diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 862ae61b..cc9f283f 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -44,6 +44,8 @@ ifdef(`distro_redhat',`
 /etc/cipe/ip-up.*		--	gen_context(system_u:object_r:bin_t,s0)
 /etc/cipe/ip-down.*		--	gen_context(system_u:object_r:bin_t,s0)
 
+/etc/ConsoleKit/run-session.d(/.*)?	gen_context(system_u:object_r:bin_t,s0)
+
 /etc/cron.daily/.*		--	gen_context(system_u:object_r:bin_t,s0)
 /etc/cron.hourly/.*		--	gen_context(system_u:object_r:bin_t,s0)
 /etc/cron.weekly/.*		--	gen_context(system_u:object_r:bin_t,s0)
@@ -146,6 +148,8 @@ ifdef(`distro_gentoo',`
 /usr/lib/qt.*/bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
 /usr/lib(64)?/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:bin_t,s0)
 /usr/lib(64)?/apt/methods.+	--	gen_context(system_u:object_r:bin_t,s0)
+/usr/lib(64)?/ConsoleKit/scripts(/.*)?  gen_context(system_u:object_r:bin_t,s0)
+/usr/lib(64)?/ConsoleKit/run-session.d(/.*)?  gen_context(system_u:object_r:bin_t,s0)
 /usr/lib(64)?/courier(/.*)?		gen_context(system_u:object_r:bin_t,s0)
 /usr/lib(64)?/cups(/.*)? 		gen_context(system_u:object_r:bin_t,s0)
 
@@ -183,10 +187,8 @@ ifdef(`distro_gentoo',`
 /usr/libexec/openssh/sftp-server --	gen_context(system_u:object_r:bin_t,s0)
 
 /usr/local/lib(64)?/ipsec/.*	-- 	gen_context(system_u:object_r:bin_t,s0)
-/usr/local/Brother(/.*)?/cupswrapper(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/local/Brother(/.*)?/lpd(/.*)?	gen_context(system_u:object_r:bin_t,s0)
-/usr/local/Printer/[^/]*/cupswrapper(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/local/Printer/[^/]*/lpd(/.*)?     	gen_context(system_u:object_r:bin_t,s0)
+/usr/local/Brother(/.*)?		gen_context(system_u:object_r:bin_t,s0)
+/usr/local/Printer(/.*)?		gen_context(system_u:object_r:bin_t,s0)
 /usr/local/linuxprinter/filters(/.*)?   gen_context(system_u:object_r:bin_t,s0)
 
 /usr/sbin/scponlyc		--	gen_context(system_u:object_r:shell_exec_t,s0)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index eacdfeb9..55ab6f25 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,5 +1,5 @@
 
-policy_module(corecommands, 1.10.0)
+policy_module(corecommands, 1.10.1)
 
 ########################################
 #
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index 0b7acadd..61aa4321 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -29,6 +29,7 @@ ifdef(`distro_suse',`
 /boot			-d	gen_context(system_u:object_r:boot_t,s0)
 /boot/.*			gen_context(system_u:object_r:boot_t,s0)
 /boot/\.journal			<<none>>
+/boot/efi(/.*)?/System\.map(-.*)? -- gen_context(system_u:object_r:system_map_t,s0)
 /boot/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
 /boot/lost\+found/.*		<<none>>
 /boot/System\.map(-.*)?	--	gen_context(system_u:object_r:system_map_t,s0)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index acede285..97a406c1 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -935,6 +935,32 @@ interface(`files_relabel_all_files',`
 	seutil_relabelto_bin_policy($1)
 ')
 
+########################################
+## <summary>
+##	rw all files on the filesystem, except
+##	the listed exceptions.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	The type of the domain perfoming this action.
+##	</summary>
+## </param>
+## <param name="exception_types" optional="true">
+##	<summary>
+##	The types to be excluded.  Each type or attribute
+##	must be negated by the caller.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`files_rw_all_files',`
+	gen_require(`
+		attribute file_type;
+	')
+
+	rw_files_pattern($1, { file_type $2 }, { file_type $2 })
+')
+
 ########################################
 ## <summary>
 ##	Manage all files on the filesystem, except
@@ -2742,6 +2768,24 @@ interface(`files_manage_mnt_files',`
 	manage_files_pattern($1, mnt_t, mnt_t)
 ')
 
+########################################
+## <summary>
+##	read files in /mnt.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_read_mnt_files',`
+	gen_require(`
+		type mnt_t;
+	')
+
+	read_files_pattern($1, mnt_t, mnt_t)
+')
+
 ########################################
 ## <summary>
 ##	Create, read, write, and delete symbolic links in /mnt.
@@ -3161,6 +3205,24 @@ interface(`files_dontaudit_list_tmp',`
 	dontaudit $1 tmp_t:dir list_dir_perms;
 ')
 
+########################################
+## <summary>
+##	Remove entries from the tmp directory.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_delete_tmp_dir_entry',`
+	gen_require(`
+		type tmp_t;
+	')
+
+	allow $1 tmp_t:dir del_entry_dir_perms;
+')
+
 ########################################
 ## <summary>
 ##	Read files in the tmp directory (/tmp).
@@ -3469,6 +3531,42 @@ interface(`files_dontaudit_rw_usr_dirs',`
 	dontaudit $1 usr_t:dir rw_dir_perms;
 ')
 
+########################################
+## <summary>
+##	Delete generic directories in /usr in the caller domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_delete_usr_dirs',`
+	gen_require(`
+		type usr_t;
+	')
+
+	allow $1 usr_t:file delete_dir_perms;
+')
+
+########################################
+## <summary>
+##	Delete generic files in /usr in the caller domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_delete_usr_files',`
+	gen_require(`
+		type usr_t;
+	')
+
+	allow $1 usr_t:file delete_file_perms;
+')
+
 ########################################
 ## <summary>
 ##	Get the attributes of files in /usr.
@@ -3527,6 +3625,24 @@ interface(`files_exec_usr_files',`
 	read_lnk_files_pattern($1, usr_t, usr_t)
 ')
 
+########################################
+## <summary>
+##	dontaudit write of /usr files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_dontaudit_write_usr_files',`
+	gen_require(`
+		type usr_t;
+	')
+
+	dontaudit $1 usr_t:file write;
+')
+
 ########################################
 ## <summary>
 ##	Create, read, write, and delete files in the /usr directory.
@@ -4401,6 +4517,24 @@ interface(`files_list_pids',`
 	list_dirs_pattern($1, var_t, var_run_t)
 ')
 
+########################################
+## <summary>
+##	Read generic process ID files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`files_read_generic_pids',`
+	gen_require(`
+		type var_t, var_run_t;
+	')
+
+	read_files_pattern($1, { var_t var_run_t }, var_run_t)
+')
+
 ########################################
 ## <summary>
 ##	Create an object in the process ID directory, with a private
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index ead13e57..597b12a5 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,5 +1,5 @@
 
-policy_module(files, 1.10.0)
+policy_module(files, 1.10.1)
 
 ########################################
 #
@@ -174,6 +174,7 @@ files_lock_file(var_lock_t)
 #
 type var_run_t;
 files_pid_file(var_run_t)
+files_mountpoint(var_run_t)
 
 #
 # var_spool_t is the type of /var/spool