diff --git a/policy-f23-base.patch b/policy-f23-base.patch
index be2faef..e5ab29f 100644
--- a/policy-f23-base.patch
+++ b/policy-f23-base.patch
@@ -5689,7 +5689,7 @@ index 8e0f9cd..b9f45b9 100644
  
  define(`create_packet_interfaces',``
 diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
-index b191055..698e4fd 100644
+index b191055..e3122b4 100644
 --- a/policy/modules/kernel/corenetwork.te.in
 +++ b/policy/modules/kernel/corenetwork.te.in
 @@ -5,6 +5,7 @@ policy_module(corenetwork, 1.19.2)
@@ -5763,7 +5763,15 @@ index b191055..698e4fd 100644
  # reserved_port_t is the type of INET port numbers below 1024.
  #
  type reserved_port_t, port_type, reserved_port_type;
-@@ -83,56 +106,72 @@ network_port(agentx, udp,705,s0, tcp,705,s0)
+@@ -76,63 +99,79 @@ type server_packet_t, packet_type, server_packet_type;
+ network_port(afs_bos, udp,7007,s0)
+ network_port(afs_fs, tcp,2040,s0, udp,7000,s0, udp,7005,s0)
+ network_port(afs_ka, udp,7004,s0)
+-network_port(afs_pt, udp,7002,s0)
++network_port(afs_pt, tcp,7002,s0, udp,7002,s0)
+ network_port(afs_vl, udp,7003,s0)
+ network_port(afs3_callback, tcp,7001,s0, udp,7001,s0)
+ network_port(agentx, udp,705,s0, tcp,705,s0)
  network_port(amanda, udp,10080-10082,s0, tcp,10080-10083,s0)
  network_port(amavisd_recv, tcp,10024,s0)
  network_port(amavisd_send, tcp,10025,s0)
@@ -5845,7 +5853,7 @@ index b191055..698e4fd 100644
  network_port(gopher, tcp,70,s0, udp,70,s0)
  network_port(gpsd, tcp,2947,s0)
  network_port(hadoop_datanode, tcp,50010,s0)
-@@ -140,45 +179,56 @@ network_port(hadoop_namenode, tcp,8020,s0)
+@@ -140,45 +179,58 @@ network_port(hadoop_namenode, tcp,8020,s0)
  network_port(hddtemp, tcp,7634,s0)
  network_port(howl, tcp,5335,s0, udp,5353,s0)
  network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp, 8290,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0)
@@ -5853,6 +5861,7 @@ index b191055..698e4fd 100644
 -network_port(http_cache, tcp,3128,s0, udp,3130,s0, tcp,8080,s0, tcp,8118,s0, tcp,10001-10010,s0) # 8118 is for privoxy
 +network_port(http, tcp,80,s0, tcp,81,s0, tcp,443,s0, tcp,488,s0, tcp,8008,s0, tcp,8009,s0, tcp,8443,s0,tcp,9000, s0) #8443 is mod_nss default port
 +network_port(http_cache, udp,3130,s0, tcp,8080,s0, tcp,8118,s0, tcp,8123,s0, tcp,10001-10010,s0) # 8118 is for privoxy
++network_port(intermapper, tcp,8181,s0)
  network_port(i18n_input, tcp,9010,s0)
  network_port(imaze, tcp,5323,s0, udp,5323,s0)
 -network_port(inetd_child, tcp,1,s0, udp,1,s0, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
@@ -5903,6 +5912,7 @@ index b191055..698e4fd 100644
 +network_port(lsm_plugin, tcp,18700,s0)
 +network_port(l2tp, tcp,1701,s0, udp,1701,s0)
  network_port(mail, tcp,2000,s0, tcp,3905,s0)
++network_port(mailbox, tcp,2004,s0)
  network_port(matahari, tcp,49000,s0, udp,49000,s0)
  network_port(memcache, tcp,11211,s0, udp,11211,s0)
 -network_port(milter) # no defined portcon
@@ -5917,7 +5927,7 @@ index b191055..698e4fd 100644
  network_port(msnp, tcp,1863,s0, udp,1863,s0)
  network_port(mssql, tcp,1433-1434,s0, udp,1433-1434,s0)
  network_port(ms_streaming, tcp,1755,s0, udp,1755,s0)
-@@ -186,101 +236,126 @@ network_port(munin, tcp,4949,s0, udp,4949,s0)
+@@ -186,101 +238,128 @@ network_port(munin, tcp,4949,s0, udp,4949,s0)
  network_port(mxi, tcp,8005,s0, udp,8005,s0)
  network_port(mysqld, tcp,1186,s0, tcp,3306,s0, tcp,63132-63164,s0)
  network_port(mysqlmanagerd, tcp,2273,s0)
@@ -6057,12 +6067,14 @@ index b191055..698e4fd 100644
  network_port(wsicopy, tcp,3378,s0, udp,3378,s0)
  network_port(xdmcp, udp,177,s0, tcp,177,s0)
  network_port(xen, tcp,8002,s0)
++network_port(xinuexpansion3, tcp,2023,s0, udp,2023,s0)
++network_port(xinuexpansion4, tcp,2024,s0, udp,2024,s0)
  network_port(xfs, tcp,7100,s0)
 +network_port(xodbc_connect, tcp,6632,s0)
  network_port(xserver, tcp,6000-6020,s0)
  network_port(zarafa, tcp,236,s0, tcp,237,s0)
  network_port(zabbix, tcp,10051,s0)
-@@ -288,19 +363,23 @@ network_port(zabbix_agent, tcp,10050,s0)
+@@ -288,19 +367,23 @@ network_port(zabbix_agent, tcp,10050,s0)
  network_port(zookeeper_client, tcp,2181,s0)
  network_port(zookeeper_election, tcp,3888,s0)
  network_port(zookeeper_leader, tcp,2888,s0)
@@ -6089,7 +6101,7 @@ index b191055..698e4fd 100644
  
