diff --git a/.cvsignore b/.cvsignore
index fa6bbd1..4f364b7 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -6,3 +6,4 @@ cachefilesd-0.5.tar.bz2
 cachefilesd-0.6.tar.bz2
 cachefilesd-0.7.tar.bz2
 cachefilesd-0.9.tar.bz2
+cachefilesd-0.10.tar.bz2
diff --git a/cachefilesd-0.10-security-contexts.patch b/cachefilesd-0.10-security-contexts.patch
new file mode 100644
index 0000000..8268889
--- /dev/null
+++ b/cachefilesd-0.10-security-contexts.patch
@@ -0,0 +1,27 @@
+commit e8ce3e8205c9aabfe61bc3b34142b9b98e4e0611
+Author: Steve Dickson <steved@redhat.com>
+Date:   Sat Feb 27 05:00:57 2010 -0500
+
+    Set default SELinux security contexts on startup.
+    
+    Make sure the SELinux security contexts are set on files
+    and directories that the cachefilesd daemon needs to access.
+    
+    Signed-off-by: Steve Dickson <steved@redhat.com>
+
+diff --git a/cachefilesd.initd b/cachefilesd.initd
+index 06c4237..bbddcbc 100755
+--- a/cachefilesd.initd
++++ b/cachefilesd.initd
+@@ -49,6 +49,11 @@ case "$1" in
+ 		fi
+ 	}
+ 
++	# Set security contexts 
++	/sbin/restorecon /sbin/cachefilesd
++	/sbin/restorecon /dev/cachefiles
++	/sbin/restorecon -R /var/fscache
++
+ 	# Start daemon.
+ 	daemon --pidfile=$PIDFILE $PROG ${OPTIONS}
+ 	RETVAL=$?
diff --git a/cachefilesd.spec b/cachefilesd.spec
index 8704d6d..cb711bc 100644
--- a/cachefilesd.spec
+++ b/cachefilesd.spec
@@ -1,27 +1,48 @@
+%define selinux_variants mls strict targeted
+%define selinux_policyver %(sed -e 's,.*selinux-policy-\\([^/]*\\)/.*,\\1,' /usr/share/selinux/devel/policyhelp)
+
 Name:           cachefilesd
-Version:        0.9
-Release:        3%{?dist}
+Version:        0.10
+Release:        1%{?dist}
 Summary:        CacheFiles userspace management daemon
 Group:          System Environment/Daemons
-License:        GPLv2+
+License:        GPL
 URL:  		http://people.redhat.com/~dhowells/fscache/
 Source0:        http://people.redhat.com/dhowells/fscache/cachefilesd-%{version}.tar.bz2
 
+Patch00: cachefilesd-0.10-security-contexts.patch
+
 BuildRoot:      %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
-BuildRequires: automake, autoconf
+BuildRequires: automake, autoconf, selinux-policy-doc
 Requires(post): /sbin/chkconfig, /sbin/service
 Requires(preun): /sbin/chkconfig, /sbin/service
+Requires:       %{name}-selinux = %{version}-%{release}
 
 %description
 The cachefilesd daemon manages the caching files and directory that are
-that are used by network filesystems such a AFS and NFS to  
+that are used by network filesystems such a AFS and NFS to
 do persistent caching to the local disk.
 
+%package selinux
+Summary:        SELinux policy module supporting cachefilesd
+Group:          System Environment/Base
+BuildRequires:  checkpolicy, selinux-policy-devel, hardlink
+%if "%{selinux_policyver}" != ""
+Requires:       selinux-policy >= %{selinux_policyver}
+%endif
+Requires(post):   /usr/sbin/semodule, /sbin/restorecon
+Requires(postun): /usr/sbin/semodule, /sbin/restorecon
+
+%description selinux
+SELinux policy module supporting cachefilesd
+
 %prep
 %setup -q
 
