diff --git a/refpolicy/policy/modules/admin/acct.te b/refpolicy/policy/modules/admin/acct.te
index 37e92562..4b65382f 100644
--- a/refpolicy/policy/modules/admin/acct.te
+++ b/refpolicy/policy/modules/admin/acct.te
@@ -74,7 +74,7 @@ userdom_dontaudit_use_unpriv_user_fd(acct_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(acct_t)
 	term_dontaudit_use_generic_pty(acct_t)
-	files_dontaudit_read_root_file(acct_t)
+	files_dontaudit_read_root_files(acct_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/admin/amanda.te b/refpolicy/policy/modules/admin/amanda.te
index 367ec246..b83131ca 100644
--- a/refpolicy/policy/modules/admin/amanda.te
+++ b/refpolicy/policy/modules/admin/amanda.te
@@ -152,11 +152,11 @@ storage_raw_read_fixed_disk(amanda_t)
 
 files_read_etc_files(amanda_t)
 files_read_etc_runtime_files(amanda_t)
-files_list_all_dirs(amanda_t)
+files_list_all(amanda_t)
 files_read_all_files(amanda_t)
 files_read_all_symlinks(amanda_t)
-files_read_all_blk_nodes(amanda_t)
-files_read_all_chr_nodes(amanda_t)
+files_read_all_blk_files(amanda_t)
+files_read_all_chr_files(amanda_t)
 files_getattr_all_pipes(amanda_t)
 files_getattr_all_sockets(amanda_t)
 
diff --git a/refpolicy/policy/modules/admin/consoletype.te b/refpolicy/policy/modules/admin/consoletype.te
index bfe03fb2..bc7dd8b8 100644
--- a/refpolicy/policy/modules/admin/consoletype.te
+++ b/refpolicy/policy/modules/admin/consoletype.te
@@ -53,7 +53,7 @@ init_write_script_pipe(consoletype_t)
 
 domain_use_wide_inherit_fd(consoletype_t)
 
-files_dontaudit_read_root_file(consoletype_t)
+files_dontaudit_read_root_files(consoletype_t)
 files_list_usr(consoletype_t)
 
 libs_use_ld_so(consoletype_t)
diff --git a/refpolicy/policy/modules/admin/dmesg.te b/refpolicy/policy/modules/admin/dmesg.te
index 6aa6d269..334c5ab3 100644
--- a/refpolicy/policy/modules/admin/dmesg.te
+++ b/refpolicy/policy/modules/admin/dmesg.te
@@ -48,7 +48,7 @@ ifdef(`strict_policy',`
 
 	files_list_etc(dmesg_t)
 	# for when /usr is not mounted:
-	files_dontaudit_search_isid_type_dir(dmesg_t)
+	files_dontaudit_search_isid_type_dirs(dmesg_t)
 
 	init_use_fd(dmesg_t)
 	init_use_script_pty(dmesg_t)
diff --git a/refpolicy/policy/modules/admin/kudzu.te b/refpolicy/policy/modules/admin/kudzu.te
index 09d472eb..c69ecf44 100644
--- a/refpolicy/policy/modules/admin/kudzu.te
+++ b/refpolicy/policy/modules/admin/kudzu.te
@@ -98,7 +98,7 @@ files_read_usr_files(kudzu_t)
 # for /etc/sysconfig/hwconf - probably need a new type
 files_rw_etc_runtime_files(kudzu_t)
 # for file systems that are not yet mounted
-files_dontaudit_search_isid_type_dir(kudzu_t)
+files_dontaudit_search_isid_type_dirs(kudzu_t)
 
 init_use_fd(kudzu_t)
 init_use_script_pty(kudzu_t)
@@ -125,7 +125,7 @@ userdom_dontaudit_use_unpriv_user_fd(kudzu_t)
 ifdef(`targeted_policy',`
         term_dontaudit_use_unallocated_tty(kudzu_t)
         term_dontaudit_use_generic_pty(kudzu_t)
-        files_dontaudit_read_root_file(kudzu_t)
+        files_dontaudit_read_root_files(kudzu_t)
 
 	# cjp: this was originally in the else block
 	# of ifdef userhelper.te, but it seems to
diff --git a/refpolicy/policy/modules/admin/logrotate.te b/refpolicy/policy/modules/admin/logrotate.te
index 7ea0fd57..e7fd141e 100644
--- a/refpolicy/policy/modules/admin/logrotate.te
+++ b/refpolicy/policy/modules/admin/logrotate.te
@@ -98,7 +98,7 @@ files_read_etc_files(logrotate_t)
 files_read_etc_runtime_files(logrotate_t)
 files_read_all_pids(logrotate_t)
 # Write to /var/spool/slrnpull - should be moved into its own type.
-files_manage_generic_spools(logrotate_t)
+files_manage_generic_spool(logrotate_t)
 files_manage_generic_spool_dirs(logrotate_t)
 
 # cjp: why is this needed?
diff --git a/refpolicy/policy/modules/admin/prelink.te b/refpolicy/policy/modules/admin/prelink.te
index 934fa44f..7c2a0627 100644
--- a/refpolicy/policy/modules/admin/prelink.te
+++ b/refpolicy/policy/modules/admin/prelink.te
@@ -58,7 +58,7 @@ domain_mmap_all_entry_files(prelink_t)
 
 files_list_all(prelink_t)
 files_getattr_all_files(prelink_t)
-files_write_non_security_dir(prelink_t)
+files_write_non_security_dirs(prelink_t)
 files_read_etc_files(prelink_t)
 files_read_etc_runtime_files(prelink_t)
 
diff --git a/refpolicy/policy/modules/admin/quota.te b/refpolicy/policy/modules/admin/quota.te
index 2d76768b..672c1eed 100644
--- a/refpolicy/policy/modules/admin/quota.te
+++ b/refpolicy/policy/modules/admin/quota.te
@@ -43,7 +43,7 @@ term_dontaudit_use_console(quota_t)
 
 domain_use_wide_inherit_fd(quota_t)
 
-files_list_all_dirs(quota_t)
+files_list_all(quota_t)
 files_read_all_files(quota_t)
 files_read_all_symlinks(quota_t)
 files_getattr_all_pipes(quota_t)
@@ -64,7 +64,7 @@ userdom_dontaudit_use_unpriv_user_fd(quota_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(quota_t)
 	term_dontaudit_use_generic_pty(quota_t)
-	files_dontaudit_read_root_file(quota_t)
+	files_dontaudit_read_root_files(quota_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/admin/readahead.te b/refpolicy/policy/modules/admin/readahead.te
index dba19427..45ce82f2 100644
--- a/refpolicy/policy/modules/admin/readahead.te
+++ b/refpolicy/policy/modules/admin/readahead.te
@@ -69,7 +69,7 @@ userdom_dontaudit_use_unpriv_user_fd(readahead_t)
 userdom_dontaudit_search_sysadm_home_dir(readahead_t)
 
 ifdef(`targeted_policy',`
-	files_dontaudit_read_root_file(readahead_t)
+	files_dontaudit_read_root_files(readahead_t)
 	term_dontaudit_use_unallocated_tty(readahead_t)
 	term_dontaudit_use_generic_pty(readahead_t)
 ')
diff --git a/refpolicy/policy/modules/admin/su.if b/refpolicy/policy/modules/admin/su.if
index f77cf952..d2dca6f6 100644
--- a/refpolicy/policy/modules/admin/su.if
+++ b/refpolicy/policy/modules/admin/su.if
@@ -43,7 +43,7 @@ template(`su_restricted_domain_template', `
 	files_read_etc_files($1_su_t)
 	files_read_etc_runtime_files($1_su_t)
 	files_search_var_lib($1_su_t)
-	files_dontaudit_getattr_tmp_dir($1_su_t)
+	files_dontaudit_getattr_tmp_dirs($1_su_t)
 
 	auth_domtrans_chk_passwd($1_su_t)
 	auth_dontaudit_read_shadow($1_su_t)
@@ -162,7 +162,7 @@ template(`su_per_userdomain_template',`
 	files_read_etc_files($1_su_t)
 	files_read_etc_runtime_files($1_su_t)
 	files_search_var_lib($1_su_t)
-	files_dontaudit_getattr_tmp_dir($1_su_t)
+	files_dontaudit_getattr_tmp_dirs($1_su_t)
 
 	init_dontaudit_use_fd($1_su_t)
 	# Write to utmp.
diff --git a/refpolicy/policy/modules/admin/updfstab.te b/refpolicy/policy/modules/admin/updfstab.te
index 83b4daf4..e429bfcb 100644
--- a/refpolicy/policy/modules/admin/updfstab.te
+++ b/refpolicy/policy/modules/admin/updfstab.te
@@ -88,7 +88,7 @@ userdom_dontaudit_use_unpriv_user_fd(updfstab_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(updfstab_t)
 	term_dontaudit_use_generic_pty(updfstab_t)
-	files_dontaudit_read_root_file(updfstab_t)
+	files_dontaudit_read_root_files(updfstab_t)
 ')
 
 optional_policy(`authlogin',`
diff --git a/refpolicy/policy/modules/apps/userhelper.if b/refpolicy/policy/modules/apps/userhelper.if
index 67abfd2a..28d8dd73 100644
--- a/refpolicy/policy/modules/apps/userhelper.if
+++ b/refpolicy/policy/modules/apps/userhelper.if
@@ -104,7 +104,7 @@ template(`userhelper_per_userdomain_template',`
 	files_read_etc_files($1_userhelper_t)
 	# Read /var.
 	files_read_var_files($1_userhelper_t)
-	files_read_var_symlink($1_userhelper_t)
+	files_read_var_symlinks($1_userhelper_t)
 	# for some PAM modules and for cwd
 	files_search_home($1_userhelper_t)
 
diff --git a/refpolicy/policy/modules/kernel/bootloader.te b/refpolicy/policy/modules/kernel/bootloader.te
index c52c8aa8..06ffc86d 100644
--- a/refpolicy/policy/modules/kernel/bootloader.te
+++ b/refpolicy/policy/modules/kernel/bootloader.te
@@ -184,11 +184,11 @@ ifdef(`distro_redhat',`
 	files_mountpoint(bootloader_tmp_t)
 
 	# new file system defaults to file_t, granting file_t access is still bad.
-	files_manage_isid_type_dir(bootloader_t)
-	files_manage_isid_type_file(bootloader_t)
-	files_manage_isid_type_symlink(bootloader_t)
-	files_manage_isid_type_blk_node(bootloader_t)
-	files_manage_isid_type_chr_node(bootloader_t)
+	files_manage_isid_type_dirs(bootloader_t)
+	files_manage_isid_type_files(bootloader_t)
+	files_manage_isid_type_symlinks(bootloader_t)
+	files_manage_isid_type_blk_files(bootloader_t)
+	files_manage_isid_type_chr_files(bootloader_t)
 
 	# for mke2fs
 	mount_domtrans(bootloader_t)
diff --git a/refpolicy/policy/modules/kernel/files.if b/refpolicy/policy/modules/kernel/files.if
index 7dbb20b9..e17e312d 100644
--- a/refpolicy/policy/modules/kernel/files.if
+++ b/refpolicy/policy/modules/kernel/files.if
@@ -274,38 +274,6 @@ interface(`files_dontaudit_getattr_all_dirs',`
 	dontaudit $1 file_type:dir getattr;
 ')
 