  ########################################
  #
-@@ -333,6 +412,8 @@ sid netif gen_context(system_u:object_r:netif_t,s0 - mls_systemhigh)
+@@ -333,6 +416,8 @@ sid netif gen_context(system_u:object_r:netif_t,s0 - mls_systemhigh)
  
  build_option(`enable_mls',`
  network_interface(lo, lo, s0 - mls_systemhigh)
@@ -6098,7 +6110,7 @@ index b191055..698e4fd 100644
  ',`
  typealias netif_t alias { lo_netif_t netif_lo_t };
  ')
-@@ -345,9 +426,28 @@ typealias netif_t alias { lo_netif_t netif_lo_t };
+@@ -345,9 +430,28 @@ typealias netif_t alias { lo_netif_t netif_lo_t };
  allow corenet_unconfined_type node_type:node *;
  allow corenet_unconfined_type netif_type:netif *;
  allow corenet_unconfined_type packet_type:packet *;
diff --git a/policy-f23-contrib.patch b/policy-f23-contrib.patch
index 22d4d9e..1cc5fb9 100644
--- a/policy-f23-contrib.patch
+++ b/policy-f23-contrib.patch
@@ -31231,10 +31231,10 @@ index 5cd0909..bd3c3d2 100644
 +corenet_tcp_connect_glance_registry_port(glance_scrubber_t)
 diff --git a/glusterd.fc b/glusterd.fc
 new file mode 100644
-index 0000000..cbd6aa4
+index 0000000..52b4110
 --- /dev/null
 +++ b/glusterd.fc
-@@ -0,0 +1,20 @@
+@@ -0,0 +1,22 @@
 +/etc/rc\.d/init\.d/gluster.*	--	gen_context(system_u:object_r:glusterd_initrc_exec_t,s0)
 +
 +/etc/glusterfs(/.*)?	gen_context(system_u:object_r:glusterd_conf_t,s0)
@@ -31250,11 +31250,13 @@ index 0000000..cbd6aa4
 +/var/lib/glusterd(/.*)?		gen_context(system_u:object_r:glusterd_var_lib_t,s0)
 +
 +/var/log/glusterfs(/.*)?	gen_context(system_u:object_r:glusterd_log_t,s0)
++/var/log/ganesha.log	--	gen_context(system_u:object_r:glusterd_log_t,s0)
 +
 +/var/run/gluster(/.*)?	gen_context(system_u:object_r:glusterd_var_run_t,s0)
 +/var/run/glusterd(/.*)?	gen_context(system_u:object_r:glusterd_var_run_t,s0)
 +/var/run/glusterd.*	--	gen_context(system_u:object_r:glusterd_var_run_t,s0)
 +/var/run/glusterd.*	-s	gen_context(system_u:object_r:glusterd_var_run_t,s0)
++/var/run/ganesha.*	--	gen_context(system_u:object_r:glusterd_var_run_t,s0)
 diff --git a/glusterd.if b/glusterd.if
 new file mode 100644
 index 0000000..fc9bf19
@@ -31506,7 +31508,7 @@ index 0000000..fc9bf19
 +
 diff --git a/glusterd.te b/glusterd.te
 new file mode 100644
-index 0000000..8e0f5a7
+index 0000000..8188e4f
 --- /dev/null
 +++ b/glusterd.te
 @@ -0,0 +1,296 @@
@@ -31593,10 +31595,8 @@ index 0000000..8e0f5a7
