diff --git a/policy-f23-contrib.patch b/policy-f23-contrib.patch
index 52b42bd..86a1bee 100644
--- a/policy-f23-contrib.patch
+++ b/policy-f23-contrib.patch
@@ -45704,6 +45704,187 @@ index 4ec0eea..03738f2 100644
+storage_raw_rw_fixed_disk(lsmd_plugin_t)
+storage_read_scsi_generic(lsmd_plugin_t)
+storage_write_scsi_generic(lsmd_plugin_t)
+diff --git a/lttng-tools.fc b/lttng-tools.fc
+new file mode 100644
+index 0000000..bdd17ca
+--- /dev/null
++++ b/lttng-tools.fc
+@@ -0,0 +1,5 @@
++/usr/bin/lttng-sessiond -- gen_context(system_u:object_r:lttng_sessiond_exec_t,s0)
++
++/usr/lib/systemd/system/lttng-sessiond.service -- gen_context(system_u:object_r:lttng_sessiond_unit_file_t,s0)
++
++/var/run/lttng(/.*)? gen_context(system_u:object_r:lttng_sessiond_var_run_t,s0)
+diff --git a/lttng-tools.if b/lttng-tools.if
+new file mode 100644
+index 0000000..6b0da33
+--- /dev/null
++++ b/lttng-tools.if
+@@ -0,0 +1,98 @@
++
++## LTTng 2.x central tracing registry session daemon.
++
++########################################
++##
++## Execute lttng_sessiond_exec_t in the lttng_sessiond domain.
++##
++##
++##
++## Domain allowed to transition.
++##
++##
++#
++interface(`lttng_sessiond_domtrans',`
++ gen_require(`
++ type lttng_sessiond_t, lttng_sessiond_exec_t;
++ ')
++
++ corecmd_search_bin($1)
++ domtrans_pattern($1, lttng_sessiond_exec_t, lttng_sessiond_t)
++')
++
++######################################
++##
++## Execute lttng_sessiond in the caller domain.
++##
++##
++##
++## Domain allowed access.
++##
++##
++#
++interface(`lttng_sessiond_exec',`
++ gen_require(`
++ type lttng_sessiond_exec_t;
++ ')
++
++ corecmd_search_bin($1)
++ can_exec($1, lttng_sessiond_exec_t)
++')
++
++########################################
++##
++## Execute lttng_sessiond server in the lttng_sessiond domain.
++##
++##
++##
++## Domain allowed to transition.
++##
++##
++#
++interface(`lttng_sessiond_systemctl',`
++ gen_require(`
++ type lttng_sessiond_t;
++ type lttng_sessiond_unit_file_t;
++ ')
++
++ systemd_exec_systemctl($1)
++ systemd_read_fifo_file_passwd_run($1)
++ allow $1 lttng_sessiond_unit_file_t:file read_file_perms;
++ allow $1 lttng_sessiond_unit_file_t:service manage_service_perms;
++
++ ps_process_pattern($1, lttng_sessiond_t)
++')
++
++########################################
++##
++## All of the rules required to administrate
++## an lttng_sessiond environment
++##
++##
++##
++## Domain allowed access.
++##
++##
++#
++interface(`lttng_sessiond_admin',`
++ gen_require(`
++ type lttng_sessiond_t;
++ type lttng_sessiond_unit_file_t;
++ ')
++
++ allow $1 lttng_sessiond_t:process { signal_perms };
++ ps_process_pattern($1, lttng_sessiond_t)
++
++ tunable_policy(`deny_ptrace',`',`
++ allow $1 lttng_sessiond_t:process ptrace;
++ ')
++
++ lttng_sessiond_systemctl($1)
++ admin_pattern($1, lttng_sessiond_unit_file_t)
++ allow $1 lttng_sessiond_unit_file_t:service all_service_perms;
++
++ optional_policy(`
++ systemd_passwd_agent_exec($1)
++ systemd_read_fifo_file_passwd_run($1)
++ ')
++')
+diff --git a/lttng-tools.te b/lttng-tools.te
+new file mode 100644
+index 0000000..0b9ade5
+--- /dev/null
++++ b/lttng-tools.te
+@@ -0,0 +1,60 @@
++policy_module(lttng-tools, 1.0.0)
++
++########################################
++#
++# Declarations
++#
++
++type lttng_sessiond_t;
++type lttng_sessiond_exec_t;
++init_daemon_domain(lttng_sessiond_t, lttng_sessiond_exec_t)
++
++type lttng_sessiond_tmpfs_t;
++files_tmpfs_file(lttng_sessiond_tmpfs_t)
++
++type lttng_sessiond_var_run_t;
++files_pid_file(lttng_sessiond_var_run_t)
++
++type lttng_sessiond_unit_file_t;
++systemd_unit_file(lttng_sessiond_unit_file_t)
++
++########################################
++#
++# lttng_sessiond local policy
++#
++
++allow lttng_sessiond_t self:capability { chown setgid setuid fsetid net_admin sys_resource };
++
++allow lttng_sessiond_t self:process { setrlimit signal_perms };
++allow lttng_sessiond_t self:fifo_file rw_fifo_file_perms;