-########################################
-## <summary>
-##	Search all directories.
-## </summary>
-## <param name="domain">
-##	Domain allowed access.
-## </param>
-#
-interface(`files_search_all',`
-	gen_require(`
-		attribute file_type;
-	')
-
-	allow $1 file_type:dir { getattr search };
-')
-
-########################################
-## <summary>
-##	List the contents of all directories.
-## </summary>
-## <param name="domain">
-##	Domain allowed access.
-## </param>
-#
-interface(`files_list_all',`
-	gen_require(`
-		attribute file_type;
-	')
-
-	allow $1 file_type:dir r_dir_perms;
-')
-
 ########################################
 ## <summary>
 ##	List all non-security directories.
@@ -357,25 +325,6 @@ interface(`files_getattr_all_files',`
 	allow $1 file_type:lnk_file getattr;
 ')
 
-########################################
-## <summary>
-##	Get the attributes of all sockets
-##	with the type of a file.
-## </summary>
-## <param name="domain">
-##	Domain allowed access.
-## </param>
-#
-# cjp: added for initrc_t/distro_redhat.  I
-# do not think it has any effect.
-interface(`files_getattr_all_file_type_sockets',`
-	gen_require(`
-		attribute file_type;
-	')
-
-	allow $1 file_type:socket_class_set getattr;
-')
-
 ########################################
 ## <summary>
 ##	Do not audit attempts to get the attributes
@@ -576,7 +525,7 @@ interface(`files_dontaudit_getattr_non_security_symlinks',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`files_dontaudit_getattr_non_security_blk_dev',`
+interface(`files_dontaudit_getattr_non_security_blk_files',`
 	gen_require(`
 		attribute file_type, security_file_type;
 	')
@@ -593,7 +542,7 @@ interface(`files_dontaudit_getattr_non_security_blk_dev',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`files_dontaudit_getattr_non_security_chr_dev',`
+interface(`files_dontaudit_getattr_non_security_chr_files',`
 	gen_require(`
 		attribute file_type, security_file_type;
 	')
@@ -728,7 +677,7 @@ interface(`files_dontaudit_getattr_non_security_sockets',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_read_all_blk_nodes',`
+interface(`files_read_all_blk_files',`
 	gen_require(`
 		attribute file_type;
 	')
@@ -745,7 +694,7 @@ interface(`files_read_all_blk_nodes',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_read_all_chr_nodes',`
+interface(`files_read_all_chr_files',`
 	gen_require(`
 		attribute file_type;
 	')
@@ -815,9 +764,9 @@ interface(`files_manage_all_files',`
 
 ########################################
 #
-# files_search_all_dirs(domain)
+# files_search_all(domain)
 #
-interface(`files_search_all_dirs',`
+interface(`files_search_all',`
 	gen_require(`
 		attribute file_type;
 	')
@@ -827,9 +776,9 @@ interface(`files_search_all_dirs',`
 
 ########################################
 #
-# files_list_all_dirs(domain)
+# files_list_all(domain)
 #
-interface(`files_list_all_dirs',`
+interface(`files_list_all',`
 	gen_require(`
 		attribute file_type;
 	')
@@ -943,9 +892,9 @@ interface(`files_filetrans_root',`
 
 ########################################
 #
-# files_dontaudit_read_root_file(domain)
+# files_dontaudit_read_root_files(domain)
 #
-interface(`files_dontaudit_read_root_file',`
+interface(`files_dontaudit_read_root_files',`
 	gen_require(`
 		type root_t;
 	')
@@ -955,9 +904,9 @@ interface(`files_dontaudit_read_root_file',`
 
 ########################################
 #
-# files_dontaudit_rw_root_file(domain)
+# files_dontaudit_rw_root_files(domain)
 #
-interface(`files_dontaudit_rw_root_file',`
+interface(`files_dontaudit_rw_root_files',`
 	gen_require(`
 		type root_t;
 	')
@@ -967,9 +916,9 @@ interface(`files_dontaudit_rw_root_file',`
 
 ########################################
 #
-# files_dontaudit_rw_root_chr_dev(domain)
+# files_dontaudit_rw_root_chr_files(domain)
 #
-interface(`files_dontaudit_rw_root_chr_dev',`
+interface(`files_dontaudit_rw_root_chr_files',`
 	gen_require(`
 		type root_t;
 	')
@@ -1009,7 +958,7 @@ interface(`files_unmount_rootfs',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_getattr_default_dir',`
+interface(`files_getattr_default_dirs',`
 	gen_require(`
 		type default_t;
 	')
@@ -1026,7 +975,7 @@ interface(`files_getattr_default_dir',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`files_dontaudit_getattr_default_dir',`
+interface(`files_dontaudit_getattr_default_dirs',`
 	gen_require(`
 		type default_t;
 	')
@@ -1217,7 +1166,7 @@ interface(`files_search_etc',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_setattr_etc_dir',`
+interface(`files_setattr_etc_dirs',`
 	gen_require(`
 		type etc_t;
 	')
@@ -1445,7 +1394,7 @@ interface(`files_filetrans_etc',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_getattr_isid_type_dir',`
+interface(`files_getattr_isid_type_dirs',`
 	gen_require(`
 		type file_t;
 	')
@@ -1462,7 +1411,7 @@ interface(`files_getattr_isid_type_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_dontaudit_search_isid_type_dir',`
+interface(`files_dontaudit_search_isid_type_dirs',`
 	gen_require(`
 		type file_t;
 	')
@@ -1479,7 +1428,7 @@ interface(`files_dontaudit_search_isid_type_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_list_isid_type_dir',`
+interface(`files_list_isid_type_dirs',`
 	gen_require(`
 		type file_t;
 	')
@@ -1496,7 +1445,7 @@ interface(`files_list_isid_type_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_rw_isid_type_dir',`
+interface(`files_rw_isid_type_dirs',`
 	gen_require(`
 		type file_t;
 	')
@@ -1513,7 +1462,7 @@ interface(`files_rw_isid_type_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_manage_isid_type_dir',`
+interface(`files_manage_isid_type_dirs',`
 	gen_require(`
 		type file_t;
 	')
@@ -1530,7 +1479,7 @@ interface(`files_manage_isid_type_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_mounton_isid_type_dir',`
+interface(`files_mounton_isid_type_dirs',`
 	gen_require(`
 		type file_t;
 	')
@@ -1547,7 +1496,7 @@ interface(`files_mounton_isid_type_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_read_isid_type_file',`
+interface(`files_read_isid_type_files',`
 	gen_require(`
 		type file_t;
 	')
@@ -1565,7 +1514,7 @@ interface(`files_read_isid_type_file',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_manage_isid_type_file',`
+interface(`files_manage_isid_type_files',`
 	gen_require(`
 		type file_t;
 	')
@@ -1583,7 +1532,7 @@ interface(`files_manage_isid_type_file',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_manage_isid_type_symlink',`
+interface(`files_manage_isid_type_symlinks',`
 	gen_require(`
 		type file_t;
 	')
@@ -1601,7 +1550,7 @@ interface(`files_manage_isid_type_symlink',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_rw_isid_type_blk_node',`
+interface(`files_rw_isid_type_blk_files',`
 	gen_require(`
 		type file_t;
 	')
@@ -1619,7 +1568,7 @@ interface(`files_rw_isid_type_blk_node',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_manage_isid_type_blk_node',`
+interface(`files_manage_isid_type_blk_files',`
 	gen_require(`
 		type file_t;
 	')
@@ -1637,7 +1586,7 @@ interface(`files_manage_isid_type_blk_node',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_manage_isid_type_chr_node',`
+interface(`files_manage_isid_type_chr_files',`
 	gen_require(`
 		type file_t;
 	')
@@ -1994,7 +1943,7 @@ interface(`files_associate_tmp',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_getattr_tmp_dir',`
+interface(`files_getattr_tmp_dirs',`
 	gen_require(`
 		type tmp_t;
 	')
@@ -2011,7 +1960,7 @@ interface(`files_getattr_tmp_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_dontaudit_getattr_tmp_dir',`
+interface(`files_dontaudit_getattr_tmp_dirs',`
 	gen_require(`
 		type tmp_t;
 	')
@@ -2374,7 +2323,7 @@ interface(`files_search_var',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`files_dontaudit_write_var',`
+interface(`files_dontaudit_write_var_dirs',`
 	gen_require(`
 		type var_t;
 	')
@@ -2474,7 +2423,7 @@ interface(`files_manage_var_files',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_read_var_symlink',`
+interface(`files_read_var_symlinks',`
 	gen_require(`
 		type var_t;
 	')
@@ -2529,23 +2478,6 @@ interface(`files_filetrans_var',`
 	')
 ')
 
-########################################
-## <summary>
-##	Search directories in /var/lib.
-## </summary>
-## <param name="domain">
-##	The type of the process performing this action.
-## </param>
-#
-interface(`files_search_var_lib_dir',`
-	gen_require(`
-		type var_t, var_lib_t;
-	')
-
-	allow $1 var_t:dir search;
-	allow $1 var_lib_t:dir search;
-')
-
 ########################################
 ## <summary>
 ##	Get the attributes of the /var/lib directory.
@@ -2554,7 +2486,7 @@ interface(`files_search_var_lib_dir',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`files_getattr_var_lib_dir',`
+interface(`files_getattr_var_lib_dirs',`
 	gen_require(`
 		type var_t, var_lib_t;
 	')
@@ -2733,7 +2665,7 @@ interface(`files_dontaudit_search_locks',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`files_rw_locks_dir',`
+interface(`files_rw_lock_dirs',`
 	gen_require(`
 		type var_t, var_lock_t;
 	')
@@ -2830,7 +2762,7 @@ interface(`files_filetrans_lock',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`files_dontaudit_getattr_pid_dir',`
+interface(`files_dontaudit_getattr_pid_dirs',`
 	gen_require(`
 		type var_run_t;
 	')
@@ -3068,9 +3000,9 @@ interface(`files_manage_generic_spool_dirs',`
 
 ########################################
 #
-# files_read_generic_spools(domain)
+# files_read_generic_spool(domain)
 #
-interface(`files_read_generic_spools',`
+interface(`files_read_generic_spool',`
 	gen_require(`
 		type var_t, var_spool_t;
 	')
@@ -3082,9 +3014,9 @@ interface(`files_read_generic_spools',`
 
 ########################################
 #
-# files_manage_generic_spools(domain)
+# files_manage_generic_spool(domain)
 #
-interface(`files_manage_generic_spools',`
+interface(`files_manage_generic_spool',`
 	gen_require(`
 		type var_t, var_spool_t;
 	')
@@ -3175,7 +3107,7 @@ interface(`files_unconfined',`
 ##	Domain to allow
 ## </param>
 #
-interface(`files_write_non_security_dir',`
+interface(`files_write_non_security_dirs',`
 	gen_require(`
 		attribute file_type, security_file_type;
 	')
diff --git a/refpolicy/policy/modules/services/apache.te b/refpolicy/policy/modules/services/apache.te
index e97e8df5..a00b7d22 100644
--- a/refpolicy/policy/modules/services/apache.te
+++ b/refpolicy/policy/modules/services/apache.te
@@ -289,7 +289,7 @@ mta_send_mail(httpd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(httpd_t)
 	term_dontaudit_use_generic_pty(httpd_t)
-	files_dontaudit_read_root_file(httpd_t)
+	files_dontaudit_read_root_files(httpd_t)
 
 	tunable_policy(`httpd_enable_homedirs',`
 		userdom_search_generic_user_home_dir(httpd_t)
diff --git a/refpolicy/policy/modules/services/apm.te b/refpolicy/policy/modules/services/apm.te
index 969d0e6f..fd51e934 100644
--- a/refpolicy/policy/modules/services/apm.te
+++ b/refpolicy/policy/modules/services/apm.te
@@ -182,7 +182,7 @@ ifdef(`distro_suse',`
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(apmd_t)
 	term_dontaudit_use_generic_pty(apmd_t)
-	files_dontaudit_read_root_file(apmd_t)
+	files_dontaudit_read_root_files(apmd_t)
 	unconfined_domain_template(apmd_t)
 ')
 
diff --git a/refpolicy/policy/modules/services/arpwatch.te b/refpolicy/policy/modules/services/arpwatch.te
index 3a8cc404..b74964fe 100644
--- a/refpolicy/policy/modules/services/arpwatch.te
+++ b/refpolicy/policy/modules/services/arpwatch.te
@@ -96,7 +96,7 @@ mta_send_mail(arpwatch_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(arpwatch_t)
 	term_dontaudit_use_generic_pty(arpwatch_t)
-	files_dontaudit_read_root_file(arpwatch_t)
+	files_dontaudit_read_root_files(arpwatch_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/automount.te b/refpolicy/policy/modules/services/automount.te
index 861ccef1..863741ef 100644
--- a/refpolicy/policy/modules/services/automount.te
+++ b/refpolicy/policy/modules/services/automount.te
@@ -90,15 +90,15 @@ dev_read_urand(automount_t)
 
 domain_use_wide_inherit_fd(automount_t)
 