 +allow glusterd_t glusterd_tmp_t:dir mounton;
 +
 +manage_dirs_pattern(glusterd_t, glusterd_log_t, glusterd_log_t)
-+append_files_pattern(glusterd_t, glusterd_log_t, glusterd_log_t)
-+create_files_pattern(glusterd_t, glusterd_log_t, glusterd_log_t)
-+setattr_files_pattern(glusterd_t, glusterd_log_t, glusterd_log_t)
-+logging_log_filetrans(glusterd_t, glusterd_log_t, dir)
++manage_files_pattern(glusterd_t, glusterd_log_t, glusterd_log_t)
++logging_log_filetrans(glusterd_t, glusterd_log_t, { file dir })
 +
 +manage_dirs_pattern(glusterd_t, glusterd_var_run_t, glusterd_var_run_t)
 +manage_files_pattern(glusterd_t, glusterd_var_run_t, glusterd_var_run_t)
@@ -31748,6 +31748,7 @@ index 0000000..8e0f5a7
 +optional_policy(`
 +    dbus_system_bus_client(glusterd_t)
 +    dbus_connect_system_bus(glusterd_t)
++	unconfined_dbus_chat(glusterd_t)
 +
 +    optional_policy(`
 +        policykit_dbus_chat(glusterd_t)
@@ -31793,6 +31794,7 @@ index 0000000..8e0f5a7
 +    rpc_domtrans_nfsd(glusterd_t)
 +    rpc_domtrans_rpcd(glusterd_t)
 +    rpc_manage_nfs_state_data(glusterd_t)
++	rpc_manage_nfs_state_data_dir(glusterd_t)
 +	rpcbind_stream_connect(glusterd_t)
 +')
 +
@@ -87939,7 +87941,7 @@ index a6fb30c..38a2f09 100644
 +/var/run/rpc\.statd\.pid --	gen_context(system_u:object_r:rpcd_var_run_t,s0)
 +
 diff --git a/rpc.if b/rpc.if
-index 0bf13c2..4f3c2b9 100644
+index 0bf13c2..ed393a0 100644
 --- a/rpc.if
 +++ b/rpc.if
 @@ -1,4 +1,4 @@
@@ -88251,7 +88253,7 @@ index 0bf13c2..4f3c2b9 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -326,12 +345,31 @@ interface(`rpc_search_nfs_state_data',`
+@@ -326,12 +345,50 @@ interface(`rpc_search_nfs_state_data',`
  	')
  
  	files_search_var_lib($1)
@@ -88281,11 +88283,30 @@ index 0bf13c2..4f3c2b9 100644
 +
 +########################################
 +## <summary>
++##	Manage NFS state data in /var/lib/nfs.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`rpc_manage_nfs_state_data_dir',`
++	gen_require(`
++		type var_lib_nfs_t;
++	')
++
++	files_search_var_lib($1)
++	allow $1 var_lib_nfs_t:dir manage_dir_perms;
++')
++
++########################################
++## <summary>
 +##	Read NFS state data in /var/lib/nfs.
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -350,8 +388,7 @@ interface(`rpc_read_nfs_state_data',`
+@@ -350,8 +407,7 @@ interface(`rpc_read_nfs_state_data',`
  
