diff --git a/policy-F16.patch b/policy-F16.patch
index 414e56dd..6eafc611 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -925,7 +925,7 @@ index 4f7bd3c..b5c346f 100644
 +	#unconfined_domain(kudzu_t)
  ')
 diff --git a/policy/modules/admin/logrotate.te b/policy/modules/admin/logrotate.te
-index 7090dae..1297962 100644
+index 7090dae..893ea9a 100644
 --- a/policy/modules/admin/logrotate.te
 +++ b/policy/modules/admin/logrotate.te
 @@ -116,17 +116,15 @@ miscfiles_read_localization(logrotate_t)
@@ -951,10 +951,11 @@ index 7090dae..1297962 100644
  	# for savelog
  	can_exec(logrotate_t, logrotate_exec_t)
  
-@@ -162,10 +160,19 @@ optional_policy(`
+@@ -162,10 +160,20 @@ optional_policy(`
  ')
  
  optional_policy(`
++	callweaver_exec(logrotate_t)
 +	callweaver_stream_connect(logrotate_t)
 +')
 +
@@ -971,7 +972,7 @@ index 7090dae..1297962 100644
  	cups_domtrans(logrotate_t)
  ')
  
-@@ -203,7 +210,6 @@ optional_policy(`
+@@ -203,7 +211,6 @@ optional_policy(`
  	psad_domtrans(logrotate_t)
  ')
  
@@ -979,7 +980,7 @@ index 7090dae..1297962 100644
  optional_policy(`
  	samba_exec_log(logrotate_t)
  ')
-@@ -228,3 +234,14 @@ optional_policy(`
+@@ -228,3 +235,14 @@ optional_policy(`
  optional_policy(`
  	varnishd_manage_log(logrotate_t)
  ')
@@ -3887,7 +3888,7 @@ index 00a19e3..55075f9 100644
 +/usr/libexec/gnome-system-monitor-mechanism 	--      gen_context(system_u:object_r:gnomesystemmm_exec_t,s0)
 +/usr/libexec/kde(3|4)/ksysguardprocesslist_helper	--		gen_context(system_u:object_r:gnomesystemmm_exec_t,s0)
 diff --git a/policy/modules/apps/gnome.if b/policy/modules/apps/gnome.if
-index f5afe78..bf930fc 100644
+index f5afe78..f816c8d 100644
 --- a/policy/modules/apps/gnome.if
 +++ b/policy/modules/apps/gnome.if
 @@ -1,44 +1,623 @@
@@ -4957,18 +4958,18 @@ index f5afe78..bf930fc 100644
 +	type gkeyringd_gnome_home_t;
 +')
 +
-+	userdom_user_home_dir_filetrans($1, config_home_t, file, .Xdefaults)
-+	userdom_user_home_dir_filetrans($1, config_home_t, dir, .xine)
-+	userdom_user_home_dir_filetrans($1, cache_home_t, dir, .cache)
-+	userdom_user_home_dir_filetrans($1, config_home_t, dir, .kde)
-+	userdom_user_home_dir_filetrans($1, gconf_home_t, dir, .gconf)
-+	userdom_user_home_dir_filetrans($1, gconf_home_t, dir, .gconfd)
-+	userdom_user_home_dir_filetrans($1, gconf_home_t, dir, .local)
-+	userdom_user_home_dir_filetrans($1, gnome_home_t, dir, .gnome2)
-+	userdom_user_home_dir_filetrans($1, gstreamer_home_t, dir, .gstreamer-10)
-+	userdom_user_home_dir_filetrans($1, gstreamer_home_t, dir, .gstreamer-12)
-+	filetrans_pattern($1, gnome_home_t, gkeyringd_gnome_home_t, dir, keyrings)
-+	filetrans_pattern($1, gconf_home_t, data_home_t, dir, share)
++	userdom_user_home_dir_filetrans($1, config_home_t, file, ".Xdefaults")
++	userdom_user_home_dir_filetrans($1, config_home_t, dir, ".xine")
++	userdom_user_home_dir_filetrans($1, cache_home_t, dir, ".cache")
++	userdom_user_home_dir_filetrans($1, config_home_t, dir, ".kde")
++	userdom_user_home_dir_filetrans($1, gconf_home_t, dir, ".gconf")
++	userdom_user_home_dir_filetrans($1, gconf_home_t, dir, ".gconfd")
++	userdom_user_home_dir_filetrans($1, gconf_home_t, dir, ".local")
++	userdom_user_home_dir_filetrans($1, gnome_home_t, dir, ".gnome2")
++	userdom_user_home_dir_filetrans($1, gstreamer_home_t, dir, ".gstreamer-10")
++	userdom_user_home_dir_filetrans($1, gstreamer_home_t, dir, ".gstreamer-12")
++	filetrans_pattern($1, gnome_home_t, gkeyringd_gnome_home_t, dir, "keyrings")
++	filetrans_pattern($1, gconf_home_t, data_home_t, dir, "share")
 +')
 +
 +########################################
@@ -4993,16 +4994,16 @@ index f5afe78..bf930fc 100644
 +	type data_home_t;
 +')
 +
-+	userdom_admin_home_dir_filetrans($1, config_home_t, file, .Xdefaults)
-+	userdom_admin_home_dir_filetrans($1, config_home_t, dir, .xine)
-+	userdom_admin_home_dir_filetrans($1, cache_home_t, dir, .cache)
-+	userdom_admin_home_dir_filetrans($1, config_home_t, dir, .kde)
-+	userdom_admin_home_dir_filetrans($1, gconf_home_t, dir, .gconf)
-+	userdom_admin_home_dir_filetrans($1, gconf_home_t, dir, .gconfd)
-+	userdom_admin_home_dir_filetrans($1, gconf_home_t, dir, .local)
-+	userdom_admin_home_dir_filetrans($1, gnome_home_t, dir, .gnome2)
-+	userdom_admin_home_dir_filetrans($1, gstreamer_home_t, dir, .gstreamer-10)
-+	userdom_admin_home_dir_filetrans($1, gstreamer_home_t, dir, .gstreamer-12)
++	userdom_admin_home_dir_filetrans($1, config_home_t, file, ".Xdefaults")
++	userdom_admin_home_dir_filetrans($1, config_home_t, dir, ".xine")
++	userdom_admin_home_dir_filetrans($1, cache_home_t, dir, ".cache")
++	userdom_admin_home_dir_filetrans($1, config_home_t, dir, ".kde")
++	userdom_admin_home_dir_filetrans($1, gconf_home_t, dir, ".gconf")
++	userdom_admin_home_dir_filetrans($1, gconf_home_t, dir, ".gconfd")
++	userdom_admin_home_dir_filetrans($1, gconf_home_t, dir, ".local")
++	userdom_admin_home_dir_filetrans($1, gnome_home_t, dir, ".gnome2")
++	userdom_admin_home_dir_filetrans($1, gstreamer_home_t, dir, ".gstreamer-10")
++	userdom_admin_home_dir_filetrans($1, gstreamer_home_t, dir, ".gstreamer-12")
 +')
 +######################################
 +## <summary>
@@ -5048,7 +5049,7 @@ index f5afe78..bf930fc 100644
 +    type_transition $1 gkeyringd_exec_t:process $2;
 +')
 diff --git a/policy/modules/apps/gnome.te b/policy/modules/apps/gnome.te
-index 2505654..d27f79b 100644
+index 2505654..8e26f2b 100644
 --- a/policy/modules/apps/gnome.te
 +++ b/policy/modules/apps/gnome.te
 @@ -5,12 +5,26 @@ policy_module(gnome, 2.1.0)
@@ -5123,7 +5124,7 @@ index 2505654..d27f79b 100644
  ##############################
  #
  # Local Policy
-@@ -75,3 +110,167 @@ optional_policy(`
+@@ -75,3 +110,166 @@ optional_policy(`
  	xserver_use_xdm_fds(gconfd_t)
  	xserver_rw_xdm_pipes(gconfd_t)
  ')
@@ -5153,28 +5154,28 @@ index 2505654..d27f79b 100644
 +userdom_dontaudit_search_admin_dir(gconfdefaultsm_t)
 +
 +optional_policy(`
-+        consolekit_dbus_chat(gconfdefaultsm_t)
++	consolekit_dbus_chat(gconfdefaultsm_t)
 +')
 +
 +optional_policy(`
-+        nscd_dontaudit_search_pid(gconfdefaultsm_t)
++	nscd_dontaudit_search_pid(gconfdefaultsm_t)
 +')
 +
 +optional_policy(`
-+        policykit_domtrans_auth(gconfdefaultsm_t)
-+        policykit_dbus_chat(gconfdefaultsm_t)
-+        policykit_read_lib(gconfdefaultsm_t)
-+        policykit_read_reload(gconfdefaultsm_t)
++	policykit_domtrans_auth(gconfdefaultsm_t)
++	policykit_dbus_chat(gconfdefaultsm_t)
++	policykit_read_lib(gconfdefaultsm_t)
++	policykit_read_reload(gconfdefaultsm_t)
 +')
 +
 +tunable_policy(`use_nfs_home_dirs',`
-+        fs_manage_nfs_dirs(gconfdefaultsm_t)
-+        fs_manage_nfs_files(gconfdefaultsm_t)
++	fs_manage_nfs_dirs(gconfdefaultsm_t)
++	fs_manage_nfs_files(gconfdefaultsm_t)
 +')
 +
 +tunable_policy(`use_samba_home_dirs',`
-+        fs_manage_cifs_dirs(gconfdefaultsm_t)
-+        fs_manage_cifs_files(gconfdefaultsm_t)
++	fs_manage_cifs_dirs(gconfdefaultsm_t)
++	fs_manage_cifs_files(gconfdefaultsm_t)
 +')
 +
 +#######################################
@@ -5206,18 +5207,18 @@ index 2505654..d27f79b 100644
 +userdom_dontaudit_search_admin_dir(gnomesystemmm_t)
 +
 +optional_policy(`
-+        consolekit_dbus_chat(gnomesystemmm_t)
++	consolekit_dbus_chat(gnomesystemmm_t)
 +')
 +
 +optional_policy(`
-+        nscd_dontaudit_search_pid(gnomesystemmm_t)
++	nscd_dontaudit_search_pid(gnomesystemmm_t)
 +')
 +
 +optional_policy(`
-+        policykit_dbus_chat(gnomesystemmm_t)
-+        policykit_domtrans_auth(gnomesystemmm_t)
-+        policykit_read_lib(gnomesystemmm_t)
-+        policykit_read_reload(gnomesystemmm_t)
++	policykit_dbus_chat(gnomesystemmm_t)
++	policykit_domtrans_auth(gnomesystemmm_t)
++	policykit_read_lib(gnomesystemmm_t)
++	policykit_read_reload(gnomesystemmm_t)
 +')
 +
 +######################################
@@ -5226,7 +5227,7 @@ index 2505654..d27f79b 100644
 +#
 +
 +allow gkeyringd_domain self:capability ipc_lock;
-+allow gkeyringd_domain self:process { getcap getsched signal };
++allow gkeyringd_domain self:process { getcap getsched setcap signal };
 +allow gkeyringd_domain self:fifo_file rw_fifo_file_perms;
 +allow gkeyringd_domain self:unix_stream_socket { connectto accept listen };
 +
@@ -5282,15 +5283,14 @@ index 2505654..d27f79b 100644
 +
 +tunable_policy(`use_nfs_home_dirs',`
 +	fs_getattr_nfs(gkeyringd_domain)
-+        fs_manage_nfs_dirs(gkeyringd_domain)
-+        fs_manage_nfs_files(gkeyringd_domain)
++	fs_manage_nfs_dirs(gkeyringd_domain)
++	fs_manage_nfs_files(gkeyringd_domain)
 +')
 +
 +tunable_policy(`use_samba_home_dirs',`
-+        fs_manage_cifs_dirs(gkeyringd_domain)
-+        fs_manage_cifs_files(gkeyringd_domain)
++	fs_manage_cifs_dirs(gkeyringd_domain)
++	fs_manage_cifs_files(gkeyringd_domain)
 +')
-+
 diff --git a/policy/modules/apps/gpg.fc b/policy/modules/apps/gpg.fc
 index e9853d4..6864b58 100644
 --- a/policy/modules/apps/gpg.fc
@@ -6249,7 +6249,7 @@ index 93ac529..35b51ab 100644
 +/usr/lib/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:mozilla_exec_t,s0)
 +/usr/lib/xulrunner[^/]*/plugin-container		--	gen_context(system_u:object_r:mozilla_plugin_exec_t,s0)
 diff --git a/policy/modules/apps/mozilla.if b/policy/modules/apps/mozilla.if
-index 9a6d67d..c499e03 100644
+index 9a6d67d..ceeb3e7 100644
 --- a/policy/modules/apps/mozilla.if
 +++ b/policy/modules/apps/mozilla.if
 @@ -29,6 +29,8 @@ interface(`mozilla_role',`
@@ -6308,7 +6308,7 @@ index 9a6d67d..c499e03 100644
  ##	Execmod mozilla home directory content.
  ## </summary>
  ## <param name="domain">
-@@ -168,6 +194,77 @@ interface(`mozilla_domtrans',`
+@@ -168,6 +194,80 @@ interface(`mozilla_domtrans',`
  