-files_dontaudit_write_var(automount_t)
-files_search_var_lib_dir(automount_t)
+files_dontaudit_write_var_dirs(automount_t)
+files_search_var_lib(automount_t)
 files_search_mnt(automount_t)
 files_getattr_home_dir(automount_t)
 files_read_etc_files(automount_t)
 files_read_etc_runtime_files(automount_t)
 # for if the mount point is not labelled
-files_getattr_isid_type_dir(automount_t)
-files_getattr_default_dir(automount_t)
+files_getattr_isid_type_dirs(automount_t)
+files_getattr_default_dirs(automount_t)
 # because config files can be shell scripts
 files_exec_etc_files(automount_t)
 
@@ -132,7 +132,7 @@ userdom_dontaudit_use_unpriv_user_fd(automount_t)
 userdom_dontaudit_search_sysadm_home_dir(automount_t)
 
 ifdef(`targeted_policy', `
-	files_dontaudit_read_root_file(automount_t)
+	files_dontaudit_read_root_files(automount_t)
 	term_dontaudit_use_unallocated_tty(automount_t)
 	term_dontaudit_use_generic_pty(automount_t)
 ')
diff --git a/refpolicy/policy/modules/services/avahi.te b/refpolicy/policy/modules/services/avahi.te
index 687be8f2..bd5fa55d 100644
--- a/refpolicy/policy/modules/services/avahi.te
+++ b/refpolicy/policy/modules/services/avahi.te
@@ -84,7 +84,7 @@ userdom_dontaudit_search_sysadm_home_dir(avahi_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(avahi_t)
 	term_dontaudit_use_generic_pty(avahi_t)
-	files_dontaudit_read_root_file(avahi_t)
+	files_dontaudit_read_root_files(avahi_t)
 ')
 
 optional_policy(`dbus',`
diff --git a/refpolicy/policy/modules/services/bind.te b/refpolicy/policy/modules/services/bind.te
index 269857fc..796a196d 100644
--- a/refpolicy/policy/modules/services/bind.te
+++ b/refpolicy/policy/modules/services/bind.te
@@ -148,7 +148,7 @@ userdom_dontaudit_search_sysadm_home_dir(named_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(named_t)
 	term_dontaudit_use_generic_pty(named_t)
-	files_dontaudit_read_root_file(named_t)
+	files_dontaudit_read_root_files(named_t)
 ')
 
 tunable_policy(`named_write_master_zones',`
diff --git a/refpolicy/policy/modules/services/bluetooth.te b/refpolicy/policy/modules/services/bluetooth.te
index 6bb985f7..160d4ec0 100644
--- a/refpolicy/policy/modules/services/bluetooth.te
+++ b/refpolicy/policy/modules/services/bluetooth.te
@@ -139,7 +139,7 @@ userdom_dontaudit_search_sysadm_home_dir(bluetooth_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(bluetooth_t)
 	term_dontaudit_use_generic_pty(bluetooth_t)
-	files_dontaudit_read_root_file(bluetooth_t)
+	files_dontaudit_read_root_files(bluetooth_t)
 ')
 
 optional_policy(`dbus',`
diff --git a/refpolicy/policy/modules/services/canna.te b/refpolicy/policy/modules/services/canna.te
index 29908142..5a1233a8 100644
--- a/refpolicy/policy/modules/services/canna.te
+++ b/refpolicy/policy/modules/services/canna.te
@@ -70,7 +70,7 @@ files_read_etc_files(canna_t)
 files_read_etc_runtime_files(canna_t)
 files_read_usr_files(canna_t)
 files_search_tmp(canna_t)
-files_dontaudit_read_root_file(canna_t)
+files_dontaudit_read_root_files(canna_t)
 
 init_use_fd(canna_t)
 init_use_script_pty(canna_t)
@@ -90,7 +90,7 @@ userdom_dontaudit_search_sysadm_home_dir(canna_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(canna_t)
 	term_dontaudit_use_generic_pty(canna_t)
-	files_dontaudit_read_root_file(canna_t)
+	files_dontaudit_read_root_files(canna_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/cpucontrol.te b/refpolicy/policy/modules/services/cpucontrol.te
index cc2819df..9bbcbf2c 100644
--- a/refpolicy/policy/modules/services/cpucontrol.te
+++ b/refpolicy/policy/modules/services/cpucontrol.te
@@ -58,7 +58,7 @@ userdom_dontaudit_use_unpriv_user_fd(cpucontrol_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(cpucontrol_t)
 	term_dontaudit_use_generic_pty(cpucontrol_t)
-	files_dontaudit_read_root_file(cpucontrol_t)
+	files_dontaudit_read_root_files(cpucontrol_t)
 ')
 
 optional_policy(`nscd',`
@@ -112,7 +112,7 @@ userdom_dontaudit_use_unpriv_user_fd(cpuspeed_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(cpuspeed_t)
 	term_dontaudit_use_generic_pty(cpuspeed_t)
-	files_dontaudit_read_root_file(cpuspeed_t)
+	files_dontaudit_read_root_files(cpuspeed_t)
 ')
 
 optional_policy(`nscd',`
diff --git a/refpolicy/policy/modules/services/cron.te b/refpolicy/policy/modules/services/cron.te
index ea29b8f6..5377ac21 100644
--- a/refpolicy/policy/modules/services/cron.te
+++ b/refpolicy/policy/modules/services/cron.te
@@ -112,7 +112,7 @@ corecmd_list_sbin(crond_t)
 domain_use_wide_inherit_fd(crond_t)
 
 files_read_etc_files(crond_t)
-files_read_generic_spools(crond_t)
+files_read_generic_spool(crond_t)
 files_list_usr(crond_t)
 # Read from /var/spool/cron.
 files_search_var_lib(crond_t)
@@ -314,7 +314,7 @@ ifdef(`targeted_policy',`
 	files_exec_etc_files(system_crond_t)
 	files_read_etc_files(system_crond_t)
 	files_read_etc_runtime_files(system_crond_t)
-	files_list_all_dirs(system_crond_t)
+	files_list_all(system_crond_t)
 	files_getattr_all_dirs(system_crond_t)
 	files_getattr_all_files(system_crond_t)
 	files_getattr_all_symlinks(system_crond_t)
@@ -326,7 +326,7 @@ ifdef(`targeted_policy',`
 	files_dontaudit_search_pids(system_crond_t)
 	# Access other spool directories like
 	# /var/spool/anacron and /var/spool/slrnpull.
-	files_manage_generic_spools(system_crond_t)
+	files_manage_generic_spool(system_crond_t)
 
 	init_use_fd(system_crond_t)
 	init_use_script_fd(system_crond_t)
diff --git a/refpolicy/policy/modules/services/cups.te b/refpolicy/policy/modules/services/cups.te
index 27058998..29ccff26 100644
--- a/refpolicy/policy/modules/services/cups.te
+++ b/refpolicy/policy/modules/services/cups.te
@@ -198,7 +198,7 @@ lpd_manage_spool(cupsd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(cupsd_t)
 	term_dontaudit_use_generic_pty(cupsd_t)
-	files_dontaudit_read_root_file(cupsd_t)
+	files_dontaudit_read_root_files(cupsd_t)
 ')
 
 optional_policy(`cron',`
@@ -350,7 +350,7 @@ userdom_dontaudit_search_all_users_home(ptal_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(ptal_t)
 	term_dontaudit_use_generic_pty(ptal_t)
-	files_dontaudit_read_root_file(ptal_t)
+	files_dontaudit_read_root_files(ptal_t)
 ')
 
 optional_policy(`selinuxutil',`
@@ -449,7 +449,7 @@ lpd_read_config(cupsd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(hplip_t)
 	term_dontaudit_use_generic_pty(hplip_t)
-	files_dontaudit_read_root_file(hplip_t)
+	files_dontaudit_read_root_files(hplip_t)
 ')
 
 optional_policy(`mount',`
@@ -576,7 +576,7 @@ ifdef(`distro_redhat',`
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(cupsd_config_t)
 	term_dontaudit_use_generic_pty(cupsd_config_t)
-	files_dontaudit_read_root_file(cupsd_config_t)
+	files_dontaudit_read_root_files(cupsd_config_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/services/cyrus.te b/refpolicy/policy/modules/services/cyrus.te
index 87648db3..1a545a3e 100644
--- a/refpolicy/policy/modules/services/cyrus.te
+++ b/refpolicy/policy/modules/services/cyrus.te
@@ -115,7 +115,7 @@ mta_manage_spool(cyrus_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(cyrus_t)
 	term_dontaudit_use_generic_pty(cyrus_t)
-	files_dontaudit_read_root_file(cyrus_t)
+	files_dontaudit_read_root_files(cyrus_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/services/dbus.te b/refpolicy/policy/modules/services/dbus.te
index 07ab4fd3..1e6b77a1 100644
--- a/refpolicy/policy/modules/services/dbus.te
+++ b/refpolicy/policy/modules/services/dbus.te
@@ -113,7 +113,7 @@ userdom_dontaudit_search_sysadm_home_dir(system_dbusd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(system_dbusd_t)
 	term_dontaudit_use_generic_pty(system_dbusd_t)
-	files_dontaudit_read_root_file(system_dbusd_t)
+	files_dontaudit_read_root_files(system_dbusd_t)
 ')
 
 tunable_policy(`read_default_t',`
diff --git a/refpolicy/policy/modules/services/dhcp.te b/refpolicy/policy/modules/services/dhcp.te
index 161750b0..d13181c7 100644
--- a/refpolicy/policy/modules/services/dhcp.te
+++ b/refpolicy/policy/modules/services/dhcp.te
@@ -112,7 +112,7 @@ ifdef(`distro_gentoo',`
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(dhcpd_t)
 	term_dontaudit_use_generic_pty(dhcpd_t)
-	files_dontaudit_read_root_file(dhcpd_t)
+	files_dontaudit_read_root_files(dhcpd_t)
 ')
 
