diff --git a/policy/modules/apps/slocate.te b/policy/modules/apps/slocate.te
index 7bf34d1..b9d58ec 100644
--- a/policy/modules/apps/slocate.te
+++ b/policy/modules/apps/slocate.te
@@ -1,5 +1,5 @@
-policy_module(slocate,1.6.0)
+policy_module(slocate,1.6.1)
#################################
#
@@ -39,6 +39,7 @@ dev_getattr_all_chr_files(locate_t)
files_list_all(locate_t)
files_getattr_all_files(locate_t)
+files_getattr_all_pipes(locate_t)
files_getattr_all_sockets(locate_t)
files_read_etc_runtime_files(locate_t)
files_read_etc_files(locate_t)
diff --git a/policy/modules/services/lpd.if b/policy/modules/services/lpd.if
index 9517dd6..1d91026 100644
--- a/policy/modules/services/lpd.if
+++ b/policy/modules/services/lpd.if
@@ -336,10 +336,8 @@ interface(`lpd_manage_spool',`
')
files_search_spool($1)
- manage_files_pattern($1,print_spool_t,print_spool_t)
-
- # cjp: cups wants setattr
- allow $1 print_spool_t:dir setattr;
+ manage_dirs_pattern($1, print_spool_t, print_spool_t)
+ manage_files_pattern($1, print_spool_t, print_spool_t)
')
########################################
diff --git a/policy/modules/services/lpd.te b/policy/modules/services/lpd.te
index 243c2fd..9e9e7c1 100644
--- a/policy/modules/services/lpd.te
+++ b/policy/modules/services/lpd.te
@@ -1,5 +1,5 @@
-policy_module(lpd,1.8.0)
+policy_module(lpd,1.8.1)
########################################
#
diff --git a/policy/modules/services/nx.fc b/policy/modules/services/nx.fc
index 3a294f3..21c47c6 100644
--- a/policy/modules/services/nx.fc
+++ b/policy/modules/services/nx.fc
@@ -3,3 +3,5 @@
/opt/NX/home/nx/\.ssh(/.*)? gen_context(system_u:object_r:nx_server_home_ssh_t,s0)
/opt/NX/var(/.*)? gen_context(system_u:object_r:nx_server_var_run_t,s0)
+
+/usr/libexec/nx/nxserver -- gen_context(system_u:object_r:nx_server_exec_t,s0)
diff --git a/policy/modules/services/nx.te b/policy/modules/services/nx.te
index e1b0bfb..77506de 100644
--- a/policy/modules/services/nx.te
+++ b/policy/modules/services/nx.te
@@ -1,5 +1,5 @@
-policy_module(nx,1.2.0)
+policy_module(nx,1.2.1)
########################################
#
diff --git a/policy/modules/services/pcscd.te b/policy/modules/services/pcscd.te
index 5ac702f..75108a4 100644
--- a/policy/modules/services/pcscd.te
+++ b/policy/modules/services/pcscd.te
@@ -1,5 +1,5 @@
-policy_module(pcscd,1.3.0)
+policy_module(pcscd,1.3.1)
########################################
#
@@ -45,6 +45,7 @@ dev_search_sysfs(pcscd_t)
files_read_etc_files(pcscd_t)
files_read_etc_runtime_files(pcscd_t)
+term_use_unallocated_ttys(pcscd_t)
term_dontaudit_getattr_pty_dirs(pcscd_t)
libs_use_ld_so(pcscd_t)
diff --git a/policy/modules/system/hotplug.te b/policy/modules/system/hotplug.te
index e64bd24..fee617a 100644
--- a/policy/modules/system/hotplug.te
+++ b/policy/modules/system/hotplug.te
@@ -1,5 +1,5 @@
-policy_module(hotplug,1.7.0)
+policy_module(hotplug,1.7.1)
########################################
#
@@ -179,6 +179,7 @@ optional_policy(`
sysnet_read_dhcpc_pid(hotplug_t)
sysnet_rw_dhcp_config(hotplug_t)
sysnet_domtrans_ifconfig(hotplug_t)
+ sysnet_signal_ifconfig(hotplug_t)
')
optional_policy(`
diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
index 2e36272..e8bd0c7 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -443,6 +443,25 @@ interface(`sysnet_exec_ifconfig',`
########################################
##
+## Send a generic signal to ifconfig.
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`sysnet_signal_ifconfig',`
+ gen_require(`
+ type ifconfig_t;
+ ')
+
+ allow $1 ifconfig_t:process signal;
+')
+
+########################################
+##
## Read the DHCP configuration files.
##
##
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index 592b280..adb68d0 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -1,5 +1,5 @@
-policy_module(sysnetwork,1.5.1)
+policy_module(sysnetwork,1.5.2)
########################################
#