++allow lttng_sessiond_t self:tcp_socket listen;
++allow lttng_sessiond_t self:unix_stream_socket create_stream_socket_perms;
++
++manage_dirs_pattern(lttng_sessiond_t, lttng_sessiond_var_run_t, lttng_sessiond_var_run_t)
++manage_files_pattern(lttng_sessiond_t, lttng_sessiond_var_run_t, lttng_sessiond_var_run_t)
++manage_lnk_files_pattern(lttng_sessiond_t, lttng_sessiond_var_run_t, lttng_sessiond_var_run_t)
++manage_sock_files_pattern(lttng_sessiond_t, lttng_sessiond_var_run_t, lttng_sessiond_var_run_t)
++files_pid_filetrans(lttng_sessiond_t, lttng_sessiond_var_run_t, { dir })
++
++manage_dirs_pattern(lttng_sessiond_t, lttng_sessiond_tmpfs_t, lttng_sessiond_tmpfs_t)
++manage_files_pattern(lttng_sessiond_t, lttng_sessiond_tmpfs_t, lttng_sessiond_tmpfs_t)
++fs_tmpfs_filetrans(lttng_sessiond_t, lttng_sessiond_tmpfs_t, { dir file })
++
++kernel_read_system_state(lttng_sessiond_t)
++kernel_read_net_sysctls(lttng_sessiond_t)
++kernel_read_fs_sysctls(lttng_sessiond_t)
++
++corecmd_exec_shell(lttng_sessiond_t)
++
++corenet_tcp_bind_generic_node(lttng_sessiond_t)
++corenet_tcp_bind_lltng_port(lttng_sessiond_t)
++
++dev_read_sysfs(lttng_sessiond_t)
++
++fs_getattr_tmpfs(lttng_sessiond_t)
++
++auth_use_nsswitch(lttng_sessiond_t)
++
++modutils_exec_insmod(lttng_sessiond_t)
++modutils_read_module_config(lttng_sessiond_t)
++files_read_kernel_modules(lttng_sessiond_t)
diff --git a/mailman.fc b/mailman.fc
index 995d0a5..3d40d59 100644
--- a/mailman.fc
@@ -49099,7 +49280,7 @@ index 6fcfc31..e9e6bc5 100644
+/var/run/mongo.* gen_context(system_u:object_r:mongod_var_run_t,s0)
+/var/run/aeolus/dbomatic\.pid -- gen_context(system_u:object_r:mongod_var_run_t,s0)
diff --git a/mongodb.te b/mongodb.te
-index 169f236..608c584 100644
+index 169f236..f19680b 100644
--- a/mongodb.te
+++ b/mongodb.te
@@ -12,6 +12,9 @@ init_daemon_domain(mongod_t, mongod_exec_t)
@@ -49112,7 +49293,7 @@ index 169f236..608c584 100644
type mongod_log_t;
logging_log_file(mongod_log_t)
-@@ -21,19 +24,25 @@ files_type(mongod_var_lib_t)
+@@ -21,19 +24,26 @@ files_type(mongod_var_lib_t)
type mongod_var_run_t;
files_pid_file(mongod_var_run_t)
@@ -49136,6 +49317,7 @@ index 169f236..608c584 100644
-logging_log_filetrans(mongod_t, mongod_log_t, dir)
+allow mongod_t self:netlink_route_socket r_netlink_socket_perms;
+allow mongod_t self:unix_stream_socket create_stream_socket_perms;
++allow mongod_t self:unix_dgram_socket create_socket_perms;
+allow mongod_t self:udp_socket create_socket_perms;
+allow mongod_t self:tcp_socket { accept listen };
+
@@ -49144,7 +49326,7 @@ index 169f236..608c584 100644
manage_dirs_pattern(mongod_t, mongod_var_lib_t, mongod_var_lib_t)
manage_files_pattern(mongod_t, mongod_var_lib_t, mongod_var_lib_t)
-@@ -41,21 +50,44 @@ files_var_lib_filetrans(mongod_t, mongod_var_lib_t, dir)
+@@ -41,21 +51,44 @@ files_var_lib_filetrans(mongod_t, mongod_var_lib_t, dir)
manage_dirs_pattern(mongod_t, mongod_var_run_t, mongod_var_run_t)
manage_files_pattern(mongod_t, mongod_var_run_t, mongod_var_run_t)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 38ac1f8..2db696f 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.13.1
-Release: 158.6%{?dist}
+Release: 158.7%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
@@ -659,6 +659,12 @@ exit 0
%endif
%changelog
+* Wed Feb 17 2016 Lukas Vrabec 3.13.1-158.7
+- Add SELinux policy for LTTng 2.x central tracing registry session daemon. rhbz#1309235
+- Allow create mongodb unix dgram sockets. rhbz#1306819
+- Allow setroubleshoot_fixit_t to use temporary files
+- Use mmap_file_perms instead of exec_file_perms in setroubleshoot policy to shave off the execute_no_trans permission. Based on a github communication with Dominick Grift.
+
* Thu Feb 11 2016 Lukas Vrabec 3.13.1-158.6
- Allow setroubleshoot_fixit_t to use temporary files
- Use mmap_file_perms instead of exec_file_perms in setroubleshoot policy to shave off the execute_no_trans permission. Based on a github communication with Dominick Grift.