diff --git a/policy-F13.patch b/policy-F13.patch
index 734cd08..a072ef2 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -3303,7 +3303,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.if s
+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te serefpolicy-3.7.17/policy/modules/apps/gpg.te
--- nsaserefpolicy/policy/modules/apps/gpg.te 2009-12-04 09:43:33.000000000 -0500
-+++ serefpolicy-3.7.17/policy/modules/apps/gpg.te 2010-03-30 12:45:14.000000000 -0400
++++ serefpolicy-3.7.17/policy/modules/apps/gpg.te 2010-03-30 13:35:12.000000000 -0400
@@ -20,6 +20,7 @@
typealias gpg_t alias { auditadm_gpg_t secadm_gpg_t };
application_domain(gpg_t, gpg_exec_t)
@@ -3380,7 +3380,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
mta_write_config(gpg_t)
-@@ -126,15 +143,24 @@
+@@ -126,15 +143,20 @@
')
optional_policy(`
@@ -3393,14 +3393,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
optional_policy(`
- cron_system_entry(gpg_t, gpg_exec_t)
- cron_read_system_job_tmp_files(gpg_t)
-+ mutt_rw_tmp_files(gpg_t)
- ')
-
-+optional_policy(`
+ xserver_use_xdm_fds(gpg_t)
+ xserver_rw_xdm_pipes(gpg_t)
-+')
-+
+ ')
+
+#optional_policy(`
+# cron_system_entry(gpg_t, gpg_exec_t)
+# cron_read_system_job_tmp_files(gpg_t)
@@ -3409,7 +3405,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
########################################
#
# GPG helper local policy
-@@ -184,6 +210,7 @@
+@@ -184,6 +206,7 @@
#
# GPG agent local policy
#
@@ -3417,7 +3413,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
# rlimit: gpg-agent wants to prevent coredumps
allow gpg_agent_t self:process setrlimit;
-@@ -206,6 +233,7 @@
+@@ -206,6 +229,7 @@
stream_connect_pattern(gpg_t, gpg_agent_tmp_t, gpg_agent_tmp_t, gpg_agent_t)
corecmd_search_bin(gpg_agent_t)
@@ -3425,7 +3421,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
domain_use_interactive_fds(gpg_agent_t)
-@@ -242,26 +270,62 @@
+@@ -242,26 +266,62 @@
# Pinentry local policy
#
@@ -3489,19 +3485,19 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/gpg.te s
tunable_policy(`use_nfs_home_dirs',`
fs_read_nfs_files(gpg_pinentry_t)
')
-@@ -271,5 +335,24 @@
+@@ -271,5 +331,24 @@
')
optional_policy(`
- xserver_stream_connect(gpg_pinentry_t)
+ dbus_session_bus_client(gpg_pinentry_t)
+ dbus_system_bus_client(gpg_pinentry_t)
-+')
+ ')
+
+optional_policy(`
+ gnome_write_generic_cache_files(gpg_pinentry_t)
+ gnome_read_generic_cache_files(gpg_pinentry_t)
- ')
++')
+
+optional_policy(`
+ pulseaudio_exec(gpg_pinentry_t)
@@ -5238,6 +5234,59 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/podsleut
optional_policy(`
dbus_system_bus_client(podsleuth_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.if serefpolicy-3.7.17/policy/modules/apps/pulseaudio.if
+--- nsaserefpolicy/policy/modules/apps/pulseaudio.if 2010-03-29 15:04:22.000000000 -0400
++++ serefpolicy-3.7.17/policy/modules/apps/pulseaudio.if 2010-03-30 13:41:28.000000000 -0400
+@@ -186,6 +186,26 @@
+
+ ########################################
+ ##
++## Read and write Pulse Audio files.
++##
++##
++##
++## Domain allowed access.
++##
++##
++#
++interface(`pulseaudio_rw_home_files',`
++ gen_require(`
++ type pulseaudio_home_t;
++ ')
++
++ rw_files_pattern($1, pulseaudio_home_t, pulseaudio_home_t)
++ rw_files_pattern($1, pulseaudio_home_t, pulseaudio_home_t)
++ userdom_search_user_home_dirs($1)
++')
++
++########################################
++##
+ ## Create, read, write, and delete pulseaudio
+ ## home directory files.
+ ##
+@@ -203,3 +223,22 @@
+ userdom_search_user_home_dirs($1)
+ manage_files_pattern($1, pulseaudio_home_t, pulseaudio_home_t)
+ ')
++
++########################################
++##
++## Send signull signal to pulseaudio
++## processes.
++##
++##
++##
++## Domain allowed access.
++##
++##
++#
++interface(`pulseaudio_signull',`
++ gen_require(`
++ type pulseaudio_t;
++ ')
++
++ allow $1 pulseaudio_t:process signull;
++')
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/pulseaudio.te serefpolicy-3.7.17/policy/modules/apps/pulseaudio.te
--- nsaserefpolicy/policy/modules/apps/pulseaudio.te 2010-03-29 15:04:22.000000000 -0400
+++ serefpolicy-3.7.17/policy/modules/apps/pulseaudio.te 2010-03-29 15:36:07.000000000 -0400
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 5b52ec0..da8c547 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.7.17
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -466,6 +466,9 @@ exit 0
%endif
%changelog
+* Tue Mar 30 2010 Dan Walsh 3.7.17-2
+- Mege patches from dgrift
+
* Mon Mar 29 2010 Dan Walsh 3.7.17-1
- Update upstream