diff --git a/policy-20070703.patch b/policy-20070703.patch
index 4ffab80..60a61c1 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -2356,8 +2356,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/corene
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.fc serefpolicy-3.0.4/policy/modules/kernel/devices.fc
 --- nsaserefpolicy/policy/modules/kernel/devices.fc	2007-06-15 14:54:30.000000000 -0400
-+++ serefpolicy-3.0.4/policy/modules/kernel/devices.fc	2007-07-31 13:38:24.000000000 -0400
-@@ -19,6 +19,7 @@
++++ serefpolicy-3.0.4/policy/modules/kernel/devices.fc	2007-08-01 10:54:59.000000000 -0400
+@@ -12,6 +12,7 @@
+ /dev/atibm		-c	gen_context(system_u:object_r:mouse_device_t,s0)
+ /dev/audio.*		-c	gen_context(system_u:object_r:sound_device_t,s0)
+ /dev/beep		-c	gen_context(system_u:object_r:sound_device_t,s0)
++/dev/dmfm		-c	gen_context(system_u:object_r:sound_device_t,s0)
+ /dev/dsp.*		-c	gen_context(system_u:object_r:sound_device_t,s0)
+ /dev/efirtc		-c	gen_context(system_u:object_r:clock_device_t,s0)
+ /dev/em8300.*		-c	gen_context(system_u:object_r:v4l_device_t,s0)
+@@ -19,6 +20,7 @@
  /dev/evtchn		-c	gen_context(system_u:object_r:xen_device_t,s0)
  /dev/fb[0-9]*		-c	gen_context(system_u:object_r:framebuf_device_t,s0)
  /dev/full		-c	gen_context(system_u:object_r:null_device_t,s0)
@@ -2365,7 +2373,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/device
  /dev/fw.*		-c	gen_context(system_u:object_r:usb_device_t,s0)
  /dev/hiddev.*		-c	gen_context(system_u:object_r:usb_device_t,s0)
  /dev/hpet		-c	gen_context(system_u:object_r:clock_device_t,s0)
-@@ -53,7 +54,7 @@
+@@ -53,7 +55,7 @@
  /dev/radio.*		-c	gen_context(system_u:object_r:v4l_device_t,s0)
  /dev/random		-c	gen_context(system_u:object_r:random_device_t,s0)
  /dev/raw1394.*		-c	gen_context(system_u:object_r:v4l_device_t,s0)
@@ -2374,15 +2382,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/device
  /dev/sequencer		-c	gen_context(system_u:object_r:sound_device_t,s0)
  /dev/sequencer2		-c	gen_context(system_u:object_r:sound_device_t,s0)
  /dev/smpte.*		-c	gen_context(system_u:object_r:sound_device_t,s0)
-@@ -65,6 +66,7 @@
+@@ -64,7 +66,9 @@
+ /dev/sonypi		-c	gen_context(system_u:object_r:v4l_device_t,s0)
  /dev/tlk[0-3]		-c	gen_context(system_u:object_r:v4l_device_t,s0)
  /dev/urandom		-c	gen_context(system_u:object_r:urandom_device_t,s0)
++/dev/usbmon[0-9]+	-c	gen_context(system_u:object_r:usb_device_t,s0)
  /dev/usbdev.*		-c	gen_context(system_u:object_r:usb_device_t,s0)
 +/dev/usb[0-9]+		-c	gen_context(system_u:object_r:usb_device_t,s0)
  /dev/usblp.*		-c	gen_context(system_u:object_r:printer_device_t,s0)
  ifdef(`distro_suse', `
  /dev/usbscanner		-c	gen_context(system_u:object_r:scanner_device_t,s0)
-@@ -127,3 +129,7 @@
+@@ -127,3 +131,7 @@
  /var/named/chroot/dev/random -c	gen_context(system_u:object_r:random_device_t,s0)
  /var/named/chroot/dev/zero -c	gen_context(system_u:object_r:zero_device_t,s0)
  ')
@@ -2392,7 +2402,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/device
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/devices.if serefpolicy-3.0.4/policy/modules/kernel/devices.if
 --- nsaserefpolicy/policy/modules/kernel/devices.if	2007-06-15 14:54:30.000000000 -0400
-+++ serefpolicy-3.0.4/policy/modules/kernel/devices.if	2007-07-25 13:27:51.000000000 -0400
++++ serefpolicy-3.0.4/policy/modules/kernel/devices.if	2007-08-01 10:56:52.000000000 -0400
 @@ -2803,6 +2803,24 @@
  