  ########################################
  ## <summary>
@@ -88295,7 +88316,7 @@ index 0bf13c2..4f3c2b9 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -366,31 +403,68 @@ interface(`rpc_manage_nfs_state_data',`
+@@ -366,31 +422,68 @@ interface(`rpc_manage_nfs_state_data',`
  
  	files_search_var_lib($1)
  	manage_files_pattern($1, var_lib_nfs_t, var_lib_nfs_t)
@@ -88370,7 +88391,7 @@ index 0bf13c2..4f3c2b9 100644
  	')
  
  	allow $1 rpc_domain:process { ptrace signal_perms };
-@@ -411,7 +485,7 @@ interface(`rpc_admin',`
+@@ -411,7 +504,7 @@ interface(`rpc_admin',`
  	admin_pattern($1, rpcd_var_run_t)
  
  	files_list_all($1)
@@ -116377,7 +116398,7 @@ index dd63de0..38ce620 100644
 -	admin_pattern($1, zabbix_tmpfs_t)
  ')
 diff --git a/zabbix.te b/zabbix.te
-index 7f496c6..b23f29d 100644
+index 7f496c6..fccb7b1 100644
 --- a/zabbix.te
 +++ b/zabbix.te
 @@ -6,27 +6,32 @@ policy_module(zabbix, 1.6.0)
@@ -116595,7 +116616,7 @@ index 7f496c6..b23f29d 100644
  
  corenet_sendrecv_zabbix_agent_server_packets(zabbix_agent_t)
  corenet_tcp_bind_zabbix_agent_port(zabbix_agent_t)
-@@ -170,6 +185,26 @@ corenet_sendrecv_ssh_client_packets(zabbix_agent_t)
+@@ -170,6 +185,30 @@ corenet_sendrecv_ssh_client_packets(zabbix_agent_t)
  corenet_tcp_connect_ssh_port(zabbix_agent_t)
  corenet_tcp_sendrecv_ssh_port(zabbix_agent_t)
  
@@ -116615,6 +116636,10 @@ index 7f496c6..b23f29d 100644
 +corenet_tcp_connect_pop_port(zabbix_agent_t)
 +corenet_tcp_sendrecv_pop_port(zabbix_agent_t)
 +
++corenet_sendrecv_postgresql_client_packets(zabbix_agent_t)
++corenet_tcp_connect_postgresql_port(zabbix_agent_t)
++corenet_tcp_sendrecv_postgresql_port(zabbix_agent_t)
++
 +corenet_sendrecv_smtp_client_packets(zabbix_agent_t)
 +corenet_tcp_connect_smtp_port(zabbix_agent_t)
 +corenet_tcp_sendrecv_smtp_port(zabbix_agent_t)
@@ -116622,7 +116647,7 @@ index 7f496c6..b23f29d 100644
  corenet_sendrecv_zabbix_client_packets(zabbix_agent_t)
  corenet_tcp_connect_zabbix_port(zabbix_agent_t)
  corenet_tcp_sendrecv_zabbix_port(zabbix_agent_t)
-@@ -177,21 +212,49 @@ corenet_tcp_sendrecv_zabbix_port(zabbix_agent_t)
+@@ -177,21 +216,49 @@ corenet_tcp_sendrecv_zabbix_port(zabbix_agent_t)
  dev_getattr_all_blk_files(zabbix_agent_t)
  dev_getattr_all_chr_files(zabbix_agent_t)
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index fef8cc7..1275ff1 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 158.17%{?dist}
+Release: 158.18%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -653,6 +653,16 @@ exit 0
 %endif
 
 %changelog
+* Wed May 18 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-158.18
+- Allow ganesha-ha.sh script running under unconfined_t domain communicate with glusterd_t domains via dbus.
+- Allow ganesha daemon labeled as glusterd_t create /var/lib/nfs/ganesha dir labeled as var_lib_nfs_t.
+- Label /var/log/ganesha.log as gluster_log_t Allow glusterd_t domain to create glusterd_log_t files. Label /var/run/ganesha.pid as gluster_var_run_t.
+- Allow zabbix to connect to postgresql port
+- Label tcp port 8181 as intermapper_port_t.
+- Label tcp/udp port 2024 as xinuexpansion4_port_t
+- Label tcp port 7002 as afs_pt_port_t Label tcp/udp port 2023 as xinuexpansion3_port_t
+- Label tcp port 2004 as mailbox_port_t.
+
 * Tue May 10 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-158.17
 - Revert "Replace generating man/html pages with pages from actual build. This is due to broken userspace with python3 in F23/Rawhide. Please Revert when userspace will be fixed."