diff --git a/policy-F12.patch b/policy-F12.patch
index 15c88c7..04c3ee2 100644
--- a/policy-F12.patch
+++ b/policy-F12.patch
@@ -2986,6 +2986,35 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+
+
+
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.te serefpolicy-3.6.26/policy/modules/apps/pulseaudio.te
+--- nsaserefpolicy/policy/modules/apps/pulseaudio.te 2009-07-23 14:11:04.000000000 -0400
++++ serefpolicy-3.6.26/policy/modules/apps/pulseaudio.te 2009-08-04 05:32:34.000000000 -0400
+@@ -22,6 +22,7 @@
+ allow pulseaudio_t self:unix_dgram_socket { sendto create_socket_perms };
+ allow pulseaudio_t self:tcp_socket create_stream_socket_perms;
+ allow pulseaudio_t self:udp_socket create_socket_perms;
++allow pulseaudio_t self:netlink_kobject_uevent_socket create_socket_perms;
+
+ kernel_read_kernel_sysctls(pulseaudio_t)
+
+@@ -47,6 +48,7 @@
+
+ fs_rw_anon_inodefs_files(pulseaudio_t)
+ fs_getattr_tmpfs(pulseaudio_t)
++fs_list_inotifyfs(pulseaudio_t)
+
+ term_use_all_user_ttys(pulseaudio_t)
+ term_use_all_user_ptys(pulseaudio_t)
+@@ -85,8 +87,8 @@
+ ')
+
+ optional_policy(`
+- xserver_read_xdm_pid(pulseaudio_t)
+ xserver_manage_xdm_tmp_files(pulseaudio_t)
+ xserver_read_xdm_lib_files(pulseaudio_t)
++ xserver_common_app(pulseaudio_t)
+ ')
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.fc serefpolicy-3.6.26/policy/modules/apps/qemu.fc
--- nsaserefpolicy/policy/modules/apps/qemu.fc 2009-07-14 14:19:57.000000000 -0400
+++ serefpolicy-3.6.26/policy/modules/apps/qemu.fc 2009-07-30 15:33:08.000000000 -0400
@@ -10644,7 +10673,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.te serefpolicy-3.6.26/policy/modules/services/hal.te
--- nsaserefpolicy/policy/modules/services/hal.te 2009-07-28 13:28:33.000000000 -0400
-+++ serefpolicy-3.6.26/policy/modules/services/hal.te 2009-07-31 06:43:31.000000000 -0400
++++ serefpolicy-3.6.26/policy/modules/services/hal.te 2009-08-04 05:57:57.000000000 -0400
@@ -55,6 +55,9 @@
type hald_var_lib_t;
files_type(hald_var_lib_t)
@@ -10702,7 +10731,16 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
corecmd_exec_bin(hald_acl_t)
-@@ -369,6 +384,7 @@
+@@ -357,6 +372,8 @@
+ files_read_usr_files(hald_acl_t)
+ files_read_etc_files(hald_acl_t)
+
++fs_getattr_all_fs(hald_acl_t)
++
+ storage_getattr_removable_dev(hald_acl_t)
+ storage_setattr_removable_dev(hald_acl_t)
+ storage_getattr_fixed_disk_dev(hald_acl_t)
+@@ -369,6 +386,7 @@
miscfiles_read_localization(hald_acl_t)
optional_policy(`
@@ -10710,7 +10748,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
policykit_domtrans_auth(hald_acl_t)
policykit_read_lib(hald_acl_t)
policykit_read_reload(hald_acl_t)
-@@ -450,12 +466,16 @@
+@@ -450,12 +468,16 @@
miscfiles_read_localization(hald_keymap_t)
@@ -10729,7 +10767,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
allow hald_dccm_t self:process getsched;
allow hald_dccm_t self:tcp_socket create_stream_socket_perms;
allow hald_dccm_t self:udp_socket create_socket_perms;
-@@ -469,10 +489,17 @@
+@@ -469,10 +491,17 @@
manage_files_pattern(hald_dccm_t, hald_var_lib_t, hald_var_lib_t)
files_search_var_lib(hald_dccm_t)
@@ -10747,7 +10785,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
corenet_all_recvfrom_unlabeled(hald_dccm_t)
corenet_all_recvfrom_netlabel(hald_dccm_t)
corenet_tcp_sendrecv_generic_if(hald_dccm_t)
-@@ -484,6 +511,7 @@
+@@ -484,6 +513,7 @@
corenet_tcp_bind_generic_node(hald_dccm_t)
corenet_udp_bind_generic_node(hald_dccm_t)
corenet_udp_bind_dhcpc_port(hald_dccm_t)