  ########################################
@@ -2820,7 +2830,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/filesy
  # filesystem SID to label inodes in the following filesystem types,
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/kernel.if serefpolicy-3.0.4/policy/modules/kernel/kernel.if
 --- nsaserefpolicy/policy/modules/kernel/kernel.if	2007-07-03 07:05:38.000000000 -0400
-+++ serefpolicy-3.0.4/policy/modules/kernel/kernel.if	2007-07-31 16:22:36.000000000 -0400
++++ serefpolicy-3.0.4/policy/modules/kernel/kernel.if	2007-08-01 11:26:14.000000000 -0400
 @@ -108,6 +108,24 @@
  
  ########################################
@@ -4152,10 +4162,45 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/blue
 +optional_policy(`
 +       	xserver_stream_connect_xdm(bluetooth_helper_t)
 +')	
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.fc serefpolicy-3.0.4/policy/modules/services/clamav.fc
+--- nsaserefpolicy/policy/modules/services/clamav.fc	2007-05-29 14:10:57.000000000 -0400
++++ serefpolicy-3.0.4/policy/modules/services/clamav.fc	2007-08-01 11:30:09.000000000 -0400
+@@ -9,6 +9,8 @@
+ 
+ /var/run/amavis(d)?/clamd\.pid	--	gen_context(system_u:object_r:clamd_var_run_t,s0)
+ /var/run/clamav(/.*)?			gen_context(system_u:object_r:clamd_var_run_t,s0)
++/var/run/clamd\..*			gen_context(system_u:object_r:clamd_var_run_t,s0)
++/var/run/clamav\..*			gen_context(system_u:object_r:clamd_var_run_t,s0)
+ /var/lib/clamav(/.*)?			gen_context(system_u:object_r:clamd_var_lib_t,s0)
+ /var/log/clamav			-d	gen_context(system_u:object_r:clamd_var_log_t,s0)
+ /var/log/clamav/clamav.*	--	gen_context(system_u:object_r:clamd_var_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clamav.te serefpolicy-3.0.4/policy/modules/services/clamav.te
 --- nsaserefpolicy/policy/modules/services/clamav.te	2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.4/policy/modules/services/clamav.te	2007-07-25 13:27:51.000000000 -0400
-@@ -208,9 +208,12 @@
++++ serefpolicy-3.0.4/policy/modules/services/clamav.te	2007-08-01 11:29:41.000000000 -0400
+@@ -74,17 +74,19 @@
+ manage_files_pattern(clamd_t,clamd_var_lib_t,clamd_var_lib_t)
+ 
+ # log files
+-allow clamd_t clamd_var_log_t:dir setattr;
++manage_dirs_pattern(clamd_t,clamd_var_log_t,clamd_var_log_t)
+ manage_files_pattern(clamd_t,clamd_var_log_t,clamd_var_log_t)
+-logging_log_filetrans(clamd_t,clamd_var_log_t,file)
++logging_log_filetrans(clamd_t,clamd_var_log_t,{ dir file })
+ 
+ # pid file
++manage_dirs_pattern(clamd_t,clamd_var_log_t,clamd_var_log_t)
+ manage_files_pattern(clamd_t,clamd_var_run_t,clamd_var_run_t)
+ manage_sock_files_pattern(clamd_t,clamd_var_run_t,clamd_var_run_t)
+-files_pid_filetrans(clamd_t,clamd_var_run_t,file)
++files_pid_filetrans(clamd_t,clamd_var_run_t,{ file dir })
+ 
+ kernel_dontaudit_list_proc(clamd_t)
+ kernel_read_sysctl(clamd_t)
++kernel_read_kernel_sysctls(clamd_t)
+ 
+ corenet_all_recvfrom_unlabeled(clamd_t)
+ corenet_all_recvfrom_netlabel(clamd_t)
+@@ -208,9 +210,12 @@
  files_tmp_filetrans(clamscan_t,clamscan_tmp_t,{ file dir })
  