  ########################################
  ## <summary>
@@ -6331,6 +6331,8 @@ index 9a6d67d..c499e03 100644
 +
 +	allow $1 mozilla_plugin_t:dbus send_msg;
 +	allow mozilla_plugin_t $1:dbus send_msg;
++
++	allow $1 mozilla_plugin_t:fd use;
 +')
 +
 +
@@ -6358,7 +6360,8 @@ index 9a6d67d..c499e03 100644
 +	mozilla_domtrans_plugin($1)
 +	role $2 types mozilla_plugin_t;
 +	allow $1 mozilla_plugin_t:unix_stream_socket { connectto rw_socket_perms };
-+	allow $1 mozilla_plugin_t:process { signal sigkill };
++	allow $1 mozilla_plugin_t:process { ptrace signal sigkill };
++	allow $1 mozilla_plugin_t:fd use;
 +
 +	allow mozilla_plugin_t $1:unix_stream_socket rw_socket_perms;
 +')
@@ -6386,7 +6389,7 @@ index 9a6d67d..c499e03 100644
  ##	Send and receive messages from
  ##	mozilla over dbus.
  ## </summary>
-@@ -204,3 +301,39 @@ interface(`mozilla_rw_tcp_sockets',`
+@@ -204,3 +304,39 @@ interface(`mozilla_rw_tcp_sockets',`
  
  	allow $1 mozilla_t:tcp_socket rw_socket_perms;
  ')
@@ -7425,10 +7428,10 @@ index 0000000..37449c0
 +')
 diff --git a/policy/modules/apps/nsplugin.te b/policy/modules/apps/nsplugin.te
 new file mode 100644
-index 0000000..24c9669
+index 0000000..bd3e5f8
 --- /dev/null
 +++ b/policy/modules/apps/nsplugin.te
-@@ -0,0 +1,328 @@
+@@ -0,0 +1,329 @@
 +policy_module(nsplugin, 1.0.0)
 +
 +########################################
@@ -7545,6 +7548,7 @@ index 0000000..24c9669
 +dev_read_video_dev(nsplugin_t)
 +dev_write_video_dev(nsplugin_t)
 +dev_getattr_dri_dev(nsplugin_t)
++dev_getattr_mouse_dev(nsplugin_t)
 +dev_rwx_zero(nsplugin_t)
 +dev_read_sysfs(nsplugin_t)
 +dev_dontaudit_getattr_all(nsplugin_t)
@@ -10902,7 +10906,7 @@ index 34c9d01..1240d65 100644
  /var/qmail/bin			-d	gen_context(system_u:object_r:bin_t,s0)
  /var/qmail/bin(/.*)?			gen_context(system_u:object_r:bin_t,s0)
 diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
-index 9e9263a..32826ad 100644
+index 9e9263a..59c2125 100644
 --- a/policy/modules/kernel/corecommands.if
 +++ b/policy/modules/kernel/corecommands.if
 @@ -203,7 +203,7 @@ interface(`corecmd_getattr_bin_files',`
@@ -10914,7 +10918,32 @@ index 9e9263a..32826ad 100644
  ##	</summary>
  ## </param>
  #
-@@ -1049,6 +1049,7 @@ interface(`corecmd_manage_all_executables',`
+@@ -254,6 +254,24 @@ interface(`corecmd_dontaudit_write_bin_files',`
+ 
+ ########################################
+ ## <summary>
++##	Do not audit attempts to access check bin files.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain to not audit.
++##	</summary>
++## </param>
++#
++interface(`corecmd_dontaudit_access_check_bin',`
++	gen_require(`
++		type bin_t;
++	')
++
++	dontaudit $1 bin_t:file audit_access;
++')
++
++########################################
++## <summary>
+ ##	Read symbolic links in bin directories.
+ ## </summary>
+ ## <param name="domain">
+@@ -1049,6 +1067,7 @@ interface(`corecmd_manage_all_executables',`
  		type bin_t;
  	')
  