 optional_policy(`bind',`
diff --git a/refpolicy/policy/modules/services/dictd.te b/refpolicy/policy/modules/services/dictd.te
index d35f0e12..56fb9eaf 100644
--- a/refpolicy/policy/modules/services/dictd.te
+++ b/refpolicy/policy/modules/services/dictd.te
@@ -84,7 +84,7 @@ userdom_dontaudit_use_unpriv_user_fd(dictd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(dictd_t)
 	term_dontaudit_use_generic_pty(dictd_t)
-	files_dontaudit_read_root_file(dictd_t)
+	files_dontaudit_read_root_files(dictd_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/distcc.te b/refpolicy/policy/modules/services/distcc.te
index 6adf88db..eb337624 100644
--- a/refpolicy/policy/modules/services/distcc.te
+++ b/refpolicy/policy/modules/services/distcc.te
@@ -92,7 +92,7 @@ userdom_dontaudit_search_sysadm_home_dir(distccd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(distccd_t)
 	term_dontaudit_use_generic_pty(distccd_t)
-	files_dontaudit_read_root_file(distccd_t)
+	files_dontaudit_read_root_files(distccd_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/dovecot.te b/refpolicy/policy/modules/services/dovecot.te
index c02c30df..be406dcf 100644
--- a/refpolicy/policy/modules/services/dovecot.te
+++ b/refpolicy/policy/modules/services/dovecot.te
@@ -121,7 +121,7 @@ mta_manage_spool(dovecot_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(dovecot_t)
 	term_dontaudit_use_generic_pty(dovecot_t)
-	files_dontaudit_read_root_file(dovecot_t)
+	files_dontaudit_read_root_files(dovecot_t)
 ')
 
 optional_policy(`kerberos',`
diff --git a/refpolicy/policy/modules/services/fetchmail.te b/refpolicy/policy/modules/services/fetchmail.te
index 1c624e04..31d197bb 100644
--- a/refpolicy/policy/modules/services/fetchmail.te
+++ b/refpolicy/policy/modules/services/fetchmail.te
@@ -93,7 +93,7 @@ userdom_dontaudit_search_sysadm_home_dir(fetchmail_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(fetchmail_t)
 	term_dontaudit_use_generic_pty(fetchmail_t)
-	files_dontaudit_read_root_file(fetchmail_t)
+	files_dontaudit_read_root_files(fetchmail_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/finger.te b/refpolicy/policy/modules/services/finger.te
index c564a85b..86ef3536 100644
--- a/refpolicy/policy/modules/services/finger.te
+++ b/refpolicy/policy/modules/services/finger.te
@@ -107,7 +107,7 @@ userdom_dontaudit_search_user_home_dirs(fingerd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(fingerd_t)
 	term_dontaudit_use_generic_pty(fingerd_t)
-	files_dontaudit_read_root_file(fingerd_t)
+	files_dontaudit_read_root_files(fingerd_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/services/ftp.te b/refpolicy/policy/modules/services/ftp.te
index 840969ed..15392318 100644
--- a/refpolicy/policy/modules/services/ftp.te
+++ b/refpolicy/policy/modules/services/ftp.te
@@ -97,7 +97,7 @@ domain_use_wide_inherit_fd(ftpd_t)
 files_search_etc(ftpd_t)
 files_read_etc_files(ftpd_t)
 files_read_etc_runtime_files(ftpd_t)
-files_search_var_lib_dir(ftpd_t)
+files_search_var_lib(ftpd_t)
 
 fs_search_auto_mountpoints(ftpd_t)
 fs_getattr_all_fs(ftpd_t)
@@ -130,7 +130,7 @@ userdom_dontaudit_search_sysadm_home_dir(ftpd_t)
 userdom_dontaudit_use_unpriv_user_fd(ftpd_t)
 
 ifdef(`targeted_policy',`
-	files_dontaudit_read_root_file(ftpd_t)
+	files_dontaudit_read_root_files(ftpd_t)
 
 	term_dontaudit_use_generic_pty(ftpd_t)
 	term_dontaudit_use_unallocated_tty(ftpd_t)
diff --git a/refpolicy/policy/modules/services/gpm.te b/refpolicy/policy/modules/services/gpm.te
index 7113bf9b..1904619a 100644
--- a/refpolicy/policy/modules/services/gpm.te
+++ b/refpolicy/policy/modules/services/gpm.te
@@ -81,7 +81,7 @@ userdom_dontaudit_search_sysadm_home_dir(gpm_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(gpm_t)
 	term_dontaudit_use_generic_pty(gpm_t)
-	files_dontaudit_read_root_file(gpm_t)
+	files_dontaudit_read_root_files(gpm_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/hal.te b/refpolicy/policy/modules/services/hal.te
index 382fca35..ac05ab66 100644
--- a/refpolicy/policy/modules/services/hal.te
+++ b/refpolicy/policy/modules/services/hal.te
@@ -140,7 +140,7 @@ userdom_dontaudit_search_sysadm_home_dir(hald_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(hald_t)
 	term_dontaudit_use_generic_pty(hald_t)
-	files_dontaudit_read_root_file(hald_t)
+	files_dontaudit_read_root_files(hald_t)
 	files_dontaudit_getattr_home_dir(hald_t)
 ')
 
diff --git a/refpolicy/policy/modules/services/howl.te b/refpolicy/policy/modules/services/howl.te
index b798d935..c5e0db2f 100644
--- a/refpolicy/policy/modules/services/howl.te
+++ b/refpolicy/policy/modules/services/howl.te
@@ -79,7 +79,7 @@ userdom_dontaudit_search_sysadm_home_dir(howl_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(howl_t)
 	term_dontaudit_use_generic_pty(howl_t)
-	files_dontaudit_read_root_file(howl_t)
+	files_dontaudit_read_root_files(howl_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/i18n_input.te b/refpolicy/policy/modules/services/i18n_input.te
index dcf18e26..7e058a02 100644
--- a/refpolicy/policy/modules/services/i18n_input.te
+++ b/refpolicy/policy/modules/services/i18n_input.te
@@ -89,7 +89,7 @@ userdom_read_unpriv_user_home_files(i18n_input_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(i18n_input_t)
 	term_dontaudit_use_generic_pty(i18n_input_t)
-	files_dontaudit_read_root_file(i18n_input_t)
+	files_dontaudit_read_root_files(i18n_input_t)
 ')
 
 tunable_policy(`use_nfs_home_dirs',`
diff --git a/refpolicy/policy/modules/services/inetd.te b/refpolicy/policy/modules/services/inetd.te
index 4ad06e2f..201ae7f1 100644
--- a/refpolicy/policy/modules/services/inetd.te
+++ b/refpolicy/policy/modules/services/inetd.te
@@ -124,7 +124,7 @@ userdom_dontaudit_search_sysadm_home_dir(inetd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(inetd_t)
 	term_dontaudit_use_generic_pty(inetd_t)
-	files_dontaudit_read_root_file(inetd_t)
+	files_dontaudit_read_root_files(inetd_t)
 ')
 
 optional_policy(`amanda',`
diff --git a/refpolicy/policy/modules/services/inn.te b/refpolicy/policy/modules/services/inn.te
index 202eedd8..0a97db40 100644
--- a/refpolicy/policy/modules/services/inn.te
+++ b/refpolicy/policy/modules/services/inn.te
@@ -119,7 +119,7 @@ mta_send_mail(innd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(innd_t)
 	term_dontaudit_use_generic_pty(innd_t)
-	files_dontaudit_read_root_file(innd_t)
+	files_dontaudit_read_root_files(innd_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/services/irqbalance.te b/refpolicy/policy/modules/services/irqbalance.te
index 0368165d..1ce41808 100644
--- a/refpolicy/policy/modules/services/irqbalance.te
+++ b/refpolicy/policy/modules/services/irqbalance.te
@@ -54,7 +54,7 @@ userdom_dontaudit_search_sysadm_home_dir(irqbalance_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(irqbalance_t)
 	term_dontaudit_use_generic_pty(irqbalance_t)
-	files_dontaudit_read_root_file(irqbalance_t)
+	files_dontaudit_read_root_files(irqbalance_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/kerberos.te b/refpolicy/policy/modules/services/kerberos.te
index f21527c4..fc4392db 100644
--- a/refpolicy/policy/modules/services/kerberos.te
+++ b/refpolicy/policy/modules/services/kerberos.te
@@ -134,7 +134,7 @@ userdom_dontaudit_search_sysadm_home_dir(kadmind_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(kadmind_t)
 	term_dontaudit_use_generic_pty(kadmind_t)
-	files_dontaudit_read_root_file(kadmind_t)
+	files_dontaudit_read_root_files(kadmind_t)
 ')
 
 optional_policy(`nis',`
@@ -234,7 +234,7 @@ userdom_dontaudit_search_sysadm_home_dir(krb5kdc_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(krb5kdc_t)
 	term_dontaudit_use_generic_pty(krb5kdc_t)
-	files_dontaudit_read_root_file(krb5kdc_t)
+	files_dontaudit_read_root_files(krb5kdc_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/ldap.te b/refpolicy/policy/modules/services/ldap.te
index 6998bb5b..b5b609f1 100644
--- a/refpolicy/policy/modules/services/ldap.te
+++ b/refpolicy/policy/modules/services/ldap.te
@@ -135,7 +135,7 @@ ifdef(`targeted_policy',`
 
 	term_dontaudit_use_unallocated_tty(slapd_t)
 	term_dontaudit_use_generic_pty(slapd_t)
-	files_dontaudit_read_root_file(slapd_t)
+	files_dontaudit_read_root_files(slapd_t)
 ')
 
 optional_policy(`kerberos',`
diff --git a/refpolicy/policy/modules/services/lpd.te b/refpolicy/policy/modules/services/lpd.te
index bda1eeb1..3c04e2ac 100644
--- a/refpolicy/policy/modules/services/lpd.te
+++ b/refpolicy/policy/modules/services/lpd.te
@@ -220,7 +220,7 @@ userdom_dontaudit_search_sysadm_home_dir(lpd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(lpd_t)
 	term_dontaudit_use_generic_pty(lpd_t)
-	files_dontaudit_read_root_file(lpd_t)
+	files_dontaudit_read_root_files(lpd_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/mta.if b/refpolicy/policy/modules/services/mta.if
index 6d773821..99d095c1 100644
--- a/refpolicy/policy/modules/services/mta.if
+++ b/refpolicy/policy/modules/services/mta.if
@@ -287,7 +287,7 @@ template(`mta_admin_template',`
 		files_filetrans_etc($1_mail_t,etc_aliases_t,{ file lnk_file sock_file fifo_file })
 
 		# postfix needs this for newaliases
-		files_getattr_tmp_dir($1_mail_t)
+		files_getattr_tmp_dirs($1_mail_t)
 
 		postfix_exec_master($1_mail_t)
 
diff --git a/refpolicy/policy/modules/services/mta.te b/refpolicy/policy/modules/services/mta.te
index c2ad9a15..a82b54f4 100644
--- a/refpolicy/policy/modules/services/mta.te
+++ b/refpolicy/policy/modules/services/mta.te
@@ -142,7 +142,7 @@ optional_policy(`postfix',`
 	domain_use_wide_inherit_fd(system_mail_t)
 
 	# postfix needs this for newaliases
-	files_getattr_tmp_dir(system_mail_t)
+	files_getattr_tmp_dirs(system_mail_t)
 
 	postfix_exec_master(system_mail_t)
 
diff --git a/refpolicy/policy/modules/services/mysql.te b/refpolicy/policy/modules/services/mysql.te
index 4f09d20d..80e8abf3 100644
--- a/refpolicy/policy/modules/services/mysql.te
+++ b/refpolicy/policy/modules/services/mysql.te
@@ -88,7 +88,7 @@ term_dontaudit_use_console(mysqld_t)
 
 domain_use_wide_inherit_fd(mysqld_t)
 
