diff --git a/policy-20081111.patch b/policy-20081111.patch
index d082bd26..1af67ab1 100644
--- a/policy-20081111.patch
+++ b/policy-20081111.patch
@@ -3313,7 +3313,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/qemu.te serefpolicy-3.6.1/policy/modules/apps/qemu.te
 --- nsaserefpolicy/policy/modules/apps/qemu.te	2008-11-11 16:13:42.000000000 -0500
-+++ serefpolicy-3.6.1/policy/modules/apps/qemu.te	2008-11-25 09:45:43.000000000 -0500
++++ serefpolicy-3.6.1/policy/modules/apps/qemu.te	2008-12-04 16:29:05.000000000 -0500
 @@ -6,6 +6,8 @@
  # Declarations
  #
@@ -3323,7 +3323,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ## <desc>
  ## <p>
  ## Allow qemu to connect fully to the network
-@@ -13,16 +15,99 @@
+@@ -13,16 +15,98 @@
  ## </desc>
  gen_tunable(qemu_full_network, false)
  
@@ -3392,9 +3392,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +fs_rw_anon_inodefs_files(qemutype)
 +fs_rw_tmpfs_files(qemutype)
 +
-+term_use_ptmx(qemutype)
++term_use_all_terms(qemutype)
 +term_getattr_pty_fs(qemutype)
-+term_use_generic_ptys(qemutype)
 +
 +auth_use_nsswitch(qemutype)
 +
@@ -3423,7 +3422,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  tunable_policy(`qemu_full_network',`
  	allow qemu_t self:udp_socket create_socket_perms;
  
-@@ -35,6 +120,30 @@
+@@ -35,6 +119,30 @@
  	corenet_tcp_connect_all_ports(qemu_t)
  ')
  
@@ -7991,7 +7990,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.6.1/policy/modules/services/apache.te
 --- nsaserefpolicy/policy/modules/services/apache.te	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.1/policy/modules/services/apache.te	2008-11-25 09:45:43.000000000 -0500
++++ serefpolicy-3.6.1/policy/modules/services/apache.te	2008-12-04 14:56:42.000000000 -0500
 @@ -19,6 +19,8 @@
  # Declarations
  #
@@ -8570,22 +8569,18 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
  	fs_read_cifs_files(httpd_sys_script_t)
  	fs_read_cifs_symlinks(httpd_sys_script_t)
-@@ -724,10 +921,10 @@
+@@ -724,6 +921,10 @@
  optional_policy(`
  	mysql_stream_connect(httpd_sys_script_t)
  	mysql_rw_db_sockets(httpd_sys_script_t)
--')
--
--optional_policy(`
--	postgresql_stream_connect(httpd_sys_script_t)
 +	mysql_read_config(httpd_sys_script_t)
 +	mysql_stream_connect(httpd_suexec_t)
 +	mysql_rw_db_sockets(httpd_suexec_t)
 +	mysql_read_config(httpd_suexec_t)
  ')
  
- ########################################
-@@ -735,6 +932,8 @@
+ optional_policy(`
+@@ -735,6 +936,8 @@
  # httpd_rotatelogs local policy
  #
  
@@ -8594,7 +8589,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  manage_files_pattern(httpd_rotatelogs_t, httpd_log_t, httpd_log_t)
  
  kernel_read_kernel_sysctls(httpd_rotatelogs_t)
-@@ -762,3 +961,66 @@
+@@ -762,3 +965,66 @@
  	userdom_search_user_home_dirs(httpd_suexec_t)
  	userdom_search_user_home_dirs(httpd_user_script_t)
  ')
@@ -12845,7 +12840,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/munin.te serefpolicy-3.6.1/policy/modules/services/munin.te
 --- nsaserefpolicy/policy/modules/services/munin.te	2008-11-11 16:13:46.000000000 -0500
-+++ serefpolicy-3.6.1/policy/modules/services/munin.te	2008-12-02 15:10:58.000000000 -0500
++++ serefpolicy-3.6.1/policy/modules/services/munin.te	2008-12-04 16:14:16.000000000 -0500
 @@ -13,6 +13,9 @@
  type munin_etc_t alias lrrd_etc_t;
  files_config_file(munin_etc_t)
@@ -12898,7 +12893,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  corenet_all_recvfrom_unlabeled(munin_t)
  corenet_all_recvfrom_netlabel(munin_t)
-@@ -73,24 +82,35 @@
+@@ -73,24 +82,36 @@
  corenet_udp_sendrecv_all_nodes(munin_t)
  corenet_tcp_sendrecv_all_ports(munin_t)
  corenet_udp_sendrecv_all_ports(munin_t)
@@ -12909,6 +12904,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  dev_read_sysfs(munin_t)
  dev_read_urand(munin_t)
++fs_list_inotifyfs(munin_t)
  