@@ -11052,7 +11081,7 @@ index 5a07a43..99c7564 100644
  ## </summary>
  ## <param name="domain">
 diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
-index 0757523..7b77799 100644
+index 0757523..be25171 100644
 --- a/policy/modules/kernel/corenetwork.te.in
 +++ b/policy/modules/kernel/corenetwork.te.in
 @@ -16,6 +16,7 @@ attribute rpc_port_type;
@@ -11090,7 +11119,7 @@ index 0757523..7b77799 100644
  type client_packet_t, packet_type, client_packet_type;
  
  #
-@@ -65,20 +79,25 @@ type hi_reserved_port_t, port_type, reserved_port_type, rpc_port_type;
+@@ -65,20 +79,26 @@ type hi_reserved_port_t, port_type, reserved_port_type, rpc_port_type;
  type server_packet_t, packet_type, server_packet_type;
  
  network_port(afs_bos, udp,7007,s0)
@@ -11114,10 +11143,11 @@ index 0757523..7b77799 100644
  network_port(auth, tcp,113,s0)
  network_port(bgp, tcp,179,s0, udp,179,s0, tcp,2605,s0, udp,2605,s0)
 +network_port(boinc, tcp,31416,s0)
++network_port(boinc_client_ctrl, tcp,1043,s0)
  type biff_port_t, port_type, reserved_port_type; dnl network_port(biff) # no defined portcon in current strict
  network_port(certmaster, tcp,51235,s0)
  network_port(chronyd, udp,323,s0)
-@@ -86,9 +105,11 @@ network_port(clamd, tcp,3310,s0)
+@@ -86,9 +106,11 @@ network_port(clamd, tcp,3310,s0)
  network_port(clockspeed, udp,4041,s0)
  network_port(cluster, tcp,5149,s0, udp,5149,s0, tcp,40040,s0, tcp,50006-50008,s0, udp,50006-50008,s0)
  network_port(cobbler, tcp,25151,s0)
@@ -11129,7 +11159,7 @@ index 0757523..7b77799 100644
  network_port(dbskkd, tcp,1178,s0)
  network_port(dcc, udp,6276,s0, udp,6277,s0)
  network_port(dccm, tcp,5679,s0, udp,5679,s0)
-@@ -96,9 +117,13 @@ network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0)
+@@ -96,9 +118,13 @@ network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0)
  network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0, tcp,647,s0, udp,647,s0, tcp,847,s0, udp,847,s0, tcp,7911,s0)
  network_port(dict, tcp,2628,s0)
  network_port(distccd, tcp,3632,s0)
@@ -11143,7 +11173,7 @@ index 0757523..7b77799 100644
  network_port(ftp, tcp,21,s0, tcp,990,s0, udp,990,s0)
  network_port(ftp_data, tcp,20,s0)
  network_port(gatekeeper, udp,1718,s0, udp,1719,s0, tcp,1721,s0, tcp,7000,s0)
-@@ -112,7 +137,7 @@ network_port(hddtemp, tcp,7634,s0)
+@@ -112,7 +138,7 @@ network_port(hddtemp, tcp,7634,s0)
  network_port(howl, tcp,5335,s0, udp,5353,s0)
  network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp, 8290,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0, tcp,9292,s0)
  network_port(http, tcp,80,s0, tcp,443,s0, tcp,488,s0, tcp,8008,s0, tcp,8009,s0, tcp,8443,s0) #8443 is mod_nss default port
@@ -11152,7 +11182,7 @@ index 0757523..7b77799 100644
  network_port(i18n_input, tcp,9010,s0)
  network_port(imaze, tcp,5323,s0, udp,5323,s0)
  network_port(inetd_child, tcp,1,s0, udp,1,s0, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
-@@ -126,43 +151,58 @@ network_port(iscsi, tcp,3260,s0)
+@@ -126,43 +152,59 @@ network_port(iscsi, tcp,3260,s0)
  network_port(isns, tcp,3205,s0, udp,3205,s0)
  network_port(jabber_client, tcp,5222,s0, tcp,5223,s0)
  network_port(jabber_interserver, tcp,5269,s0)
@@ -11160,6 +11190,7 @@ index 0757523..7b77799 100644
 -network_port(kerberos_admin, tcp,464,s0, udp,464,s0, tcp,749,s0)
 -network_port(kerberos_master, tcp,4444,s0, udp,4444,s0)
 +network_port(jabber_router, tcp,5347,s0)
++network_port(jboss_management, tcp,2712,s0)
 +network_port(kerberos, tcp,88,s0, udp,88,s0, tcp,750,s0, udp,750,s0, tcp,4444,s0, udp,4444,s0)
 +network_port(kerberos_admin, tcp,749,s0)
 +network_port(kerberos_password, tcp,464,s0, udp,464,s0)
@@ -11217,7 +11248,7 @@ index 0757523..7b77799 100644
  network_port(printer, tcp,515,s0)
  network_port(ptal, tcp,5703,s0)
  network_port(pulseaudio, tcp,4713,s0)
-@@ -177,24 +217,29 @@ network_port(ricci, tcp,11111,s0, udp,11111,s0)
+@@ -177,24 +219,29 @@ network_port(ricci, tcp,11111,s0, udp,11111,s0)
  network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
  network_port(rlogind, tcp,513,s0)
  network_port(rndc, tcp,953,s0)
@@ -11251,7 +11282,7 @@ index 0757523..7b77799 100644
  network_port(syslogd, udp,514,s0)
  network_port(tcs, tcp, 30003, s0)
  network_port(telnetd, tcp,23,s0)
-@@ -205,16 +250,17 @@ network_port(transproxy, tcp,8081,s0)
+@@ -205,20 +252,22 @@ network_port(transproxy, tcp,8081,s0)
  network_port(ups, tcp,3493,s0)
  type utcpserver_port_t, port_type; dnl network_port(utcpserver) # no defined portcon
  network_port(uucpd, tcp,540,s0)
@@ -11272,7 +11303,12 @@ index 0757523..7b77799 100644
  network_port(zookeeper_client, tcp,2181,s0)
  network_port(zookeeper_election, tcp,3888,s0)
  network_port(zookeeper_leader, tcp,2888,s0)
-@@ -276,5 +322,5 @@ allow corenet_unconfined_type port_type:tcp_socket { send_msg recv_msg name_conn
+ network_port(zebra, tcp,2600-2604,s0, tcp,2606,s0, udp,2600-2604,s0, udp,2606,s0)
++network_port(zented, tcp,1229,s0, udp,1229,s0)
+ network_port(zope, tcp,8021,s0)
+ 
+ # Defaults for reserved ports.	Earlier portcon entries take precedence;
+@@ -276,5 +325,5 @@ allow corenet_unconfined_type port_type:tcp_socket { send_msg recv_msg name_conn
  allow corenet_unconfined_type port_type:udp_socket { send_msg recv_msg };
  
  # Bind to any network address.
@@ -11310,7 +11346,7 @@ index 6cf8784..5b25039 100644
 +#
 +/sys(/.*)?			gen_context(system_u:object_r:sysfs_t,s0)
 diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
-index e9313fb..a09c590 100644
+index e9313fb..6c82b8f 100644
 --- a/policy/modules/kernel/devices.if
 +++ b/policy/modules/kernel/devices.if
 @@ -146,14 +146,33 @@ interface(`dev_relabel_all_dev_nodes',`
@@ -11374,7 +11410,32 @@ index e9313fb..a09c590 100644
  ##	Add entries to directories in /dev.
  ## </summary>
  ## <param name="domain">
-@@ -444,6 +481,24 @@ interface(`dev_getattr_generic_blk_files',`
+@@ -352,6 +389,24 @@ interface(`dev_read_generic_files',`
+ 	read_files_pattern($1, device_t, device_t)
+ ')
+ 
++#######################################
++## <summary>
++##  Read generic files in /dev.
++## </summary>
++## <param name="domain">
++##  <summary>
++##  Domain to not audit.
++##  </summary>
++## </param>
++#
++interface(`dev_dontaudit_read_generic_files',`
++    gen_require(`
++        type device_t;
++    ')
++
++    dontaudit $1 device_t:file { read getattr };
++')
++
+ ########################################
+ ## <summary>
+ ##	Read and write generic files in /dev.
+@@ -444,6 +499,24 @@ interface(`dev_getattr_generic_blk_files',`
  