-files_getattr_var_lib_dir(mysqld_t)
+files_getattr_var_lib_dirs(mysqld_t)
 files_read_etc_runtime_files(mysqld_t)
 files_read_etc_files(mysqld_t)
 files_read_usr_files(mysqld_t)
@@ -118,7 +118,7 @@ ifdef(`distro_redhat',`
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(mysqld_t)
 	term_dontaudit_use_generic_pty(mysqld_t)
-	files_dontaudit_read_root_file(mysqld_t)
+	files_dontaudit_read_root_files(mysqld_t)
 ')
 
 optional_policy(`daemontools',`
diff --git a/refpolicy/policy/modules/services/networkmanager.te b/refpolicy/policy/modules/services/networkmanager.te
index d95c42bf..cb5058e4 100644
--- a/refpolicy/policy/modules/services/networkmanager.te
+++ b/refpolicy/policy/modules/services/networkmanager.te
@@ -111,7 +111,7 @@ userdom_dontaudit_use_unpriv_user_tty(NetworkManager_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(NetworkManager_t)
 	term_dontaudit_use_generic_pty(NetworkManager_t)
-	files_dontaudit_read_root_file(NetworkManager_t)
+	files_dontaudit_read_root_files(NetworkManager_t)
 ')
 
 optional_policy(`bind',`
diff --git a/refpolicy/policy/modules/services/nis.te b/refpolicy/policy/modules/services/nis.te
index d1097813..2f63b1f8 100644
--- a/refpolicy/policy/modules/services/nis.te
+++ b/refpolicy/policy/modules/services/nis.te
@@ -120,7 +120,7 @@ portmap_udp_sendto(ypbind_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(ypbind_t)
 	term_dontaudit_use_generic_pty(ypbind_t)
-	files_dontaudit_read_root_file(ypbind_t)
+	files_dontaudit_read_root_files(ypbind_t)
 ')
 
 optional_policy(`mount',`
@@ -221,7 +221,7 @@ portmap_udp_sendto(yppasswdd_t)
 ifdef(`targeted_policy',`
         term_dontaudit_use_unallocated_tty(yppasswdd_t)
         term_dontaudit_use_generic_pty(yppasswdd_t)
-        files_dontaudit_read_root_file(yppasswdd_t)
+        files_dontaudit_read_root_files(yppasswdd_t)
 ')
 
 optional_policy(`hostname',`
@@ -316,7 +316,7 @@ portmap_udp_sendto(ypserv_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(ypserv_t)
 	term_dontaudit_use_generic_pty(ypserv_t)
-	files_dontaudit_read_root_file(ypserv_t)
+	files_dontaudit_read_root_files(ypserv_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/nscd.te b/refpolicy/policy/modules/services/nscd.te
index 088dc7d0..f7602187 100644
--- a/refpolicy/policy/modules/services/nscd.te
+++ b/refpolicy/policy/modules/services/nscd.te
@@ -119,7 +119,7 @@ ifdef(`targeted_policy',`
 
 	term_dontaudit_use_unallocated_tty(nscd_t)
 	term_dontaudit_use_generic_pty(nscd_t)
-	files_dontaudit_read_root_file(nscd_t)
+	files_dontaudit_read_root_files(nscd_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/ntp.te b/refpolicy/policy/modules/services/ntp.te
index 018d6afb..11d28207 100644
--- a/refpolicy/policy/modules/services/ntp.te
+++ b/refpolicy/policy/modules/services/ntp.te
@@ -119,7 +119,7 @@ userdom_dontaudit_list_sysadm_home_dir(ntpd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(ntpd_t)
 	term_dontaudit_use_generic_pty(ntpd_t)
-	files_dontaudit_read_root_file(ntpd_t)
+	files_dontaudit_read_root_files(ntpd_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/services/openct.te b/refpolicy/policy/modules/services/openct.te
index 8887143b..48b7cb72 100644
--- a/refpolicy/policy/modules/services/openct.te
+++ b/refpolicy/policy/modules/services/openct.te
@@ -59,7 +59,7 @@ userdom_dontaudit_search_sysadm_home_dir(openct_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(openct_t)
 	term_dontaudit_use_generic_pty(openct_t)
-	files_dontaudit_read_root_file(openct_t)
+	files_dontaudit_read_root_files(openct_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/pegasus.te b/refpolicy/policy/modules/services/pegasus.te
index f21e8f83..c731210a 100644
--- a/refpolicy/policy/modules/services/pegasus.te
+++ b/refpolicy/policy/modules/services/pegasus.te
@@ -114,7 +114,7 @@ userdom_dontaudit_search_sysadm_home_dir(pegasus_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(pegasus_t)
 	term_dontaudit_use_generic_pty(pegasus_t)
-	files_dontaudit_read_root_file(pegasus_t)
+	files_dontaudit_read_root_files(pegasus_t)
 ')
 
 optional_policy(`logging',`
diff --git a/refpolicy/policy/modules/services/portmap.te b/refpolicy/policy/modules/services/portmap.te
index bc5969bd..f754662a 100644
--- a/refpolicy/policy/modules/services/portmap.te
+++ b/refpolicy/policy/modules/services/portmap.te
@@ -100,7 +100,7 @@ userdom_dontaudit_search_sysadm_home_dir(portmap_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(portmap_t)
 	term_dontaudit_use_generic_pty(portmap_t)
-	files_dontaudit_read_root_file(portmap_t)
+	files_dontaudit_read_root_files(portmap_t)
 ')
 
 optional_policy(`inetd',`
diff --git a/refpolicy/policy/modules/services/postfix.if b/refpolicy/policy/modules/services/postfix.if
index 003c7e0b..e9f661d9 100644
--- a/refpolicy/policy/modules/services/postfix.if
+++ b/refpolicy/policy/modules/services/postfix.if
@@ -68,7 +68,7 @@ template(`postfix_domain_template',`
 	files_read_etc_runtime_files(postfix_$1_t)
 	files_read_usr_symlinks(postfix_$1_t)
 	files_search_spool(postfix_$1_t)
-	files_getattr_tmp_dir(postfix_$1_t)
+	files_getattr_tmp_dirs(postfix_$1_t)
 
 	init_use_fd(postfix_$1_t)
 	init_sigchld(postfix_$1_t)
@@ -86,7 +86,7 @@ template(`postfix_domain_template',`
 	ifdef(`targeted_policy', `
 		term_dontaudit_use_unallocated_tty(postfix_$1_t)
 		term_dontaudit_use_generic_pty(postfix_$1_t)
-		files_dontaudit_read_root_file(postfix_$1_t)
+		files_dontaudit_read_root_files(postfix_$1_t)
 	')
 
 	optional_policy(`nscd',`
diff --git a/refpolicy/policy/modules/services/postgresql.te b/refpolicy/policy/modules/services/postgresql.te
index e6cf8d9a..ecfb1f9a 100644
--- a/refpolicy/policy/modules/services/postgresql.te
+++ b/refpolicy/policy/modules/services/postgresql.te
@@ -143,7 +143,7 @@ userdom_dontaudit_use_unpriv_user_fd(postgresql_t)
 mta_getattr_spool(postgresql_t)
 
 ifdef(`targeted_policy', `
-	files_dontaudit_read_root_file(postgresql_t)
+	files_dontaudit_read_root_files(postgresql_t)
 	term_dontaudit_use_generic_pty(postgresql_t)
 	term_dontaudit_use_unallocated_tty(postgresql_t)
 ')
diff --git a/refpolicy/policy/modules/services/ppp.te b/refpolicy/policy/modules/services/ppp.te
index 0cef95f6..e7fd70a0 100644
--- a/refpolicy/policy/modules/services/ppp.te
+++ b/refpolicy/policy/modules/services/ppp.te
@@ -179,7 +179,7 @@ userdom_search_unpriv_user_home_dirs(pppd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(pppd_t)
 	term_dontaudit_use_generic_pty(pppd_t)
-	files_dontaudit_read_root_file(pppd_t)
+	files_dontaudit_read_root_files(pppd_t)
 
 	optional_policy(`postfix',`
 		gen_require(`
@@ -299,7 +299,7 @@ userdom_dontaudit_search_sysadm_home_dir(pptp_t)
 ifdef(`targeted_policy',`
         term_dontaudit_use_unallocated_tty(pptp_t)
         term_dontaudit_use_generic_pty(pptp_t)
-        files_dontaudit_read_root_file(pptp_t)
+        files_dontaudit_read_root_files(pptp_t)
 ')
 
 optional_policy(`hostname',`
diff --git a/refpolicy/policy/modules/services/privoxy.te b/refpolicy/policy/modules/services/privoxy.te
index f95456cd..3d594d8b 100644
--- a/refpolicy/policy/modules/services/privoxy.te
+++ b/refpolicy/policy/modules/services/privoxy.te
@@ -83,7 +83,7 @@ userdom_use_sysadm_terms(privoxy_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(privoxy_t)
 	term_dontaudit_use_generic_pty(privoxy_t)
-	files_dontaudit_read_root_file(privoxy_t)
+	files_dontaudit_read_root_files(privoxy_t)
 ')
 
 optional_policy(`mount',`
diff --git a/refpolicy/policy/modules/services/procmail.te b/refpolicy/policy/modules/services/procmail.te
index 2471486c..8ea75fcc 100644
--- a/refpolicy/policy/modules/services/procmail.te
+++ b/refpolicy/policy/modules/services/procmail.te
@@ -76,7 +76,7 @@ ifdef(`hide_broken_symptoms',`
 
 ifdef(`targeted_policy', `
 	corenet_udp_bind_generic_port(procmail_t)
-	files_getattr_tmp_dir(procmail_t)
+	files_getattr_tmp_dirs(procmail_t)
 ')
 
 optional_policy(`logging',`
@@ -102,7 +102,7 @@ optional_policy(`spamassassin',`
 	corenet_udp_bind_generic_port(procmail_t)
 	corenet_tcp_connect_spamd_port(procmail_t)
 
-	files_getattr_tmp_dir(procmail_t)
+	files_getattr_tmp_dirs(procmail_t)
 
 	spamassassin_exec(procmail_t)
 	spamassassin_exec_client(procmail_t)
diff --git a/refpolicy/policy/modules/services/radius.te b/refpolicy/policy/modules/services/radius.te
index 5cbd243e..54399532 100644
--- a/refpolicy/policy/modules/services/radius.te
+++ b/refpolicy/policy/modules/services/radius.te
@@ -106,7 +106,7 @@ userdom_dontaudit_getattr_sysadm_home_dir(radiusd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(radiusd_t)
 	term_dontaudit_use_generic_pty(radiusd_t)
-	files_dontaudit_read_root_file(radiusd_t)
+	files_dontaudit_read_root_files(radiusd_t)
 ')
 
 optional_policy(`cron',`
diff --git a/refpolicy/policy/modules/services/radvd.te b/refpolicy/policy/modules/services/radvd.te
index 23c05026..0251303f 100644
--- a/refpolicy/policy/modules/services/radvd.te
+++ b/refpolicy/policy/modules/services/radvd.te
@@ -81,7 +81,7 @@ userdom_dontaudit_search_sysadm_home_dir(radvd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(radvd_t)
 	term_dontaudit_use_generic_pty(radvd_t)
-	files_dontaudit_read_root_file(radvd_t)
+	files_dontaudit_read_root_files(radvd_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/rdisc.te b/refpolicy/policy/modules/services/rdisc.te
index d7e522c9..864a5ce0 100644
--- a/refpolicy/policy/modules/services/rdisc.te
+++ b/refpolicy/policy/modules/services/rdisc.te
@@ -59,7 +59,7 @@ userdom_dontaudit_use_unpriv_user_fd(rdisc_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(rdisc_t)
 	term_dontaudit_use_generic_pty(rdisc_t)
-	files_dontaudit_read_root_file(rdisc_t)
+	files_dontaudit_read_root_files(rdisc_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/remotelogin.te b/refpolicy/policy/modules/services/remotelogin.te
index 81168943..e917daf9 100644
--- a/refpolicy/policy/modules/services/remotelogin.te
+++ b/refpolicy/policy/modules/services/remotelogin.te
@@ -97,7 +97,7 @@ files_read_world_readable_pipes(remote_login_t)
 files_read_world_readable_sockets(remote_login_t)
 files_list_mnt(remote_login_t)
 # for when /var/mail is a sym-link
-files_read_var_symlink(remote_login_t)
+files_read_var_symlinks(remote_login_t)
 