  domain_use_interactive_fds(munin_t)
 +domain_read_all_domains_state(munin_t)
@@ -12935,7 +12931,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  userdom_dontaudit_use_unpriv_user_fds(munin_t)
  userdom_dontaudit_search_user_home_dirs(munin_t)
-@@ -105,7 +125,30 @@
+@@ -105,7 +126,30 @@
  ')
  
  optional_policy(`
@@ -12967,7 +12963,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ')
  
  optional_policy(`
-@@ -115,3 +158,10 @@
+@@ -115,3 +159,10 @@
  optional_policy(`
  	udev_read_db(munin_t)
  ')
@@ -15630,8 +15626,8 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/polkit.te serefpolicy-3.6.1/policy/modules/services/polkit.te
 --- nsaserefpolicy/policy/modules/services/polkit.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.6.1/policy/modules/services/polkit.te	2008-12-04 11:20:36.000000000 -0500
-@@ -0,0 +1,222 @@
++++ serefpolicy-3.6.1/policy/modules/services/polkit.te	2008-12-04 16:37:06.000000000 -0500
+@@ -0,0 +1,224 @@
 +policy_module(polkit_auth, 1.0.0)
 +
 +########################################
@@ -15701,8 +15697,11 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +manage_files_pattern(polkit_t, polkit_var_run_t, polkit_var_run_t)
 +files_pid_filetrans(polkit_t, polkit_var_run_t, { file dir })
 +
++userdom_read_all_users_state(polkit_t)
++
 +optional_policy(`
 +	dbus_system_domain(polkit_t, polkit_exec_t)
++
 +	optional_policy(`
 +		consolekit_dbus_chat(polkit_t)
 +	')
@@ -15741,11 +15740,10 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +manage_files_pattern(polkit_auth_t, polkit_var_run_t, polkit_var_run_t)
 +files_pid_filetrans(polkit_auth_t, polkit_var_run_t, { file dir })
 +
-+userdom_read_all_users_state(polkit_t)
 +userdom_dontaudit_read_user_home_content_files(polkit_auth_t)
 +
 +optional_policy(`
-+	cron_read_system_job_lib_files(polkit_t)
++	cron_read_system_job_lib_files(polkit_auth_t)
 +')
 +
 +optional_policy(`
@@ -15754,7 +15752,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +	dbus_session_bus_client(polkit_auth_t)
 +
 +	optional_policy(`
-+		consolekit_dbus_chat(polkit_t)
++		consolekit_dbus_chat(polkit_auth_t)
 +	')
 +')
 +
@@ -23627,7 +23625,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/etc/share/selinux/mls(/.*)?		gen_context(system_u:object_r:semanage_store_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/selinuxutil.if serefpolicy-3.6.1/policy/modules/system/selinuxutil.if
 --- nsaserefpolicy/policy/modules/system/selinuxutil.if	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.1/policy/modules/system/selinuxutil.if	2008-11-25 09:45:43.000000000 -0500
++++ serefpolicy-3.6.1/policy/modules/system/selinuxutil.if	2008-12-04 16:28:46.000000000 -0500
 @@ -535,6 +535,53 @@
  
  ########################################
@@ -25463,7 +25461,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +/dev/shm/mono.*		gen_context(system_u:object_r:user_tmpfs_t,s0)
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.6.1/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2008-11-13 18:40:02.000000000 -0500
-+++ serefpolicy-3.6.1/policy/modules/system/userdomain.if	2008-12-04 14:28:00.000000000 -0500
++++ serefpolicy-3.6.1/policy/modules/system/userdomain.if	2008-12-04 16:31:37.000000000 -0500
 @@ -30,8 +30,9 @@
  	')
  
@@ -26760,7 +26758,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  ##	Send a dbus message to all user domains.
  ## </summary>
  ## <param name="domain">
-@@ -2981,3 +3172,262 @@
+@@ -2981,3 +3172,263 @@
  
  	allow $1 userdomain:dbus send_msg;
  ')
@@ -26932,6 +26930,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 +	dontaudit $1 admin_home_t:dir search_dir_perms;
 +')
++
 +########################################
 +## <summary>
 +##	dontaudit list /root
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 5579aa5e..13c4855f 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -446,11 +446,10 @@ exit 0
 %endif
 
 %changelog
-* Thu Dec 4 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-6
-- Allow iptables to talk to terminals
-
-* Thu Dec 4 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-5
+* Thu Dec 4 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-7
 - Allow iptables to talk to terminals
+- Fixes for policy kit
+- lots of fixes for booting. 
 
 * Wed Dec 3 2008 Dan Walsh <dwalsh@redhat.com> 3.6.1-4
 - Cleanup policy