+%patch00 -p1
+
 %build
-%ifarch s390 s390x sparcv9 sparc64
+%ifarch s390 s390x
 PIE="-fPIE"
 %else
 PIE="-fpie"
@@ -31,6 +52,17 @@ CFLAGS="`echo $RPM_OPT_FLAGS $ARCH_OPT_FLAGS $PIE`"
 
 make all
 
+# Build SELinux policy modules
+cd selinux
+for selinuxvariant in %{selinux_variants}
+do
+    make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
+    mkdir ${selinuxvariant}
+    mv cachefilesd.pp ${selinuxvariant}/cachefilesd.pp
+    bzip2 -9 ${selinuxvariant}/cachefilesd.pp
+    make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
+done
+cd -
 
 %install
 rm -rf %{buildroot}
@@ -38,17 +70,45 @@ mkdir -p %{buildroot}/sbin
 mkdir -p %{buildroot}%{_sysconfdir}/rc.d/init.d
 mkdir -p %{buildroot}%{_mandir}/{man5,man8}
 mkdir -p %{buildroot}/usr/share/doc/%{name}-%{version}
+mkdir -p %{buildroot}/usr/share/doc/%{name}-selinux-%{version}
+mkdir -p %{buildroot}%{_localstatedir}/fscache
 make DESTDIR=%{buildroot} install
 
 install -m 644 cachefilesd.conf %{buildroot}%{_sysconfdir}
 install -m 755 cachefilesd.initd %{buildroot}%{_sysconfdir}/rc.d/init.d/cachefilesd
+install -m 644 selinux/move-cache.txt %{buildroot}/usr/share/doc/%{name}-selinux-%{version}/
+
+# Install SELinux policy modules
+cd selinux
+for selinuxvariant in %{selinux_variants}
+do
+    install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
+    install -p -m 644 ${selinuxvariant}/cachefilesd.pp.bz2 \
+           %{buildroot}%{_datadir}/selinux/${selinuxvariant}
+done
+cd -
+
+# Hardlink identical policy module packages together
+/usr/sbin/hardlink -cv %{buildroot}%{_datadir}/selinux
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
-%post 
+%post
 /sbin/chkconfig --add %{name}
 
+if [ "$1" -ge 1 ]; then
+	/sbin/service cachefilesd condrestart > /dev/null
+fi
+
+%post selinux
+# Install SELinux policy modules
+for selinuxvariant in %{selinux_variants}
+do
+  /usr/sbin/semodule -s ${selinuxvariant} -i \
+    %{_datadir}/selinux/${selinuxvariant}/cachefilesd.pp.bz2 &> /dev/null || :
+done
+
 %preun
 if [ $1 -eq 0 ]; then
 	/sbin/service cachefilesd stop
@@ -56,10 +116,23 @@ if [ $1 -eq 0 ]; then
 fi
 
 %postun
-if [ "$1" -ge 1 ]; then
-	/sbin/service cachefilesd condrestart > /dev/null
+if [ $1 -eq 0 ]; then
+	# Fix up non-standard directory context
+	/sbin/restorecon -R %{_localstatedir}/fscache || :
 fi
 
+%postun selinux
+# Clean up after package removal
+if [ $1 -eq 0 ]; then
+  # Remove SELinux policy modules
+  for selinuxvariant in %{selinux_variants}
+  do
+    /usr/sbin/semodule -s ${selinuxvariant} -r cachefilesd &> /dev/null || :
+  done
+  # Clean up any remaining file contexts (shouldn't be any really)
+  [ -d %{_localstatedir}/fscache ] && \
+    /sbin/restorecon -R %{_localstatedir}/fscache &> /dev/null || :
+fi
 
 %files
 %defattr(-,root,root)
@@ -69,26 +142,51 @@ fi
 %attr(0755,root,root) %{_sysconfdir}/rc.d/init.d/cachefilesd
 /sbin/*
 %{_mandir}/*/*
+%{_localstatedir}/fscache
+
+%files selinux
+%defattr(-,root,root,0755)
+%doc selinux/move-cache.txt
+%doc selinux/*.fc
+%doc selinux/*.if
+%doc selinux/*.te
+%{_datadir}/selinux/*/cachefilesd.pp.bz2
 
 %changelog
-* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
 
-* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+* Thu Feb 25 2010 David Howells <dhowells@redhat.com>
+- Fix the SELinux policies for cachefilesd.
+- Compress the installed policy files.
 