  # var/lib files together with clamd
@@ -4169,7 +4214,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/clam
  kernel_read_kernel_sysctls(clamscan_t)
  
  files_read_etc_files(clamscan_t)
-@@ -228,3 +231,7 @@
+@@ -228,3 +233,7 @@
  optional_policy(`
  	apache_read_sys_content(clamscan_t)
  ')
@@ -6791,8 +6836,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  	fs_search_auto_mountpoints($1_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.te serefpolicy-3.0.4/policy/modules/services/rpc.te
 --- nsaserefpolicy/policy/modules/services/rpc.te	2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.4/policy/modules/services/rpc.te	2007-07-31 14:16:40.000000000 -0400
-@@ -59,10 +59,13 @@
++++ serefpolicy-3.0.4/policy/modules/services/rpc.te	2007-08-01 11:35:43.000000000 -0400
+@@ -59,10 +59,14 @@
  manage_files_pattern(rpcd_t,rpcd_var_run_t,rpcd_var_run_t)
  files_pid_filetrans(rpcd_t,rpcd_var_run_t,file)
  
@@ -6802,11 +6847,12 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  kernel_search_network_state(rpcd_t) 
  # for rpc.rquotad
  kernel_read_sysctl(rpcd_t)  
++kernel_read_fs_sysctl(rpcd_t)  
 +kernel_getattr_core_if(nfsd_t)
  
  fs_list_rpc(rpcd_t)
  fs_read_rpc_files(rpcd_t)
-@@ -76,9 +79,11 @@
+@@ -76,9 +80,11 @@
  miscfiles_read_certs(rpcd_t)
  
  seutil_dontaudit_search_config(rpcd_t)
@@ -6818,7 +6864,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  ')
  
  ########################################
-@@ -91,9 +96,13 @@
+@@ -91,9 +97,13 @@
  allow nfsd_t exports_t:file { getattr read };
  allow nfsd_t { nfsd_rw_t nfsd_ro_t }:dir list_dir_perms;
  
@@ -6832,7 +6878,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  
  corenet_tcp_bind_all_rpc_ports(nfsd_t)
  corenet_udp_bind_all_rpc_ports(nfsd_t)
-@@ -123,6 +132,7 @@
+@@ -123,6 +133,7 @@
  tunable_policy(`nfs_export_all_rw',`
  	fs_read_noxattr_fs_files(nfsd_t) 
  	auth_manage_all_files_except_shadow(nfsd_t)
@@ -6840,7 +6886,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  ')
  
  tunable_policy(`nfs_export_all_ro',`
-@@ -143,6 +153,8 @@
+@@ -143,6 +154,8 @@
  manage_files_pattern(gssd_t,gssd_tmp_t,gssd_tmp_t)
  files_tmp_filetrans(gssd_t, gssd_tmp_t, { file dir })
  
@@ -6849,7 +6895,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rpc.
  kernel_read_network_state(gssd_t)
  kernel_read_network_state_symlinks(gssd_t)	
  kernel_search_network_sysctl(gssd_t)	
-@@ -158,6 +170,11 @@
+@@ -158,6 +171,11 @@
  
  miscfiles_read_certs(gssd_t)
  
@@ -8532,7 +8578,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstool
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstools.te serefpolicy-3.0.4/policy/modules/system/fstools.te
 --- nsaserefpolicy/policy/modules/system/fstools.te	2007-07-25 10:37:42.000000000 -0400
-+++ serefpolicy-3.0.4/policy/modules/system/fstools.te	2007-07-25 13:27:51.000000000 -0400
++++ serefpolicy-3.0.4/policy/modules/system/fstools.te	2007-08-01 10:57:11.000000000 -0400
 @@ -9,6 +9,7 @@
  type fsadm_t;
  type fsadm_exec_t;
@@ -8541,7 +8587,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fstool
  role system_r types fsadm_t;
  
  type fsadm_log_t;
-@@ -179,3 +180,8 @@
+@@ -69,6 +70,7 @@
+ 
+ dev_getattr_all_chr_files(fsadm_t)
+ dev_dontaudit_getattr_all_blk_files(fsadm_t)
++dev_dontaudit_getattr_generic_files(fsadm_t)
+ # mkreiserfs and other programs need this for UUID
+ dev_read_rand(fsadm_t)
+ dev_read_urand(fsadm_t)
+@@ -179,3 +181,8 @@
  	fs_dontaudit_write_ramfs_pipes(fsadm_t)
  	rhgb_stub(fsadm_t)
  ')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 644c05f..d159a52 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.4
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -359,6 +359,9 @@ exit 0
 %endif
 
 %changelog
+* Wed Aug 1 2007 Dan Walsh <dwalsh@redhat.com> 3.0.4-5
+- Fix new usb devices and dmfm
+
 * Mon Jul 30 2007 Dan Walsh <dwalsh@redhat.com> 3.0.4-4
 - Eliminate mount_ntfs_t policy, merge into mount_t