diff --git a/selinux-policy.spec b/selinux-policy.spec
index dafe020..db56f78 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.10.0
-Release: 46%{?dist}
+Release: 46.1%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -481,7 +481,10 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
-* Fri Oct 20 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-46
+* Thu Oct 21 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-46.1
+- Turn on mock_t and thumb_t for unconfined domains
+
+* Fri Oct 21 2011 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-46
 - Policy update should not modify local contexts
 
 * Thu Oct 20 2011 Dan Walsh <dwalsh@redhat.com> 3.10.0-45.1
diff --git a/userdomain.patch b/userdomain.patch
index d6359f1..28f1aa2 100644
--- a/userdomain.patch
+++ b/userdomain.patch
@@ -1388,3 +1388,24 @@ diff -up serefpolicy-3.10.0/policy/modules/system/userdomain.te.userdomain seref
 +optional_policy(`
 +	slrnpull_search_spool(common_userdomain)
 +')
+diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
+index b1e60db..67b58eb 100644
+--- a/policy/modules/roles/unconfineduser.te
++++ b/policy/modules/roles/unconfineduser.te
+@@ -346,9 +346,13 @@ optional_policy(`
+ 	lpd_run_checkpc(unconfined_t, unconfined_r)
+ ')
+ 
+-#optional_policy(`
+-#	mock_role(unconfined_r, unconfined_t)
+-#')
++optional_policy(`
++	mock_role(unconfined_r, unconfined_t)
++')
++
++optional_policy(`
++	thumb_role($1_r, $1_usertype)
++')
+ 
+ optional_policy(`
+ 	modutils_run_update_mods(unconfined_t, unconfined_r)