-* Fri Jan  9 2009 Steve Dickson <steved@redhat.com> 0.9-1
-- Upgraded to latest upstream version: 0.9
+* Tue Feb 23 2010 David Howells <dhowells@redhat.com>
+- Must include sys/stat.h to use stat() and co. [RH BZ 565135].
+- Remove tail comments from functions.
 
-* Tue Jul 15 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.7-5
-- fix license tag
+* Thu Aug 9 2007 David Howells <dhowells@redhat.com> 0.9-1
+- The cachefiles module no longer accepts directory fds on cull and inuse
+  commands, but rather uses current working directory.
 
-* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.7-4
-- Autorebuild for GCC 4.3
+* Mon Jul 2 2007 David Howells <dhowells@redhat.com> 0.8-16
+- Use stat64/fstatat64 to avoid EOVERFLOW errors from the kernel on large files.
+
+* Tue Nov 15 2006 David Howells <dhowells@redhat.com> 0.8-15
+- Made cachefilesd ask the kernel whether cullable objects are in use and omit
+  them from the cull table if they are.
+- Made the size of cachefilesd's culling tables configurable.
+- Updated the manual pages.
+
+* Mon Nov 14 2006 David Howells <dhowells@redhat.com> 0.8-14
+- Documented SELinux interaction.
+
+* Fri Nov 10 2006 David Howells <dhowells@redhat.com> 0.8-11
+- Include SELinux policy for cachefilesd.
 
 * Thu Oct 19 2006 Steve Dickson <steved@redhat.com> 0.7-3
-- Fixed typo that was causing the howto.txt not to
-  be installed.
+- Fixed typo that was causing the howto.txt not to be installed.
+
+* Tue Oct 17 2006 David Howells <dhowells@redhat.com> 0.8-1
+- Use /dev/cachefiles if it present in preference to /proc/fs/cachefiles.
+- Use poll rather than SIGURG on /dev/cachefilesd.
 
 * Sun Oct 01 2006 Jesse Keating <jkeating@redhat.com> - 0.7-2
 - rebuilt for unwind info generation, broken in gcc-4.1.1-21
@@ -101,7 +199,7 @@ fi
 - Added the fcull/fstop/frun options
 
 * Fri Aug 11 2006 Steve Dickson <steved@redhat.com> 0.5-1
-- Upgraded to 0.5 which fixed initial scan problem when 
+- Upgraded to 0.5 which fixed initial scan problem when
   started on an empty cache (bz 202184)
 
 * Tue Aug  8 2006 Steve Dickson <steved@redhat.com> 0.4-3
@@ -120,7 +218,7 @@ fi
 
 * Fri Jul 28 2006 Steve Dickson <steved@redhat.com> 0.3-2
 - Added post and preun rules
-- Changed init.d script to up right before portmapper. 
+- Changed init.d script to up right before portmapper.
 
 * Fri Jun  9 2006 Steve Dickson <steved@redhat.com> 0.3-1
 - Incorporated David Howells manual page updates
@@ -132,4 +230,3 @@ fi
 
 * Sat Apr 22 2006 Steve Dickson <steved@redhat.com> 0.1-1
 - Initial commit
-
diff --git a/sources b/sources
index a12e7e0..0e1fdb5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-6c674f253f61dd61e26c60ce3edc02c5  cachefilesd-0.9.tar.bz2
+ba27ed4b5e8165c46175501bf703ac08  cachefilesd-0.10.tar.bz2