  ########################################
  ## <summary>
@@ -11399,7 +11460,7 @@ index e9313fb..a09c590 100644
  ##	Dontaudit getattr on generic block devices.
  ## </summary>
  ## <param name="domain">
-@@ -628,7 +683,7 @@ interface(`dev_rw_generic_blk_files',`
+@@ -628,7 +701,7 @@ interface(`dev_rw_generic_blk_files',`
  ## </summary>
  ## <param name="domain">
  ##	<summary>
@@ -11408,7 +11469,7 @@ index e9313fb..a09c590 100644
  ##	</summary>
  ## </param>
  #
-@@ -715,7 +770,7 @@ interface(`dev_dontaudit_setattr_generic_symlinks',`
+@@ -715,7 +788,7 @@ interface(`dev_dontaudit_setattr_generic_symlinks',`
  
  ########################################
  ## <summary>
@@ -11417,7 +11478,7 @@ index e9313fb..a09c590 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -723,17 +778,17 @@ interface(`dev_dontaudit_setattr_generic_symlinks',`
+@@ -723,17 +796,17 @@ interface(`dev_dontaudit_setattr_generic_symlinks',`
  ##	</summary>
  ## </param>
  #
@@ -11438,7 +11499,7 @@ index e9313fb..a09c590 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -741,17 +796,17 @@ interface(`dev_read_generic_symlinks',`
+@@ -741,17 +814,17 @@ interface(`dev_read_generic_symlinks',`
  ##	</summary>
  ## </param>
  #
@@ -11459,7 +11520,7 @@ index e9313fb..a09c590 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -759,12 +814,12 @@ interface(`dev_create_generic_symlinks',`
+@@ -759,12 +832,12 @@ interface(`dev_create_generic_symlinks',`
  ##	</summary>
  ## </param>
  #
@@ -11474,7 +11535,7 @@ index e9313fb..a09c590 100644
  ')
  
  ########################################
-@@ -920,7 +975,7 @@ interface(`dev_filetrans',`
+@@ -920,7 +993,7 @@ interface(`dev_filetrans',`
  		type device_t;
  	')
  
@@ -11483,7 +11544,7 @@ index e9313fb..a09c590 100644
  
  	dev_associate($2)
  	files_associate_tmp($2)
-@@ -1006,6 +1061,7 @@ interface(`dev_dontaudit_getattr_all_blk_files',`
+@@ -1006,6 +1079,7 @@ interface(`dev_dontaudit_getattr_all_blk_files',`
  interface(`dev_getattr_all_chr_files',`
  	gen_require(`
  		attribute device_node;
@@ -11491,7 +11552,7 @@ index e9313fb..a09c590 100644
  	')
  
  	getattr_chr_files_pattern($1, device_t, device_node)
-@@ -1178,6 +1234,42 @@ interface(`dev_create_all_chr_files',`
+@@ -1178,6 +1252,42 @@ interface(`dev_create_all_chr_files',`
  
  ########################################
  ## <summary>
@@ -11534,7 +11595,7 @@ index e9313fb..a09c590 100644
  ##	Delete all block device files.
  ## </summary>
  ## <param name="domain">
-@@ -2663,7 +2755,7 @@ interface(`dev_write_misc',`
+@@ -2663,7 +2773,7 @@ interface(`dev_write_misc',`
  ## </summary>
  ## <param name="domain">
  ##	<summary>
@@ -11543,7 +11604,7 @@ index e9313fb..a09c590 100644
  ##	</summary>
  ## </param>
  #
-@@ -3192,24 +3284,6 @@ interface(`dev_rw_printer',`
+@@ -3192,24 +3302,6 @@ interface(`dev_rw_printer',`
  
  ########################################
  ## <summary>
@@ -11568,7 +11629,7 @@ index e9313fb..a09c590 100644
  ##	Get the attributes of the QEMU
  ##	microcode and id interfaces.
  ## </summary>
-@@ -3793,6 +3867,24 @@ interface(`dev_getattr_sysfs_dirs',`
+@@ -3793,6 +3885,24 @@ interface(`dev_getattr_sysfs_dirs',`
  
  ########################################
  ## <summary>
@@ -11593,7 +11654,7 @@ index e9313fb..a09c590 100644
  ##	Search the sysfs directories.
  ## </summary>
  ## <param name="domain">
-@@ -3884,25 +3976,6 @@ interface(`dev_dontaudit_write_sysfs_dirs',`
+@@ -3884,25 +3994,6 @@ interface(`dev_dontaudit_write_sysfs_dirs',`
  
  ########################################
  ## <summary>
@@ -11619,7 +11680,7 @@ index e9313fb..a09c590 100644
  ##	Read hardware state information.
  ## </summary>
  ## <desc>
-@@ -3954,6 +4027,42 @@ interface(`dev_rw_sysfs',`
+@@ -3954,6 +4045,42 @@ interface(`dev_rw_sysfs',`
  
  ########################################
  ## <summary>
@@ -11662,7 +11723,7 @@ index e9313fb..a09c590 100644
  ##	Read and write the TPM device.
  ## </summary>
  ## <param name="domain">
-@@ -4514,6 +4623,24 @@ interface(`dev_rwx_vmware',`
+@@ -4514,6 +4641,24 @@ interface(`dev_rwx_vmware',`
  
  ########################################
  ## <summary>
@@ -11687,7 +11748,7 @@ index e9313fb..a09c590 100644
  ##	Write to watchdog devices.
  ## </summary>
  ## <param name="domain">
-@@ -4748,3 +4875,772 @@ interface(`dev_unconfined',`
+@@ -4748,3 +4893,772 @@ interface(`dev_unconfined',`
  