 init_rw_utmp(remote_login_t)
 
diff --git a/refpolicy/policy/modules/services/roundup.te b/refpolicy/policy/modules/services/roundup.te
index 4019879c..cc0a0bfd 100644
--- a/refpolicy/policy/modules/services/roundup.te
+++ b/refpolicy/policy/modules/services/roundup.te
@@ -89,7 +89,7 @@ userdom_dontaudit_use_unpriv_user_fd(roundup_t)
 userdom_dontaudit_search_sysadm_home_dir(roundup_t)
 
 ifdef(`targeted_policy',`
-	files_dontaudit_read_root_file(roundup_t)
+	files_dontaudit_read_root_files(roundup_t)
 	term_dontaudit_use_unallocated_tty(roundup_t)
 	term_dontaudit_use_generic_pty(roundup_t)
 ')
diff --git a/refpolicy/policy/modules/services/rpc.if b/refpolicy/policy/modules/services/rpc.if
index a06f4d99..f3267c67 100644
--- a/refpolicy/policy/modules/services/rpc.if
+++ b/refpolicy/policy/modules/services/rpc.if
@@ -77,7 +77,7 @@ template(`rpc_domain_template', `
 	files_read_etc_files($1_t)
 	files_read_etc_runtime_files($1_t)
 	files_search_var($1_t)
-	files_search_var_lib_dir($1_t)
+	files_search_var_lib($1_t)
 
 	init_use_fd($1_t)
 	init_use_script_pty($1_t)
@@ -96,7 +96,7 @@ template(`rpc_domain_template', `
 	ifdef(`targeted_policy',`
 		term_dontaudit_use_unallocated_tty($1_t)
 		term_dontaudit_use_generic_pty($1_t)
-		files_dontaudit_read_root_file($1_t)
+		files_dontaudit_read_root_files($1_t)
 	')
 
 	optional_policy(`mount',`
diff --git a/refpolicy/policy/modules/services/rpc.te b/refpolicy/policy/modules/services/rpc.te
index 87430332..7501a149 100644
--- a/refpolicy/policy/modules/services/rpc.te
+++ b/refpolicy/policy/modules/services/rpc.te
@@ -100,7 +100,7 @@ term_use_controlling_term(nfsd_t)
 # does not really need this, but it is easier to just allow it
 files_search_pids(nfsd_t) 
 # for exportfs and rpc.mountd
-files_getattr_tmp_dir(nfsd_t) 
+files_getattr_tmp_dirs(nfsd_t) 
 # cjp: this should really have its own type
 files_manage_mounttab(rpcd_t)
 
diff --git a/refpolicy/policy/modules/services/samba.te b/refpolicy/policy/modules/services/samba.te
index b0fdc609..0ffedb0d 100644
--- a/refpolicy/policy/modules/services/samba.te
+++ b/refpolicy/policy/modules/services/samba.te
@@ -289,7 +289,7 @@ userdom_dontaudit_use_unpriv_user_fd(smbd_t)
 userdom_use_unpriv_users_fd(smbd_t)
 
 ifdef(`targeted_policy', `
-	files_dontaudit_read_root_file(smbd_t)
+	files_dontaudit_read_root_files(smbd_t)
 	term_dontaudit_use_generic_pty(smbd_t)
 	term_dontaudit_use_unallocated_tty(smbd_t)
 ')
@@ -420,7 +420,7 @@ userdom_dontaudit_use_unpriv_user_fd(nmbd_t)
 userdom_use_unpriv_users_fd(nmbd_t)
 
 ifdef(`targeted_policy', `
-	files_dontaudit_read_root_file(nmbd_t)
+	files_dontaudit_read_root_files(nmbd_t)
 	term_dontaudit_use_generic_pty(nmbd_t)
 	term_dontaudit_use_unallocated_tty(nmbd_t)
 ')
@@ -714,7 +714,7 @@ userdom_priveleged_home_dir_manager(winbind_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(winbind_t)
 	term_dontaudit_use_generic_pty(winbind_t)
-	files_dontaudit_read_root_file(winbind_t)
+	files_dontaudit_read_root_files(winbind_t)
 ')
 
 optional_policy(`kerberos',`
diff --git a/refpolicy/policy/modules/services/sasl.te b/refpolicy/policy/modules/services/sasl.te
index 065726eb..38e85d69 100644
--- a/refpolicy/policy/modules/services/sasl.te
+++ b/refpolicy/policy/modules/services/sasl.te
@@ -60,7 +60,7 @@ files_read_etc_files(saslauthd_t)
 files_dontaudit_read_etc_runtime_files(saslauthd_t)
 files_search_var_lib(saslauthd_t)
 files_dontaudit_getattr_home_dir(saslauthd_t)
-files_dontaudit_getattr_tmp_dir(saslauthd_t)
+files_dontaudit_getattr_tmp_dirs(saslauthd_t)
 
 init_use_fd(saslauthd_t)
 init_use_script_pty(saslauthd_t)
@@ -84,7 +84,7 @@ userdom_dontaudit_search_sysadm_home_dir(saslauthd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(saslauthd_t)
 	term_dontaudit_use_generic_pty(saslauthd_t)
-	files_dontaudit_read_root_file(saslauthd_t)
+	files_dontaudit_read_root_files(saslauthd_t)
 ')
 
 # cjp: typeattribute dont work in conditionals yet
diff --git a/refpolicy/policy/modules/services/sendmail.te b/refpolicy/policy/modules/services/sendmail.te
index fd16c09e..fca880d7 100644
--- a/refpolicy/policy/modules/services/sendmail.te
+++ b/refpolicy/policy/modules/services/sendmail.te
@@ -105,7 +105,7 @@ ifdef(`targeted_policy',`
 	unconfined_domain_template(sendmail_t)
 	term_dontaudit_use_unallocated_tty(sendmail_t)
 	term_dontaudit_use_generic_pty(sendmail_t)
-	files_dontaudit_read_root_file(sendmail_t)
+	files_dontaudit_read_root_files(sendmail_t)
 ',`
 	allow sendmail_t sendmail_tmp_t:dir create_dir_perms;
 	allow sendmail_t sendmail_tmp_t:file create_file_perms;
diff --git a/refpolicy/policy/modules/services/slrnpull.te b/refpolicy/policy/modules/services/slrnpull.te
index c3462c80..8ccc4755 100644
--- a/refpolicy/policy/modules/services/slrnpull.te
+++ b/refpolicy/policy/modules/services/slrnpull.te
@@ -69,7 +69,7 @@ userdom_dontaudit_use_unpriv_user_fd(slrnpull_t)
 userdom_dontaudit_search_sysadm_home_dir(slrnpull_t)
 
 ifdef(`targeted_policy',`
-	files_dontaudit_read_root_file(slrnpull_t)
+	files_dontaudit_read_root_files(slrnpull_t)
 	term_dontaudit_use_unallocated_tty(slrnpull_t)
 	term_dontaudit_use_generic_pty(slrnpull_t)
 ')
diff --git a/refpolicy/policy/modules/services/smartmon.te b/refpolicy/policy/modules/services/smartmon.te
index 79802276..7681839c 100644
--- a/refpolicy/policy/modules/services/smartmon.te
+++ b/refpolicy/policy/modules/services/smartmon.te
@@ -91,7 +91,7 @@ userdom_dontaudit_search_sysadm_home_dir(fsdaemon_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(fsdaemon_t)
 	term_dontaudit_use_generic_pty(fsdaemon_t)
-	files_dontaudit_read_root_file(fsdaemon_t)
+	files_dontaudit_read_root_files(fsdaemon_t)
 ')
 
 optional_policy(`mta',`
diff --git a/refpolicy/policy/modules/services/snmp.te b/refpolicy/policy/modules/services/snmp.te
index 9d2a4995..03e06129 100644
--- a/refpolicy/policy/modules/services/snmp.te
+++ b/refpolicy/policy/modules/services/snmp.te
@@ -126,7 +126,7 @@ ifdef(`distro_redhat', `
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(snmpd_t)
 	term_dontaudit_use_generic_pty(snmpd_t)
-	files_dontaudit_read_root_file(snmpd_t)
+	files_dontaudit_read_root_files(snmpd_t)
 ')
 
 optional_policy(`amanda',`
diff --git a/refpolicy/policy/modules/services/spamassassin.te b/refpolicy/policy/modules/services/spamassassin.te
index 099addac..066909cf 100644
--- a/refpolicy/policy/modules/services/spamassassin.te
+++ b/refpolicy/policy/modules/services/spamassassin.te
@@ -119,7 +119,7 @@ userdom_dontaudit_search_sysadm_home_dir(spamd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(spamd_t)
 	term_dontaudit_use_generic_pty(spamd_t)
-	files_dontaudit_read_root_file(spamd_t)
+	files_dontaudit_read_root_files(spamd_t)
 	userdom_manage_generic_user_home_dirs(spamd_t)
 	userdom_manage_generic_user_home_files(spamd_t)
 ')
diff --git a/refpolicy/policy/modules/services/squid.te b/refpolicy/policy/modules/services/squid.te
index 74dd8fc0..d3dc3814 100644
--- a/refpolicy/policy/modules/services/squid.te
+++ b/refpolicy/policy/modules/services/squid.te
@@ -113,7 +113,7 @@ files_read_etc_files(squid_t)
 files_read_etc_runtime_files(squid_t)
 files_read_usr_files(squid_t)
 files_search_spool(squid_t)
-files_dontaudit_getattr_tmp_dir(squid_t)
+files_dontaudit_getattr_tmp_dirs(squid_t)
 files_getattr_home_dir(squid_t)
 
 init_use_fd(squid_t)
@@ -138,7 +138,7 @@ userdom_dontaudit_search_sysadm_home_dir(squid_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(squid_t)
 	term_dontaudit_use_generic_pty(squid_t)
-	files_dontaudit_read_root_file(squid_t)
+	files_dontaudit_read_root_files(squid_t)
 ')
 
 tunable_policy(`squid_connect_any',`
diff --git a/refpolicy/policy/modules/services/ssh.te b/refpolicy/policy/modules/services/ssh.te
index 2f4f84d0..51eb4d34 100644
--- a/refpolicy/policy/modules/services/ssh.te
+++ b/refpolicy/policy/modules/services/ssh.te
@@ -255,7 +255,7 @@ ifdef(`targeted_policy',`',`
 	ifdef(`targeted_policy', `
 		term_dontaudit_use_unallocated_tty(ssh_keygen_t)
 		term_dontaudit_use_generic_pty(ssh_keygen_t)
-		files_dontaudit_read_root_file(ssh_keygen_t)
+		files_dontaudit_read_root_files(ssh_keygen_t)
 	')
 
