6831,7 +6882,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
')
########################################
-@@ -91,9 +95,13 @@
+@@ -91,9 +96,13 @@
allow nfsd_t exports_t:file { getattr read };
allow nfsd_t { nfsd_rw_t nfsd_ro_t }:dir list_dir_perms;
@@ -6845,7 +6896,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
corenet_tcp_bind_all_rpc_ports(nfsd_t)
corenet_udp_bind_all_rpc_ports(nfsd_t)
-@@ -123,6 +131,7 @@
+@@ -123,6 +132,7 @@
tunable_policy(`nfs_export_all_rw',`
fs_read_noxattr_fs_files(nfsd_t)
auth_manage_all_files_except_shadow(nfsd_t)
@@ -9686,13 +9737,12 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/moduti
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.fc serefpolicy-2.6.4/policy/modules/system/mount.fc
--- nsaserefpolicy/policy/modules/system/mount.fc 2007-05-07 14:51:02.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/system/mount.fc 2007-07-31 16:39:53.000000000 -0400
-@@ -1,4 +1,3 @@
++++ serefpolicy-2.6.4/policy/modules/system/mount.fc 2007-08-01 16:38:21.000000000 -0400
+@@ -1,4 +1,2 @@
/bin/mount.* -- gen_context(system_u:object_r:mount_exec_t,s0)
/bin/umount.* -- gen_context(system_u:object_r:mount_exec_t,s0)
-
-/usr/bin/fusermount -- gen_context(system_u:object_r:mount_exec_t,s0)
-+/sbin/mount.ntfs-3g -- gen_context(system_u:object_r:mount_ntfs_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.if serefpolicy-2.6.4/policy/modules/system/mount.if
--- nsaserefpolicy/policy/modules/system/mount.if 2007-05-07 14:51:02.000000000 -0400
+++ serefpolicy-2.6.4/policy/modules/system/mount.if 2007-07-31 16:39:53.000000000 -0400
@@ -9739,7 +9789,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-2.6.4/policy/modules/system/mount.te
--- nsaserefpolicy/policy/modules/system/mount.te 2007-05-07 14:51:02.000000000 -0400
-+++ serefpolicy-2.6.4/policy/modules/system/mount.te 2007-07-31 16:39:53.000000000 -0400
++++ serefpolicy-2.6.4/policy/modules/system/mount.te 2007-08-01 16:40:38.000000000 -0400
@@ -9,6 +9,13 @@
ifdef(`targeted_policy',`
##