  	typeattribute $1 devices_unconfined_type;
  ')
@@ -11770,695 +11831,695 @@ index e9313fb..a09c590 100644
 +	type mtrr_device_t;
 +')
 +
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, 3dfx)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, admmidi9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, adsp9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, aload9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amidi9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, amixer9)
-+	filetrans_pattern($1, device_t, apm_bios_t, chr_file, apm_bios)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, atibm)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, audio9)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs0)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs1)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs2)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs3)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs4)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs5)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs6)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs7)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs8)
-+	filetrans_pattern($1, device_t, autofs_device_t, chr_file, autofs9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, beep)
-+	filetrans_pattern($1, device_t, lvm_control_t, chr_file, btrfs-control)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, controlD64)
-+	filetrans_pattern($1, device_t, crash_device_t, chr_file, crash)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm0)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm1)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm2)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm3)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm4)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm5)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm6)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm7)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm8)
-+	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, dlm9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmfm)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dmmidi9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, dsp9)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, efirtc)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, e2201)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83000)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83001)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83002)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83003)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83004)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83005)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83006)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83007)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83008)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, em83009)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event0)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event1)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event2)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event3)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event4)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event5)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event6)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event7)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event8)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, event9)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, evtchn)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb0)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb1)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb2)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb3)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb4)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb5)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb6)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb7)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb8)
-+	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, fb9)
-+	filetrans_pattern($1, device_t, null_device_t, chr_file, full)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw0)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw1)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw2)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw3)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw4)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw5)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw6)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw7)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw8)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, fw9)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 000)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 001)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 002)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 003)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 004)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 005)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 006)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 007)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 008)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, 009)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, gfx)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, graphics)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc0)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc1)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc2)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc3)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc4)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc5)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc6)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc7)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc8)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, gtrsc9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, hfmodem)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev0)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev1)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev2)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev3)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev4)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev5)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev6)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev7)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev8)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hiddev9)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw0)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw1)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw2)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw3)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw4)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw5)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw6)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw7)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw8)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, hidraw9)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, hpet)
-+	filetrans_pattern($1, device_t, random_device_t, chr_file, hw_random)
-+	filetrans_pattern($1, device_t, random_device_t, chr_file, hwrng)
-+	filetrans_pattern($1, device_t, dri_device_t, chr_file, i915)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, inportbm)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi0)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi1)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi2)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi3)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi4)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi5)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi6)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi7)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi8)
-+	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, ipmi9)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt0)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt1)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt2)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt3)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt4)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt5)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt6)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt7)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt8)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, irlpt9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, jbm)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js0)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js1)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js2)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js3)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js4)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js5)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js6)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js7)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js8)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, js9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse0)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse1)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse2)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse3)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse4)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse5)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse6)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse7)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse8)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mouse9)
-+	filetrans_pattern($1, device_t, memory_device_t, chr_file, kmem)
-+	filetrans_pattern($1, device_t, kmsg_device_t, chr_file, kmsg)
-+	filetrans_pattern($1, device_t, qemu_device_t, chr_file, kqemu)
-+	filetrans_pattern($1, device_t, ksm_device_t, chr_file, ksm)
-+	filetrans_pattern($1, device_t, kvm_device_t, chr_file, kvm)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik0)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik1)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik2)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik3)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik4)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik5)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik6)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik7)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik8)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, lik9)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc0)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc1)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc2)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc3)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc4)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc5)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc6)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc7)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc8)
-+	filetrans_pattern($1, device_t, lirc_device_t, chr_file, lirc9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, lircm)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, logibm)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp0)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp1)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp2)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp3)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp4)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp5)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp6)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp7)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp8)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, lp9)
-+	filetrans_pattern($1, device_t, kmsg_device_t, chr_file, mcelog)
-+	filetrans_pattern($1, device_t, memory_device_t, chr_file, mem)
-+	filetrans_pattern($1, device_t, memory_device_t, chr_file, mergemem)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid0)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid1)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid2)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid3)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid4)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid5)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid6)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid7)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid8)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, mga_vid9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mice)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, microcode)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, midi9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mixer9)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mmetfgrab)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, modem)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4010)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4011)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4012)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4013)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4014)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4015)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4016)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4017)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4018)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, mpu4019)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr0)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr1)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr2)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr3)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr4)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr5)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr6)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr7)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr8)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, msr9)
-+	filetrans_pattern($1, device_t, vhost_device_t, chr_file, vhost)
-+	filetrans_pattern($1, device_t, netcontrol_device_t, chr_file, network_latency)
-+	filetrans_pattern($1, device_t, netcontrol_device_t, chr_file, network_throughput)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz0)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz1)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz2)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz3)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz4)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz5)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz6)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz7)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz8)
-+	filetrans_pattern($1, device_t, modem_device_t, chr_file, noz9)
-+	filetrans_pattern($1, device_t, null_device_t, chr_file, null)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia0)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia1)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia2)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia3)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia4)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia5)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia6)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia7)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia8)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidia9)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, nvidiactl)
-+	filetrans_pattern($1, device_t, nvram_device_t, chr_file, nvram)
-+	filetrans_pattern($1, device_t, memory_device_t, chr_file, oldmem)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, opengl)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par0)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par1)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par2)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par3)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par4)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par5)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par6)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par7)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par8)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, par9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, pc110pad)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock0)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock1)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock2)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock3)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock4)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock5)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock6)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock7)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock8)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pcfclock9)
-+	filetrans_pattern($1, device_t, power_device_t, chr_file, pmu)
-+	filetrans_pattern($1, device_t, memory_device_t, chr_file, port)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps0)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps1)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps2)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps3)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps4)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps5)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps6)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps7)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps8)
-+	filetrans_pattern($1, device_t, clock_device_t, chr_file, pps9)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, rmidi9)
-+	filetrans_pattern($1, device_t, dri_device_t, chr_file, radeon)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio0)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio1)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio2)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio3)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio4)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio5)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio6)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio7)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio8)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, radio9)
-+	filetrans_pattern($1, device_t, random_device_t, chr_file, random)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13940)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13941)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13942)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13943)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13944)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13945)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13946)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13947)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13948)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, raw13949)
-+	filetrans_pattern($1, device_t, wireless_device_t, chr_file, rfkill)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, sequencer)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, sequencer2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte7)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte8)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, smpte9)
-+	filetrans_pattern($1, device_t, power_device_t, chr_file, smu)
-+	filetrans_pattern($1, device_t, apm_bios_t, chr_file, snapshot)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, sndstat)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, sonypi)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm0)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm1)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm2)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm3)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm4)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm5)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm6)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm7)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm8)
-+	filetrans_pattern($1, device_t, tpm_device_t, chr_file, tpm9)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, uinput)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio0)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio1)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio2)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio3)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio4)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio5)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio6)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio7)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio8)