@@ -10755,7 +10793,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
corenet_tcp_bind_dccm_port(hald_dccm_t)
logging_send_syslog_msg(hald_dccm_t)
-@@ -491,3 +519,9 @@
+@@ -491,3 +521,9 @@
files_read_usr_files(hald_dccm_t)
miscfiles_read_localization(hald_dccm_t)
@@ -13812,7 +13850,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
term_dontaudit_use_console(ricci_modstorage_t)
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpcbind.if serefpolicy-3.6.26/policy/modules/services/rpcbind.if
--- nsaserefpolicy/policy/modules/services/rpcbind.if 2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.6.26/policy/modules/services/rpcbind.if 2009-07-30 15:33:09.000000000 -0400
++++ serefpolicy-3.6.26/policy/modules/services/rpcbind.if 2009-08-04 06:47:08.000000000 -0400
@@ -97,6 +97,26 @@
########################################
@@ -18584,7 +18622,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
+
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.if serefpolicy-3.6.26/policy/modules/system/authlogin.if
--- nsaserefpolicy/policy/modules/system/authlogin.if 2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.6.26/policy/modules/system/authlogin.if 2009-07-30 15:33:09.000000000 -0400
++++ serefpolicy-3.6.26/policy/modules/system/authlogin.if 2009-08-04 06:42:06.000000000 -0400
@@ -40,17 +40,76 @@
##
##
@@ -18729,7 +18767,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
')
-@@ -305,19 +379,16 @@
+@@ -258,6 +332,7 @@
+ type auth_cache_t;
+ ')
+
++ manage_dirs_pattern($1, auth_cache_t, auth_cache_t)
+ manage_files_pattern($1, auth_cache_t, auth_cache_t)
+ ')
+
+@@ -305,19 +380,16 @@
dev_read_rand($1)
dev_read_urand($1)
@@ -18743,18 +18789,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
- sysnet_dns_name_resolve($1)
- sysnet_use_ldap($1)
-
-- optional_policy(`
+ optional_policy(`
- kerberos_use($1)
- ')
-
- optional_policy(`
+- optional_policy(`
- nis_use_ypbind($1)
+ kerberos_read_keytab($1)
+ kerberos_connect_524($1)
')
optional_policy(`
-@@ -328,6 +399,29 @@
+@@ -328,6 +400,29 @@
optional_policy(`
samba_stream_connect_winbind($1)
')
@@ -18784,7 +18830,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
########################################
-@@ -352,6 +446,7 @@
+@@ -352,6 +447,7 @@
auth_domtrans_chk_passwd($1)
role $2 types chkpwd_t;
@@ -18792,7 +18838,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
########################################
-@@ -1129,6 +1224,32 @@
+@@ -1129,6 +1225,32 @@
########################################
##
@@ -18825,7 +18871,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
## Manage all files on the filesystem, except
## the shadow passwords and listed exceptions.
##
-@@ -1254,6 +1375,25 @@
+@@ -1254,6 +1376,25 @@
########################################
##
@@ -18851,7 +18897,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
## Do not audit attempts to write to
## login records files.
##
-@@ -1395,6 +1535,14 @@
+@@ -1395,6 +1536,14 @@
')
optional_policy(`
@@ -18866,7 +18912,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
nis_use_ypbind($1)
')
-@@ -1403,8 +1551,17 @@
+@@ -1403,8 +1552,17 @@
')
optional_policy(`
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 072db7c..e12b021 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.6.26
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -475,6 +475,10 @@ exit 0
%endif
%changelog
+* Tue Aug 4 2009 Dan Walsh 3.6.26-4
+- Allow exim to getattr on mountpoints
+- Fixes for pulseaudio
+
* Fri Jul 31 2009 Dan Walsh 3.6.26-3
- Allow svirt_t to stream_connect to virtd_t