 	optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/stunnel.te b/refpolicy/policy/modules/services/stunnel.te
index c0f99206..b2e32f12 100644
--- a/refpolicy/policy/modules/services/stunnel.te
+++ b/refpolicy/policy/modules/services/stunnel.te
@@ -100,7 +100,7 @@ ifdef(`distro_gentoo', `
 	ifdef(`targeted_policy', `
         	term_dontaudit_use_unallocated_tty(stunnel_t)
         	term_dontaudit_use_generic_pty(stunnel_t)
-        	files_dontaudit_read_root_file(stunnel_t)
+        	files_dontaudit_read_root_files(stunnel_t)
 	')
 
 	optional_policy(`daemontools',`
diff --git a/refpolicy/policy/modules/services/tftp.te b/refpolicy/policy/modules/services/tftp.te
index 44fb4153..b51075b1 100644
--- a/refpolicy/policy/modules/services/tftp.te
+++ b/refpolicy/policy/modules/services/tftp.te
@@ -65,7 +65,7 @@ domain_use_wide_inherit_fd(tftpd_t)
 
 files_read_etc_files(tftpd_t);
 files_read_var_files(tftpd_t)
-files_read_var_symlink(tftpd_t)
+files_read_var_symlinks(tftpd_t)
 files_search_var(tftpd_t)
 
 init_use_fd(tftpd_t)
@@ -87,7 +87,7 @@ userdom_dontaudit_search_sysadm_home_dir(tftpd_t)
 ifdef(`targeted_policy', `
         term_dontaudit_use_unallocated_tty(tftpd_t)
         term_dontaudit_use_generic_pty(tftpd_t)
-        files_dontaudit_read_root_file(tftpd_t)
+        files_dontaudit_read_root_files(tftpd_t)
 ')
 
 optional_policy(`mount',`
diff --git a/refpolicy/policy/modules/services/timidity.te b/refpolicy/policy/modules/services/timidity.te
index b66b5dbf..da3e5a67 100644
--- a/refpolicy/policy/modules/services/timidity.te
+++ b/refpolicy/policy/modules/services/timidity.te
@@ -88,7 +88,7 @@ userdom_search_sysadm_home_dir(timidity_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(timidity_t)
 	term_dontaudit_use_generic_pty(timidity_t)
-	files_dontaudit_read_root_file(timidity_t)
+	files_dontaudit_read_root_files(timidity_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/services/xfs.te b/refpolicy/policy/modules/services/xfs.te
index fb806d93..a805e4c5 100644
--- a/refpolicy/policy/modules/services/xfs.te
+++ b/refpolicy/policy/modules/services/xfs.te
@@ -76,7 +76,7 @@ ifdef(`distro_debian',`
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(xfs_t)
 	term_dontaudit_use_generic_pty(xfs_t)
-	files_dontaudit_read_root_file(xfs_t)
+	files_dontaudit_read_root_files(xfs_t)
 ')
 
 optional_policy(`nis',`
diff --git a/refpolicy/policy/modules/services/zebra.te b/refpolicy/policy/modules/services/zebra.te
index 85c5834b..2f6fc24e 100644
--- a/refpolicy/policy/modules/services/zebra.te
+++ b/refpolicy/policy/modules/services/zebra.te
@@ -109,7 +109,7 @@ userdom_dontaudit_search_sysadm_home_dir(zebra_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(zebra_t)
 	term_dontaudit_use_generic_pty(zebra_t)
-	files_dontaudit_read_root_file(zebra_t)
+	files_dontaudit_read_root_files(zebra_t)
 	unconfined_sigchld(zebra_t)
 ')
 
diff --git a/refpolicy/policy/modules/system/authlogin.te b/refpolicy/policy/modules/system/authlogin.te
index f9c4fc0e..6cc38e10 100644
--- a/refpolicy/policy/modules/system/authlogin.te
+++ b/refpolicy/policy/modules/system/authlogin.te
@@ -218,7 +218,7 @@ ifdef(`direct_sysadm_daemon', `
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(pam_console_t)
 	term_dontaudit_use_generic_pty(pam_console_t)
-	files_dontaudit_read_root_file(pam_console_t)
+	files_dontaudit_read_root_files(pam_console_t)
 ')
 
 optional_policy(`gpm',`
diff --git a/refpolicy/policy/modules/system/clock.te b/refpolicy/policy/modules/system/clock.te
index fac03e2e..92d9fe5b 100644
--- a/refpolicy/policy/modules/system/clock.te
+++ b/refpolicy/policy/modules/system/clock.te
@@ -52,7 +52,7 @@ init_use_script_pty(hwclock_t)
 
 files_read_etc_files(hwclock_t)
 # for when /usr is not mounted:
-files_dontaudit_search_isid_type_dir(hwclock_t)
+files_dontaudit_search_isid_type_dirs(hwclock_t)
 
 libs_use_ld_so(hwclock_t)
 libs_use_shared_libs(hwclock_t)
@@ -64,7 +64,7 @@ miscfiles_read_localization(hwclock_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(hwclock_t)
 	term_dontaudit_use_generic_pty(hwclock_t)
-	files_dontaudit_read_root_file(hwclock_t)
+	files_dontaudit_read_root_files(hwclock_t)
 ')
 
 optional_policy(`apm',`
diff --git a/refpolicy/policy/modules/system/fstools.te b/refpolicy/policy/modules/system/fstools.te
index 354fbd35..25f84f1c 100644
--- a/refpolicy/policy/modules/system/fstools.te
+++ b/refpolicy/policy/modules/system/fstools.te
@@ -112,12 +112,12 @@ files_list_home(fsadm_t)
 files_read_usr_files(fsadm_t)
 files_read_etc_files(fsadm_t)
 files_manage_lost_found(fsadm_t)
-files_manage_isid_type_dir(fsadm_t)
+files_manage_isid_type_dirs(fsadm_t)
 # Write to /etc/mtab.
 files_manage_etc_runtime_files(fsadm_t)
 # Access to /initrd devices
-files_rw_isid_type_dir(fsadm_t)
-files_rw_isid_type_blk_node(fsadm_t)
+files_rw_isid_type_dirs(fsadm_t)
+files_rw_isid_type_blk_files(fsadm_t)
 # Recreate /mnt/cdrom.
 files_manage_mnt_dirs(fsadm_t)
 # for tune2fs
diff --git a/refpolicy/policy/modules/system/hostname.te b/refpolicy/policy/modules/system/hostname.te
index 51b0172a..317c055c 100644
--- a/refpolicy/policy/modules/system/hostname.te
+++ b/refpolicy/policy/modules/system/hostname.te
@@ -44,7 +44,7 @@ domain_use_wide_inherit_fd(hostname_t)
 files_read_etc_files(hostname_t)
 files_dontaudit_search_var(hostname_t)
 # for when /usr is not mounted:
-files_dontaudit_search_isid_type_dir(hostname_t)
+files_dontaudit_search_isid_type_dirs(hostname_t)
 
 libs_use_ld_so(hostname_t)
 libs_use_shared_libs(hostname_t)
diff --git a/refpolicy/policy/modules/system/hotplug.te b/refpolicy/policy/modules/system/hotplug.te
index 04e5d894..5ede4647 100644
--- a/refpolicy/policy/modules/system/hotplug.te
+++ b/refpolicy/policy/modules/system/hotplug.te
@@ -93,7 +93,7 @@ files_read_etc_files(hotplug_t)
 files_manage_etc_runtime_files(hotplug_t)
 files_exec_etc_files(hotplug_t)
 # for when filesystems are not mounted early in the boot:
-files_dontaudit_search_isid_type_dir(hotplug_t)
+files_dontaudit_search_isid_type_dirs(hotplug_t)
 
 init_use_fd(hotplug_t)
 init_use_script_pty(hotplug_t)
diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
index 230a10b5..402748f4 100644
--- a/refpolicy/policy/modules/system/init.te
+++ b/refpolicy/policy/modules/system/init.te
@@ -140,13 +140,13 @@ domain_sigchld_all_domains(init_t)
 
 files_read_etc_files(init_t)
 files_rw_generic_pids(init_t)
-files_dontaudit_search_isid_type_dir(init_t)
+files_dontaudit_search_isid_type_dirs(init_t)
 files_manage_etc_runtime_files(init_t)
 # Run /etc/X11/prefdm:
 files_exec_etc_files(init_t)
 # file descriptors inherited from the rootfs:
-files_dontaudit_rw_root_file(init_t)
-files_dontaudit_rw_root_chr_dev(init_t)
+files_dontaudit_rw_root_files(init_t)
+files_dontaudit_rw_root_chr_files(init_t)
 
 libs_use_ld_so(init_t)
 libs_use_shared_libs(init_t)
@@ -337,11 +337,11 @@ files_manage_generic_locks(initrc_t)
 files_exec_etc_files(initrc_t)
 files_read_usr_files(initrc_t)
 files_manage_urandom_seed(initrc_t)
-files_manage_generic_spools(initrc_t)
+files_manage_generic_spool(initrc_t)
 # Mount and unmount file systems.
 # cjp: not sure why these are here; should use mount policy
-files_list_isid_type_dir(initrc_t)
-files_mounton_isid_type_dir(initrc_t)
+files_list_isid_type_dirs(initrc_t)
+files_mounton_isid_type_dirs(initrc_t)
 files_list_default(initrc_t)
 files_mounton_default(initrc_t)
 
@@ -390,7 +390,7 @@ ifdef(`distro_debian',`
 	fs_setattr_tmpfs_dir(initrc_t)
 	storage_create_fixed_disk_tmpfs(initrc_t)
 
-	files_setattr_etc_dir(initrc_t)
+	files_setattr_etc_dirs(initrc_t)
 ')
 
 ifdef(`distro_gentoo',`
@@ -410,7 +410,7 @@ ifdef(`distro_redhat',`
 	# Red Hat systems seem to have a stray
 	# fd open from the initrd
 	kernel_dontaudit_use_fd(initrc_t)
-	files_dontaudit_read_root_file(initrc_t)
+	files_dontaudit_read_root_files(initrc_t)
 
 	selinux_set_enforce_mode(initrc_t)
 
@@ -434,7 +434,6 @@ ifdef(`distro_redhat',`
 	storage_getattr_removable_device(initrc_t)
 
 	files_create_boot_flag(initrc_t)
-	files_getattr_all_file_type_sockets(initrc_t)
 	# wants to read /.fonts directory
 	files_read_default_files(initrc_t)
 	files_mountpoint(initrc_tmp_t)
diff --git a/refpolicy/policy/modules/system/ipsec.te b/refpolicy/policy/modules/system/ipsec.te
index 36f4a197..5ba6060a 100644
--- a/refpolicy/policy/modules/system/ipsec.te
+++ b/refpolicy/policy/modules/system/ipsec.te
@@ -127,7 +127,7 @@ userdom_dontaudit_search_sysadm_home_dir(ipsec_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(ipsec_t)
 	term_dontaudit_use_generic_pty(ipsec_t)
-	files_dontaudit_read_root_file(ipsec_t)
+	files_dontaudit_read_root_files(ipsec_t)
 ')
 
 optional_policy(`nis',`
@@ -236,7 +236,7 @@ domain_dontaudit_rw_all_key_sockets(ipsec_mgmt_t)
 files_read_etc_files(ipsec_mgmt_t)
 files_exec_etc_files(ipsec_mgmt_t)
 files_read_etc_runtime_files(ipsec_mgmt_t)
-files_dontaudit_getattr_default_dir(ipsec_mgmt_t)
+files_dontaudit_getattr_default_dirs(ipsec_mgmt_t)
 files_dontaudit_getattr_default_files(ipsec_mgmt_t)
 
 init_use_script_pty(ipsec_mgmt_t)
diff --git a/refpolicy/policy/modules/system/iptables.te b/refpolicy/policy/modules/system/iptables.te
index 9f8860fe..5de2de24 100644
--- a/refpolicy/policy/modules/system/iptables.te
+++ b/refpolicy/policy/modules/system/iptables.te
@@ -78,7 +78,7 @@ userdom_use_all_user_fd(iptables_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(iptables_t)
 	term_dontaudit_use_generic_pty(iptables_t)
-	files_dontaudit_read_root_file(iptables_t)
+	files_dontaudit_read_root_files(iptables_t)
 ')
 
 optional_policy(`firstboot',`
diff --git a/refpolicy/policy/modules/system/locallogin.te b/refpolicy/policy/modules/system/locallogin.te
index ab4111ac..2f42111a 100644
--- a/refpolicy/policy/modules/system/locallogin.te
+++ b/refpolicy/policy/modules/system/locallogin.te
@@ -140,7 +140,7 @@ files_read_world_readable_symlinks(local_login_t)
 files_read_world_readable_pipes(local_login_t)
 files_read_world_readable_sockets(local_login_t)
 # for when /var/mail is a symlink
-files_read_var_symlink(local_login_t)
+files_read_var_symlinks(local_login_t)
 
 init_rw_utmp(local_login_t)
 init_dontaudit_use_fd(local_login_t)
@@ -243,7 +243,7 @@ fs_use_tmpfs_chr_dev(sulogin_t)
 
 files_read_etc_files(sulogin_t)
 # because file systems are not mounted:
-files_dontaudit_search_isid_type_dir(sulogin_t)
+files_dontaudit_search_isid_type_dirs(sulogin_t)
 
 init_get_script_process_group(sulogin_t)
 
