diff --git a/policy-20070703.patch b/policy-20070703.patch
index 22b8fad..fe1da2b 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -4151,7 +4151,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
##
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corenetwork.te.in serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in
--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in 2007-10-22 13:21:41.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in 2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/kernel/corenetwork.te.in 2008-01-22 09:06:06.000000000 -0500
@@ -55,6 +55,11 @@
type reserved_port_t, port_type, reserved_port_type;
@@ -4214,7 +4214,12 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
network_port(pop, tcp,106,s0, tcp,109,s0, tcp,110,s0, tcp,143,s0, tcp,220,s0, tcp,993,s0, tcp,995,s0, tcp,1109,s0)
network_port(portmap, udp,111,s0, tcp,111,s0)
network_port(postgresql, tcp,5432,s0)
-@@ -141,12 +154,12 @@
+@@ -137,16 +150,16 @@
+ network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
+ network_port(rlogind, tcp,513,s0)
+ network_port(rndc, tcp,953,s0)
+-network_port(router, udp,520,s0)
++network_port(router, udp,520,s0, udp,521,s0, tcp,521,s0)
network_port(rsh, tcp,514,s0)
network_port(rsync, tcp,873,s0, udp,873,s0)
network_port(rwho, udp,513,s0)
@@ -11002,7 +11007,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
+')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/networkmanager.te serefpolicy-3.0.8/policy/modules/services/networkmanager.te
--- nsaserefpolicy/policy/modules/services/networkmanager.te 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/networkmanager.te 2008-01-17 09:03:07.000000000 -0500
++++ serefpolicy-3.0.8/policy/modules/services/networkmanager.te 2008-01-22 09:24:05.000000000 -0500
@@ -13,6 +13,9 @@
type NetworkManager_var_run_t;
files_pid_file(NetworkManager_var_run_t)
@@ -11041,7 +11046,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
init_read_utmp(NetworkManager_t)
init_domtrans_script(NetworkManager_t)
-@@ -129,15 +137,13 @@
+@@ -129,15 +137,17 @@
')
optional_policy(`
@@ -11056,10 +11061,14 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
dbus_send_system_bus(NetworkManager_t)
+ dbus_dontaudit_rw_system_selinux_socket(NetworkManager_t)
+ dbus_system_domain(NetworkManager_t,NetworkManager_exec_t)
++')
++
++optional_policy(`
++ hal_write_log(NetworkManager_t)
')
optional_policy(`
-@@ -151,6 +157,8 @@
+@@ -151,6 +161,8 @@
optional_policy(`
nscd_socket_use(NetworkManager_t)
nscd_signal(NetworkManager_t)
@@ -11068,7 +11077,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
')
optional_policy(`
-@@ -162,6 +170,7 @@
+@@ -162,6 +174,7 @@
ppp_domtrans(NetworkManager_t)
ppp_read_pid_files(NetworkManager_t)
ppp_signal(NetworkManager_t)
@@ -11076,7 +11085,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/netw
')
optional_policy(`
-@@ -173,8 +182,10 @@
+@@ -173,8 +186,10 @@
')
optional_policy(`
@@ -19498,9 +19507,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/udev.t
')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.fc serefpolicy-3.0.8/policy/modules/system/unconfined.fc
--- nsaserefpolicy/policy/modules/system/unconfined.fc 2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/unconfined.fc 2008-01-17 09:03:07.000000000 -0500
-@@ -10,3 +10,7 @@
- /usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
++++ serefpolicy-3.0.8/policy/modules/system/unconfined.fc 2008-01-22 09:29:20.000000000 -0500
+@@ -7,6 +7,10 @@
+ /usr/bin/vncserver -- gen_context(system_u:object_r:unconfined_exec_t,s0)
+
+ /usr/lib/ia32el/ia32x_loader -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+-/usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
++/usr/lib(64)?/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
/usr/local/RealPlayer/realplay\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+/usr/bin/rhythmbox -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 425df0c..2905620 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.0.8
-Release: 80%{?dist}
+Release: 81%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -381,6 +381,9 @@ exit 0
%endif
%changelog
+* Tue Jan 22 2008 Dan Walsh 3.0.8-81
+- Allow zebra to listen on port 521
+
* Thu Jan 17 2008 Dan Walsh 3.0.8-79
- Add procmail_log support
- Lots of fixes for munin