- Allow abrt to manage mock build environments to catch build problems.
    - Allow virt_domains to setsched for running gdb on itself
    - Allow pulseaudio running as mozilla_plugin_t to read /run/systemd/users/1000
    - Allow cups_t to read inhered tmpfs_t from the kernel
    - Allow openshift_cron_t to look at quota
    - Allow cgred to send signal perms to itself, needs back port to RHEL6
    - Allow certwatch to execut /usr/bin/httpd
    - Allow yppasswdd to use NIS
    - Tuned wants sys_rawio capability
    - Allow thumb_t to execute user home content
    - Allow s-c-kdump to connect to syslogd
    - Allow condor domains block_suspend and dac_override caps
    - Allow condor_master to read passd
    - Allow condor_master to read system state
    - Allow mount to write keys for the unconfined domain
    - Add unconfined_write_keys() interface
    - Add labeling for /usr/share/pki
    - Add additional ports as mongod_port_t for  27018, 27019, 28017, 28018 and 28019 ports
    - Allow commands that are going to read mount pid files to search mount_var_run_t