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index 27b922e7..2c601ed8 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -335,7 +335,7 @@ domain_use_wide_inherit_fd(syslogd_t)
 files_read_etc_files(syslogd_t)
 files_read_etc_runtime_files(syslogd_t)
 # /initrd is not umounted before minilog starts
-files_dontaudit_search_isid_type_dir(syslogd_t)
+files_dontaudit_search_isid_type_dirs(syslogd_t)
 
 libs_use_ld_so(syslogd_t)
 libs_use_shared_libs(syslogd_t)
@@ -359,7 +359,7 @@ ifdef(`targeted_policy',`
 	allow syslogd_t var_run_t:fifo_file { ioctl read write };
 	term_dontaudit_use_unallocated_tty(syslogd_t)
 	term_dontaudit_use_generic_pty(syslogd_t)
-	files_dontaudit_read_root_file(syslogd_t)
+	files_dontaudit_read_root_files(syslogd_t)
 ')
 
 optional_policy(`inn',`
diff --git a/refpolicy/policy/modules/system/lvm.te b/refpolicy/policy/modules/system/lvm.te
index 47dcf519..f2b8a4bc 100644
--- a/refpolicy/policy/modules/system/lvm.te
+++ b/refpolicy/policy/modules/system/lvm.te
@@ -103,7 +103,7 @@ userdom_dontaudit_search_sysadm_home_dir(clvmd_t)
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(clvmd_t)
 	term_dontaudit_use_generic_pty(clvmd_t)
-	files_dontaudit_read_root_file(clvmd_t)
+	files_dontaudit_read_root_files(clvmd_t)
 ')
 
 optional_policy(`mount',`
@@ -220,7 +220,7 @@ domain_use_wide_inherit_fd(lvm_t)
 files_read_etc_files(lvm_t)
 files_read_etc_runtime_files(lvm_t)
 # for when /usr is not mounted:
-files_dontaudit_search_isid_type_dir(lvm_t)
+files_dontaudit_search_isid_type_dirs(lvm_t)
 
 init_use_fd(lvm_t)
 init_dontaudit_getattr_initctl(lvm_t)
@@ -240,14 +240,14 @@ seutil_sigchld_newrole(lvm_t)
 
 ifdef(`distro_redhat',`
 	# this is from the initrd:
-	files_rw_isid_type_dir(lvm_t)
+	files_rw_isid_type_dirs(lvm_t)
 ')
 
 ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(lvm_t)
 	term_dontaudit_use_generic_pty(lvm_t)
 
-	files_dontaudit_read_root_file(lvm_t)
+	files_dontaudit_read_root_files(lvm_t)
 ')
 
 optional_policy(`bootloader',`
diff --git a/refpolicy/policy/modules/system/modutils.te b/refpolicy/policy/modules/system/modutils.te
index fd42f00b..8ac532ca 100644
--- a/refpolicy/policy/modules/system/modutils.te
+++ b/refpolicy/policy/modules/system/modutils.te
@@ -98,7 +98,7 @@ files_exec_etc_files(insmod_t)
 # for nscd:
 files_dontaudit_search_pids(insmod_t)
 # for when /var is not mounted early in the boot:
-files_dontaudit_search_isid_type_dir(insmod_t)
+files_dontaudit_search_isid_type_dirs(insmod_t)
 
 init_use_initctl(insmod_t)
 init_use_fd(insmod_t)
diff --git a/refpolicy/policy/modules/system/mount.te b/refpolicy/policy/modules/system/mount.te
index 8552c97f..335f5611 100644
--- a/refpolicy/policy/modules/system/mount.te
+++ b/refpolicy/policy/modules/system/mount.te
@@ -56,7 +56,7 @@ corecmd_exec_bin(mount_t)
 
 domain_use_wide_inherit_fd(mount_t)
 
-files_search_all_dirs(mount_t)
+files_search_all(mount_t)
 files_read_etc_files(mount_t)
 files_manage_etc_runtime_files(mount_t)
 files_mounton_all_mountpoints(mount_t)
@@ -67,7 +67,7 @@ files_mount_all_file_type_fs(mount_t)
 files_unmount_all_file_type_fs(mount_t)
 # for when /etc/mtab loses its type
 # cjp: this seems wrong, the type should probably be etc
-files_read_isid_type_file(mount_t)
+files_read_isid_type_files(mount_t)
 
 init_use_fd(mount_t)
 init_use_script_pty(mount_t)
diff --git a/refpolicy/policy/modules/system/pcmcia.te b/refpolicy/policy/modules/system/pcmcia.te
index 41c28050..64c6099e 100644
--- a/refpolicy/policy/modules/system/pcmcia.te
+++ b/refpolicy/policy/modules/system/pcmcia.te
@@ -125,7 +125,7 @@ ifdef(`targeted_policy',`
 	term_use_generic_pty(cardmgr_t)
 	term_dontaudit_use_unallocated_tty(cardmgr_t)
 	term_dontaudit_use_generic_pty(cardmgr_t)
-	files_dontaudit_read_root_file(cardmgr_t)
+	files_dontaudit_read_root_files(cardmgr_t)
 ')
 
 optional_policy(`selinuxutil',`
diff --git a/refpolicy/policy/modules/system/raid.te b/refpolicy/policy/modules/system/raid.te
index f700da62..3a2135ee 100644
--- a/refpolicy/policy/modules/system/raid.te
+++ b/refpolicy/policy/modules/system/raid.te
@@ -72,7 +72,7 @@ mta_send_mail(mdadm_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_unallocated_tty(mdadm_t)
 	term_dontaudit_use_generic_pty(mdadm_t)
-	files_dontaudit_read_root_file(mdadm_t)
+	files_dontaudit_read_root_files(mdadm_t)
 ')
 
 optional_policy(`selinux',`
diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te
index 5854cbc5..951ff534 100644
--- a/refpolicy/policy/modules/system/selinuxutil.te
+++ b/refpolicy/policy/modules/system/selinuxutil.te
@@ -264,7 +264,7 @@ init_rw_utmp(newrole_t)
 
 files_read_etc_files(newrole_t)
 files_read_var_files(newrole_t)
-files_read_var_symlink(newrole_t)
+files_read_var_symlinks(newrole_t)
 
 libs_use_ld_so(newrole_t)
 libs_use_shared_libs(newrole_t)
@@ -364,7 +364,7 @@ kernel_relabel_unlabeled(restorecon_t)
 dev_relabel_all_dev_nodes(restorecon_t)
 
 files_relabel_all_files(restorecon_t)
-files_list_all_dirs(restorecon_t)
+files_list_all(restorecon_t)
 # this is to satisfy the assertion:
 auth_relabelto_shadow(restorecon_t)
 
@@ -517,7 +517,7 @@ userdom_read_all_user_files(setfiles_t)
 # relabeling rules
 kernel_relabel_unlabeled(setfiles_t)
 dev_relabel_all_dev_nodes(setfiles_t)
-files_list_all_dirs(setfiles_t)
+files_list_all(setfiles_t)
 files_relabel_all_files(setfiles_t)
 # this is to satisfy the assertion:
 auth_relabelto_shadow(setfiles_t)
diff --git a/refpolicy/policy/modules/system/sysnetwork.te b/refpolicy/policy/modules/system/sysnetwork.te
index 6dde0b32..3ae35f7d 100644
--- a/refpolicy/policy/modules/system/sysnetwork.te
+++ b/refpolicy/policy/modules/system/sysnetwork.te
@@ -154,7 +154,7 @@ ifdef(`targeted_policy', `
 	term_dontaudit_use_unallocated_tty(dhcpc_t)
 	term_dontaudit_use_generic_pty(dhcpc_t)
 
-	files_dontaudit_read_root_file(dhcpc_t)
+	files_dontaudit_read_root_files(dhcpc_t)
 ')
 
 optional_policy(`consoletype',`
@@ -294,7 +294,7 @@ term_dontaudit_use_all_user_ptys(ifconfig_t)
 
 domain_use_wide_inherit_fd(ifconfig_t)
 
-files_dontaudit_read_root_file(ifconfig_t)
+files_dontaudit_read_root_files(ifconfig_t)
 
 init_use_fd(ifconfig_t)
 init_use_script_pty(ifconfig_t)
diff --git a/refpolicy/policy/modules/system/udev.te b/refpolicy/policy/modules/system/udev.te
index 9cd4157b..1a48e577 100644
--- a/refpolicy/policy/modules/system/udev.te
+++ b/refpolicy/policy/modules/system/udev.te
@@ -111,7 +111,7 @@ domain_dontaudit_list_all_domains_proc(udev_t)
 files_read_etc_runtime_files(udev_t)
 files_read_etc_files(udev_t)
 files_exec_etc_files(udev_t)
-files_dontaudit_search_isid_type_dir(udev_t)
+files_dontaudit_search_isid_type_dirs(udev_t)
 files_getattr_generic_locks(udev_t)
 files_search_mnt(udev_t)
 
diff --git a/refpolicy/policy/modules/system/userdomain.if b/refpolicy/policy/modules/system/userdomain.if
index 469fdac9..c34e6666 100644
--- a/refpolicy/policy/modules/system/userdomain.if
+++ b/refpolicy/policy/modules/system/userdomain.if
@@ -229,8 +229,8 @@ template(`base_user_template',`
 	files_dontaudit_getattr_non_security_symlinks($1_t)
 	files_dontaudit_getattr_non_security_pipes($1_t)
 	files_dontaudit_getattr_non_security_sockets($1_t)
-	files_dontaudit_getattr_non_security_blk_dev($1_t)
-	files_dontaudit_getattr_non_security_chr_dev($1_t)
+	files_dontaudit_getattr_non_security_blk_files($1_t)
+	files_dontaudit_getattr_non_security_chr_files($1_t)
 
 	# Caused by su - init scripts
 	init_dontaudit_use_script_pty($1_t)
@@ -411,7 +411,7 @@ template(`base_user_template',`
 	')
 
 	optional_policy(`rpm',`
-		files_getattr_var_lib_dir($1_t)
+		files_getattr_var_lib_dirs($1_t)
 		files_search_var_lib($1_t)
 	')