-+	filetrans_pattern($1, device_t, userio_device_t, chr_file, uio9)
-+	filetrans_pattern($1, device_t, urandom_device_t, chr_file, urandom)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb0)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb1)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb2)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb3)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb4)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb5)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb6)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb7)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, usb8)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp0)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp1)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp2)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp3)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp4)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp5)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp6)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp7)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp8)
-+	filetrans_pattern($1, device_t, printer_device_t, chr_file, usblp9)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon0)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon1)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon2)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon3)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon4)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon5)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon6)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon7)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon8)
-+	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, usbmon9)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, usbscanner)
-+	filetrans_pattern($1, device_t, vhost_device_t, chr_file, vhost-net)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi0)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi1)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi2)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi3)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi4)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi5)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi6)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi7)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi8)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vbi9)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox0)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox1)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox2)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox3)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox4)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox5)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox6)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox7)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox8)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vbox9)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, vga_arbiter)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmmon)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet0)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet1)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet2)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet3)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet4)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet5)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet6)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet7)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet8)
-+	filetrans_pattern($1, device_t, vmware_device_t, chr_file, vmnet9)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video0)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video1)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video2)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video3)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video4)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video5)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video6)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video7)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video8)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, video9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, vrtpanel)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vttuner)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx0)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx1)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx2)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx3)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx4)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx5)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx6)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx7)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx8)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, vtx9)
-+	filetrans_pattern($1, device_t, watchdog_device_t, chr_file, watchdog)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio0)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio1)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio2)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio3)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio4)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio5)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio6)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio7)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio8)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, winradio9)
-+	filetrans_pattern($1, device_t, crypt_device_t, chr_file, z90crypt)
-+	filetrans_pattern($1, device_t, zero_device_t, chr_file, zero)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card0)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card1)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card2)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card3)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card4)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card5)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card6)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card7)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card8)
-+	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, card9)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx0)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx1)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx2)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx3)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx4)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx5)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx6)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx7)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx8)
-+	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, cmx9)
-+	filetrans_pattern($1, device_t, netcontrol_device_t, chr_file, cpu_dma_latency)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu0)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu1)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu2)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu3)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu4)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu5)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu6)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu7)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu8)
-+	filetrans_pattern($1, device_t, cpu_device_t, chr_file, cpu9)
-+	filetrans_pattern($1, device_t, mtrr_device_t, chr_file, mtrr)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor0)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor1)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor2)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor3)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor4)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor5)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor6)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor7)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor8)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, sensor9)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m0)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m1)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m2)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m3)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m4)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m5)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m6)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m7)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m8)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, m9)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard0)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard1)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard2)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard3)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard4)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard5)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard6)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard7)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard8)
-+	filetrans_pattern($1, device_t, event_device_t, chr_file, keyboard9)
-+	filetrans_pattern($1, device_t, lvm_control_t, chr_file, control)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, ucb1x00)
-+	filetrans_pattern($1, device_t, mouse_device_t, chr_file, mk712)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx0)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx1)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx2)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx3)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx4)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx5)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx6)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx7)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx8)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, dc2xx9)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8000)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8001)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8002)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8003)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8004)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8005)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8006)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8007)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8008)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, mdc8009)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner0)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner1)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner2)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner3)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner4)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner5)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner6)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner7)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner8)
-+	filetrans_pattern($1, device_t, scanner_device_t, chr_file, scanner9)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap0)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap1)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap2)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap3)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap4)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap5)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap6)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap7)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap8)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, blktap9)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, gntdev)
-+	filetrans_pattern($1, device_t, xen_device_t, chr_file, gntalloc)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, patmgr0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, patmgr1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd0)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd1)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd2)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd3)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd4)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd5)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd6)
-+	filetrans_pattern($1, device_t, sound_device_t, chr_file, srnd7)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, tlk0)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, tlk1)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, tlk2)
-+	filetrans_pattern($1, device_t, v4l_device_t, chr_file, tlk3)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, uba)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, ubb)
-+	filetrans_pattern($1, device_t, usb_device_t, chr_file, ubc)
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "3dfx")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "admmidi9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "adsp9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "aload9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amidi9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "amixer9")
++	filetrans_pattern($1, device_t, apm_bios_t, chr_file, "apm_bios")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "atibm")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "audio9")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs0")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs1")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs2")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs3")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs4")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs5")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs6")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs7")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs8")
++	filetrans_pattern($1, device_t, autofs_device_t, chr_file, "autofs9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "beep")
++	filetrans_pattern($1, device_t, lvm_control_t, chr_file, "btrfs-control")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "controlD64")
++	filetrans_pattern($1, device_t, crash_device_t, chr_file, "crash")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm0")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm1")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm2")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm3")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm4")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm5")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm6")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm7")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm8")
++	filetrans_pattern($1, device_t, dlm_control_device_t, chr_file, "dlm9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmfm")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dmmidi9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "dsp9")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "efirtc")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "e2201")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83000")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83001")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83002")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83003")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83004")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83005")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83006")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83007")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83008")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "em83009")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event0")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event1")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event2")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event3")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event4")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event5")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event6")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event7")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event8")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "event9")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "evtchn")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb0")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb1")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb2")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb3")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb4")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb5")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb6")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb7")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb8")
++	filetrans_pattern($1, device_t, framebuf_device_t, chr_file, "fb9")
++	filetrans_pattern($1, device_t, null_device_t, chr_file, "full")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw0")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw1")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw2")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw3")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw4")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw5")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw6")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw7")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw8")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "fw9")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "000")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "001")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "002")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "003")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "004")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "005")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "006")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "007")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "008")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "009")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "gfx")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "graphics")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc0")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc1")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc2")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc3")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc4")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc5")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc6")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc7")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc8")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "gtrsc9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "hfmodem")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev0")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev1")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev2")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev3")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev4")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev5")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev6")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev7")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev8")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hiddev9")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw0")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw1")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw2")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw3")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw4")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw5")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw6")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw7")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw8")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "hidraw9")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "hpet")
++	filetrans_pattern($1, device_t, random_device_t, chr_file, "hw_random")
++	filetrans_pattern($1, device_t, random_device_t, chr_file, "hwrng")
++	filetrans_pattern($1, device_t, dri_device_t, chr_file, "i915")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "inportbm")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi0")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi1")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi2")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi3")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi4")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi5")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi6")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi7")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi8")
