diff --git a/policy-20071130.patch b/policy-20071130.patch
index 33a064c..9c49c31 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -6003,7 +6003,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cvs.
 -')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.if serefpolicy-3.2.5/policy/modules/services/dbus.if
 --- nsaserefpolicy/policy/modules/services/dbus.if	2007-12-04 11:02:50.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/services/dbus.if	2007-12-19 05:38:09.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/dbus.if	2007-12-21 02:47:15.000000000 -0500
 @@ -91,7 +91,7 @@
  	# SE-DBus specific permissions
  	allow $1_dbusd_$1_t { $1_dbusd_t self }:dbus send_msg;
@@ -6043,13 +6043,39 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
  
  	read_files_pattern($2, system_dbusd_var_lib_t, system_dbusd_var_lib_t)
  	files_search_var_lib($2)
-@@ -366,3 +367,35 @@
+@@ -263,6 +264,7 @@
+ 
+ 	# For connecting to the bus
+ 	allow $3 $1_dbusd_t:unix_stream_socket connectto;
++	allow dbusd_unconfined $1_dbusd_t:dbus *;
+ ')
+ 
+ ########################################
+@@ -366,3 +368,53 @@
  
  	allow $1 system_dbusd_t:dbus *;
  ')
 +
 +########################################
 +## <summary>
++##	Allow unconfined access to the system DBUS.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`dbus_unconfined',`
++	gen_require(`
++		attribute dbusd_unconfined;
++	')
++
++	typeattribute $1 dbusd_unconfined;
++')
++
++########################################
++## <summary>
 +##	Create a domain for processes
 +##	which can be started by the system dbus
 +## </summary>
@@ -6079,6 +6105,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus
 +
 +')
 +
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dbus.te serefpolicy-3.2.5/policy/modules/services/dbus.te
+--- nsaserefpolicy/policy/modules/services/dbus.te	2007-12-19 05:32:17.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/services/dbus.te	2007-12-21 02:47:39.000000000 -0500
+@@ -9,6 +9,7 @@
+ #
+ # Delcarations
+ #
++attribute dbusd_unconfined;
+ 
+ type dbusd_etc_t alias etc_dbusd_t;
+ files_type(dbusd_etc_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dcc.if serefpolicy-3.2.5/policy/modules/services/dcc.if
 --- nsaserefpolicy/policy/modules/services/dcc.if	2007-03-26 10:39:05.000000000 -0400
 +++ serefpolicy-3.2.5/policy/modules/services/dcc.if	2007-12-19 05:38:09.000000000 -0500
@@ -12898,7 +12935,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
 +/usr/bin/fusermount            --      gen_context(system_u:object_r:mount_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.te serefpolicy-3.2.5/policy/modules/system/mount.te
 --- nsaserefpolicy/policy/modules/system/mount.te	2007-12-19 05:32:17.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/system/mount.te	2007-12-19 05:38:09.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/system/mount.te	2007-12-21 02:36:38.000000000 -0500
 @@ -8,7 +8,7 @@
  
  ## <desc>
@@ -12982,7 +13019,19 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
  ')
  
  optional_policy(`
-@@ -192,4 +200,26 @@
+@@ -175,6 +183,11 @@
+ 	')
+ ')
+ 
++# Needed for mount crypt https://bugzilla.redhat.com/show_bug.cgi?id=418711
++optional_policy(`
++	lvm_domtrans(mount_t)
++')
++
+ # for kernel package installation
+ optional_policy(`
+ 	rpm_rw_pipes(mount_t)
+@@ -192,4 +205,26 @@
  optional_policy(`
  	files_etc_filetrans_etc_runtime(unconfined_mount_t,file)
  	unconfined_domain(unconfined_mount_t)
@@ -12995,9 +13044,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/mount.
 +#
 +# ntfs local policy
 +#
-+allow mount_t self:fifo_file { read write };
++allow mount_t self:fifo_file rw_fifo_file_perms;
 +allow mount_t self:unix_stream_socket create_stream_socket_perms;
-+allow mount_t self:unix_dgram_socket { connect create };
++allow mount_t self:unix_dgram_socket create_socket_perms; 
 +
 +corecmd_exec_shell(mount_t)
 +
@@ -13843,7 +13892,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
 +/usr/sbin/sysreport	 	    --	gen_context(system_u:object_r:unconfined_notrans_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.if serefpolicy-3.2.5/policy/modules/system/unconfined.if
 --- nsaserefpolicy/policy/modules/system/unconfined.if	2007-11-16 15:30:49.000000000 -0500
-+++ serefpolicy-3.2.5/policy/modules/system/unconfined.if	2007-12-19 16:24:05.000000000 -0500
++++ serefpolicy-3.2.5/policy/modules/system/unconfined.if	2007-12-21 02:48:29.000000000 -0500
 @@ -12,14 +12,13 @@
  #
  interface(`unconfined_domain_noaudit',`
@@ -13878,7 +13927,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  
  	kernel_unconfined($1)
  	corenet_unconfined($1)
-@@ -581,7 +581,6 @@
+@@ -70,6 +70,7 @@
+ 	optional_policy(`
+ 		# Communicate via dbusd.
+ 		dbus_system_bus_unconfined($1)
++		dbus_unconfined($1)
+ 	')
+ 
+ 	optional_policy(`
+@@ -581,7 +582,6 @@
  interface(`unconfined_dbus_connect',`
  	gen_require(`
  		type unconfined_t;
@@ -13886,7 +13943,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  	')
  
  	allow $1 unconfined_t:dbus acquire_svc;
-@@ -589,7 +588,7 @@
+@@ -589,7 +589,7 @@
  
  ########################################
  ## <summary>
@@ -13895,7 +13952,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -597,20 +596,53 @@
+@@ -597,20 +597,53 @@
  ##	</summary>
  ## </param>
  #
@@ -13956,7 +14013,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconf
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -618,31 +650,132 @@
+@@ -618,31 +651,132 @@
  ##	</summary>
  ## </param>
  #
diff --git a/selinux-policy.spec b/selinux-policy.spec
index c478a96..3c299ac 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.2.5
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -386,6 +386,9 @@ exit 0
 %endif
 
 %changelog
+* Thu Dec 20 2007 Dan Walsh <dwalsh@redhat.com> 3.2.5-4
+- Let all uncofined domains communicate with dbus unconfined
+
 * Thu Dec 20 2007 Dan Walsh <dwalsh@redhat.com> 3.2.5-3
 - Run rpm in system_r