++	filetrans_pattern($1, device_t, ipmi_device_t, chr_file, "ipmi9")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt0")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt1")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt2")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt3")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt4")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt5")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt6")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt7")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt8")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "irlpt9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "jbm")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js0")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js1")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js2")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js3")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js4")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js5")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js6")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js7")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js8")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "js9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse0")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse1")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse2")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse3")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse4")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse5")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse6")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse7")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse8")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mouse9")
++	filetrans_pattern($1, device_t, memory_device_t, chr_file, "kmem")
++	filetrans_pattern($1, device_t, kmsg_device_t, chr_file, "kmsg")
++	filetrans_pattern($1, device_t, qemu_device_t, chr_file, "kqemu")
++	filetrans_pattern($1, device_t, ksm_device_t, chr_file, "ksm")
++	filetrans_pattern($1, device_t, kvm_device_t, chr_file, "kvm")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik0")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik1")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik2")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik3")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik4")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik5")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik6")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik7")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik8")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "lik9")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc0")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc1")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc2")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc3")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc4")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc5")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc6")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc7")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc8")
++	filetrans_pattern($1, device_t, lirc_device_t, chr_file, "lirc9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "lircm")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "logibm")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp0")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp1")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp2")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp3")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp4")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp5")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp6")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp7")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp8")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "lp9")
++	filetrans_pattern($1, device_t, kmsg_device_t, chr_file, "mcelog")
++	filetrans_pattern($1, device_t, memory_device_t, chr_file, "mem")
++	filetrans_pattern($1, device_t, memory_device_t, chr_file, "mergemem")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid0")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid1")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid2")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid3")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid4")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid5")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid6")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid7")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid8")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "mga_vid9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mice")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "microcode")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "midi9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mixer9")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mmetfgrab")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "modem")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4010")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4011")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4012")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4013")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4014")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4015")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4016")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4017")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4018")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "mpu4019")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr0")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr1")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr2")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr3")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr4")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr5")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr6")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr7")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr8")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "msr9")
++	filetrans_pattern($1, device_t, vhost_device_t, chr_file, "vhost")
++	filetrans_pattern($1, device_t, netcontrol_device_t, chr_file, "network_latency")
++	filetrans_pattern($1, device_t, netcontrol_device_t, chr_file, "network_throughput")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz0")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz1")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz2")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz3")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz4")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz5")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz6")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz7")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz8")
++	filetrans_pattern($1, device_t, modem_device_t, chr_file, "noz9")
++	filetrans_pattern($1, device_t, null_device_t, chr_file, "null")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia0")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia1")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia2")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia3")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia4")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia5")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia6")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia7")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia8")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidia9")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "nvidiactl")
++	filetrans_pattern($1, device_t, nvram_device_t, chr_file, "nvram")
++	filetrans_pattern($1, device_t, memory_device_t, chr_file, "oldmem")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "opengl")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par0")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par1")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par2")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par3")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par4")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par5")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par6")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par7")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par8")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "par9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "pc110pad")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock0")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock1")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock2")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock3")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock4")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock5")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock6")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock7")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock8")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pcfclock9")
++	filetrans_pattern($1, device_t, power_device_t, chr_file, "pmu")
++	filetrans_pattern($1, device_t, memory_device_t, chr_file, "port")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps0")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps1")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps2")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps3")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps4")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps5")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps6")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps7")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps8")
++	filetrans_pattern($1, device_t, clock_device_t, chr_file, "pps9")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "rmidi9")
++	filetrans_pattern($1, device_t, dri_device_t, chr_file, "radeon")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio0")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio1")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio2")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio3")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio4")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio5")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio6")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio7")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio8")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "radio9")
++	filetrans_pattern($1, device_t, random_device_t, chr_file, "random")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13940")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13941")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13942")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13943")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13944")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13945")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13946")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13947")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13948")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13949")
++	filetrans_pattern($1, device_t, wireless_device_t, chr_file, "rfkill")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "sequencer")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "sequencer2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte7")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte8")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "smpte9")
++	filetrans_pattern($1, device_t, power_device_t, chr_file, "smu")
++	filetrans_pattern($1, device_t, apm_bios_t, chr_file, "snapshot")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "sndstat")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "sonypi")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm0")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm1")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm2")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm3")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm4")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm5")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm6")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm7")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm8")
++	filetrans_pattern($1, device_t, tpm_device_t, chr_file, "tpm9")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "uinput")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio0")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio1")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio2")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio3")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio4")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio5")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio6")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio7")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio8")
++	filetrans_pattern($1, device_t, userio_device_t, chr_file, "uio9")
++	filetrans_pattern($1, device_t, urandom_device_t, chr_file, "urandom")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb0")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb1")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb2")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb3")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb4")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb5")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb6")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb7")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "usb8")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp0")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp1")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp2")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp3")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp4")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp5")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp6")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp7")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp8")
++	filetrans_pattern($1, device_t, printer_device_t, chr_file, "usblp9")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon0")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon1")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon2")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon3")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon4")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon5")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon6")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon7")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon8")
++	filetrans_pattern($1, device_t, usbmon_device_t, chr_file, "usbmon9")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "usbscanner")
++	filetrans_pattern($1, device_t, vhost_device_t, chr_file, "vhost-net")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi0")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi1")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi2")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi3")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi4")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi5")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi6")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi7")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi8")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vbi9")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox0")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox1")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox2")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox3")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox4")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox5")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox6")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox7")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox8")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vbox9")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "vga_arbiter")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmmon")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet0")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet1")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet2")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet3")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet4")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet5")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet6")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet7")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet8")
++	filetrans_pattern($1, device_t, vmware_device_t, chr_file, "vmnet9")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video0")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video1")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video2")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video3")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video4")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video5")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video6")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video7")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video8")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "video9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "vrtpanel")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vttuner")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx0")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx1")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx2")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx3")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx4")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx5")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx6")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx7")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx8")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "vtx9")
++	filetrans_pattern($1, device_t, watchdog_device_t, chr_file, "watchdog")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio0")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio1")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio2")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio3")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio4")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio5")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio6")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio7")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio8")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "winradio9")
++	filetrans_pattern($1, device_t, crypt_device_t, chr_file, "z90crypt")
++	filetrans_pattern($1, device_t, zero_device_t, chr_file, "zero")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card0")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card1")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card2")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card3")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card4")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card5")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card6")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card7")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card8")
++	filetrans_pattern($1, device_t, xserver_misc_device_t, chr_file, "card9")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx0")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx1")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx2")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx3")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx4")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx5")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx6")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx7")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx8")
++	filetrans_pattern($1, device_t, smartcard_device_t, chr_file, "cmx9")
++	filetrans_pattern($1, device_t, netcontrol_device_t, chr_file, "cpu_dma_latency")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu0")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu1")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu2")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu3")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu4")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu5")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu6")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu7")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu8")
++	filetrans_pattern($1, device_t, cpu_device_t, chr_file, "cpu9")
++	filetrans_pattern($1, device_t, mtrr_device_t, chr_file, "mtrr")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor0")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor1")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor2")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor3")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor4")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor5")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor6")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor7")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor8")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "sensor9")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m0")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m1")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m2")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m3")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m4")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m5")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m6")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m7")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m8")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "m9")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard0")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard1")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard2")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard3")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard4")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard5")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard6")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard7")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard8")
++	filetrans_pattern($1, device_t, event_device_t, chr_file, "keyboard9")
++	filetrans_pattern($1, device_t, lvm_control_t, chr_file, "control")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "ucb1x00")
++	filetrans_pattern($1, device_t, mouse_device_t, chr_file, "mk712")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx0")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx1")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx2")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx3")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx4")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx5")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx6")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx7")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx8")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "dc2xx9")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8000")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8001")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8002")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8003")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8004")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8005")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8006")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8007")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8008")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "mdc8009")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner0")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner1")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner2")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner3")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner4")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner5")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner6")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner7")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner8")
++	filetrans_pattern($1, device_t, scanner_device_t, chr_file, "scanner9")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap0")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap1")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap2")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap3")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap4")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap5")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap6")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap7")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap8")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "blktap9")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "gntdev")
++	filetrans_pattern($1, device_t, xen_device_t, chr_file, "gntalloc")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "patmgr0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "patmgr1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd0")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd1")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd2")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd3")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd4")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd5")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd6")
++	filetrans_pattern($1, device_t, sound_device_t, chr_file, "srnd7")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "tlk0")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "tlk1")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "tlk2")
++	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "tlk3")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "uba")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "ubb")
++	filetrans_pattern($1, device_t, usb_device_t, chr_file, "ubc")
 +')
 diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
 index 3ff4f60..89ffda6 100644
@@ -15693,7 +15754,7 @@ index a9b8982..57c4a6a 100644
 +/lib/udev/devices/loop.* -b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 +/lib/udev/devices/fuse	-c	gen_context(system_u:object_r:fuse_device_t,s0)
 diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
-index 3723150..b7b777d 100644
+index 3723150..346dfb1 100644
 --- a/policy/modules/kernel/storage.if
 +++ b/policy/modules/kernel/storage.if
 @@ -101,6 +101,8 @@ interface(`storage_raw_read_fixed_disk',`
@@ -15741,339 +15802,339 @@ index 3723150..b7b777d 100644
 +		type fuse_device_t;
 +	')
 +
-+	dev_filetrans($1, tape_device_t, chr_file, ht00)
-+	dev_filetrans($1, tape_device_t, chr_file, ht01)
-+	dev_filetrans($1, tape_device_t, chr_file, ht02)
-+	dev_filetrans($1, tape_device_t, chr_file, ht03)
-+	dev_filetrans($1, tape_device_t, chr_file, ht04)
-+	dev_filetrans($1, tape_device_t, chr_file, ht05)
-+	dev_filetrans($1, tape_device_t, chr_file, ht06)
-+	dev_filetrans($1, tape_device_t, chr_file, ht07)
-+	dev_filetrans($1, tape_device_t, chr_file, ht08)
-+	dev_filetrans($1, tape_device_t, chr_file, ht09)
-+	dev_filetrans($1, tape_device_t, chr_file, st00)
-+	dev_filetrans($1, tape_device_t, chr_file, st01)
-+	dev_filetrans($1, tape_device_t, chr_file, st02)
-+	dev_filetrans($1, tape_device_t, chr_file, st03)
-+	dev_filetrans($1, tape_device_t, chr_file, st04)
-+	dev_filetrans($1, tape_device_t, chr_file, st05)
-+	dev_filetrans($1, tape_device_t, chr_file, st06)
-+	dev_filetrans($1, tape_device_t, chr_file, st07)
-+	dev_filetrans($1, tape_device_t, chr_file, st08)
-+	dev_filetrans($1, tape_device_t, chr_file, st09)
-+	dev_filetrans($1, tape_device_t, chr_file, qft0)
-+	dev_filetrans($1, tape_device_t, chr_file, qft1)
-+	dev_filetrans($1, tape_device_t, chr_file, qft2)
-+	dev_filetrans($1, tape_device_t, chr_file, qft3)
-+	dev_filetrans($1, tape_device_t, chr_file, osst00)
-+	dev_filetrans($1, tape_device_t, chr_file, osst01)
-+	dev_filetrans($1, tape_device_t, chr_file, osst02)
-+	dev_filetrans($1, tape_device_t, chr_file, osst03)
-+	dev_filetrans($1, tape_device_t, chr_file, osst04)
-+	dev_filetrans($1, tape_device_t, chr_file, osst05)
-+	dev_filetrans($1, tape_device_t, chr_file, osst06)
-+	dev_filetrans($1, tape_device_t, chr_file, osst07)
-+	dev_filetrans($1, tape_device_t, chr_file, osst08)
-+	dev_filetrans($1, tape_device_t, chr_file, osst09)
-+	dev_filetrans($1, tape_device_t, chr_file, pt0)
-+	dev_filetrans($1, tape_device_t, chr_file, pt1)
-+	dev_filetrans($1, tape_device_t, chr_file, pt2)
-+	dev_filetrans($1, tape_device_t, chr_file, pt3)
-+	dev_filetrans($1, tape_device_t, chr_file, pt4)
-+	dev_filetrans($1, tape_device_t, chr_file, pt5)
-+	dev_filetrans($1, tape_device_t, chr_file, pt6)
-+	dev_filetrans($1, tape_device_t, chr_file, pt7)
-+	dev_filetrans($1, tape_device_t, chr_file, pt8)
-+	dev_filetrans($1, tape_device_t, chr_file, pt9)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic0)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic1)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic2)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic3)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic4)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic5)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic6)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic7)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic8)
-+	dev_filetrans($1, tape_device_t, chr_file, tpqic9)
-+	dev_filetrans($1, removable_device_t, blk_file, aztcd)
-+	dev_filetrans($1, removable_device_t, blk_file, bpcd)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu0)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu1)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu2)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu3)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu4)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu5)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu6)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu7)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu8)
-+	dev_filetrans($1, removable_device_t, blk_file, cdu9)
-+	dev_filetrans($1, removable_device_t, blk_file, cm200)
-+	dev_filetrans($1, removable_device_t, blk_file, cm201)
-+	dev_filetrans($1, removable_device_t, blk_file, cm202)
-+	dev_filetrans($1, removable_device_t, blk_file, cm203)
-+	dev_filetrans($1, removable_device_t, blk_file, cm204)
-+	dev_filetrans($1, removable_device_t, blk_file, cm205)
-+	dev_filetrans($1, removable_device_t, blk_file, cm206)
-+	dev_filetrans($1, removable_device_t, blk_file, cm207)
-+	dev_filetrans($1, removable_device_t, blk_file, cm208)
-+	dev_filetrans($1, removable_device_t, blk_file, cm209)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sda9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdb9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdc9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdd9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sde9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdf9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, sdg9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, dm-9)
-+	dev_filetrans($1, removable_device_t, blk_file, gscd)
-+	dev_filetrans($1, removable_device_t, blk_file, hitcd)
-+	dev_filetrans($1, tape_device_t, blk_file, ht0)
-+	dev_filetrans($1, tape_device_t, blk_file, ht1)
-+	dev_filetrans($1, removable_device_t, blk_file, hwcdrom)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, initrd)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, jsfd)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, jsflash)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, loop9)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, lvm)
-+	dev_filetrans($1, removable_device_t, blk_file, mcd)
-+	dev_filetrans($1, removable_device_t, blk_file, mcdx)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev0)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev1)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev2)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev3)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev4)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev5)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev6)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev7)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev8)
-+	dev_filetrans($1, removable_device_t, chr_file, megadev9)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk0)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk1)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk2)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk3)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk4)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk5)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk6)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk7)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk8)
-+	dev_filetrans($1, removable_device_t, blk_file, mmcblk9)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk0)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk1)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk2)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk3)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk4)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk5)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk6)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk7)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk8)
-+	dev_filetrans($1, removable_device_t, blk_file, mspblk9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, mtd9)
-+	dev_filetrans($1, removable_device_t, blk_file, optcd)
-+	dev_filetrans($1, removable_device_t, blk_file, pf0)
-+	dev_filetrans($1, removable_device_t, blk_file, pf1)
-+	dev_filetrans($1, removable_device_t, blk_file, pf2)
-+	dev_filetrans($1, removable_device_t, blk_file, pf3)
-+	dev_filetrans($1, removable_device_t, blk_file, pg0)
-+	dev_filetrans($1, removable_device_t, blk_file, pg1)
-+	dev_filetrans($1, removable_device_t, blk_file, pg2)
-+	dev_filetrans($1, removable_device_t, blk_file, pg3)
-+	dev_filetrans($1, removable_device_t, blk_file, pcd0)
-+	dev_filetrans($1, removable_device_t, blk_file, pcd1)
-+	dev_filetrans($1, removable_device_t, blk_file, pcd2)
-+	dev_filetrans($1, removable_device_t, blk_file, pcd3)
-+	dev_filetrans($1, removable_device_t, chr_file, pg0)
-+	dev_filetrans($1, removable_device_t, chr_file, pg1)
-+	dev_filetrans($1, removable_device_t, chr_file, pg2)
-+	dev_filetrans($1, removable_device_t, chr_file, pg3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ps3d9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram10)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram11)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram12)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram13)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram14)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, ram15)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd0)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd1)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd2)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd3)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd4)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd5)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd6)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd7)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd8)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, rd9)
-+	dev_filetrans($1, fixed_disk_device_t, blk_file, root)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd0)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd1)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd2)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd3)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd4)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd5)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd6)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd7)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd8)
-+	dev_filetrans($1, removable_device_t, blk_file, sbpcd9)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg0)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg1)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg2)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg3)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg4)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg5)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg6)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg7)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg8)
-+	dev_filetrans($1, scsi_generic_device_t, chr_file, sg9)
-+	dev_filetrans($1, removable_device_t, blk_file, sr0)
-+	dev_filetrans($1, removable_device_t, blk_file, sr1)
-+	dev_filetrans($1, removable_device_t, blk_file, sr2)
-+	dev_filetrans($1, removable_device_t, blk_file, sr3)
-+	dev_filetrans($1, removable_device_t, blk_file, sr4)
-+	dev_filetrans($1, removable_device_t, blk_file, sr5)
-+	dev_filetrans($1, removable_device_t, blk_file, sr6)
-+	dev_filetrans($1, removable_device_t, blk_file, sr7)
-+	dev_filetrans($1, removable_device_t, blk_file, sr8)
-+	dev_filetrans($1, removable_device_t, blk_file, sr9)
-+	dev_filetrans($1, removable_device_t, blk_file, sjcd)
-+	dev_filetrans($1, removable_device_t, blk_file, sonycd)
-+	dev_filetrans($1, tape_device_t, chr_file, tape0)
-+	dev_filetrans($1, tape_device_t, chr_file, tape1)
-+	dev_filetrans($1, tape_device_t, chr_file, tape2)
-+	dev_filetrans($1, tape_device_t, chr_file, tape3)
-+	dev_filetrans($1, tape_device_t, chr_file, tape4)
-+	dev_filetrans($1, tape_device_t, chr_file, tape5)
-+	dev_filetrans($1, tape_device_t, chr_file, tape6)
-+	dev_filetrans($1, tape_device_t, chr_file, tape7)
-+	dev_filetrans($1, tape_device_t, chr_file, tape8)
-+	dev_filetrans($1, tape_device_t, chr_file, tape9)
-+	dev_filetrans($1, fuse_device_t, chr_file, fuse)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, device-mapper)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw0)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw1)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw2)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw3)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw4)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw5)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw6)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw7)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw8)
-+	dev_filetrans($1, fixed_disk_device_t, chr_file, raw9)
-+	dev_filetrans($1, removable_device_t, chr_file, rio500)
++	dev_filetrans($1, tape_device_t, chr_file, "ht00")
++	dev_filetrans($1, tape_device_t, chr_file, "ht01")
++	dev_filetrans($1, tape_device_t, chr_file, "ht02")
++	dev_filetrans($1, tape_device_t, chr_file, "ht03")
++	dev_filetrans($1, tape_device_t, chr_file, "ht04")
++	dev_filetrans($1, tape_device_t, chr_file, "ht05")
++	dev_filetrans($1, tape_device_t, chr_file, "ht06")
++	dev_filetrans($1, tape_device_t, chr_file, "ht07")
++	dev_filetrans($1, tape_device_t, chr_file, "ht08")
++	dev_filetrans($1, tape_device_t, chr_file, "ht09")
++	dev_filetrans($1, tape_device_t, chr_file, "st00")
++	dev_filetrans($1, tape_device_t, chr_file, "st01")
++	dev_filetrans($1, tape_device_t, chr_file, "st02")
++	dev_filetrans($1, tape_device_t, chr_file, "st03")
++	dev_filetrans($1, tape_device_t, chr_file, "st04")
++	dev_filetrans($1, tape_device_t, chr_file, "st05")
++	dev_filetrans($1, tape_device_t, chr_file, "st06")
++	dev_filetrans($1, tape_device_t, chr_file, "st07")
++	dev_filetrans($1, tape_device_t, chr_file, "st08")
++	dev_filetrans($1, tape_device_t, chr_file, "st09")
++	dev_filetrans($1, tape_device_t, chr_file, "qft0")
++	dev_filetrans($1, tape_device_t, chr_file, "qft1")
++	dev_filetrans($1, tape_device_t, chr_file, "qft2")
++	dev_filetrans($1, tape_device_t, chr_file, "qft3")
++	dev_filetrans($1, tape_device_t, chr_file, "osst00")
++	dev_filetrans($1, tape_device_t, chr_file, "osst01")
++	dev_filetrans($1, tape_device_t, chr_file, "osst02")
++	dev_filetrans($1, tape_device_t, chr_file, "osst03")
++	dev_filetrans($1, tape_device_t, chr_file, "osst04")
++	dev_filetrans($1, tape_device_t, chr_file, "osst05")
++	dev_filetrans($1, tape_device_t, chr_file, "osst06")
++	dev_filetrans($1, tape_device_t, chr_file, "osst07")
++	dev_filetrans($1, tape_device_t, chr_file, "osst08")
++	dev_filetrans($1, tape_device_t, chr_file, "osst09")
++	dev_filetrans($1, tape_device_t, chr_file, "pt0")
++	dev_filetrans($1, tape_device_t, chr_file, "pt1")
++	dev_filetrans($1, tape_device_t, chr_file, "pt2")
++	dev_filetrans($1, tape_device_t, chr_file, "pt3")
++	dev_filetrans($1, tape_device_t, chr_file, "pt4")
++	dev_filetrans($1, tape_device_t, chr_file, "pt5")
++	dev_filetrans($1, tape_device_t, chr_file, "pt6")
++	dev_filetrans($1, tape_device_t, chr_file, "pt7")
++	dev_filetrans($1, tape_device_t, chr_file, "pt8")
++	dev_filetrans($1, tape_device_t, chr_file, "pt9")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic0")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic1")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic2")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic3")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic4")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic5")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic6")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic7")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic8")
++	dev_filetrans($1, tape_device_t, chr_file, "tpqic9")
++	dev_filetrans($1, removable_device_t, blk_file, "aztcd")
++	dev_filetrans($1, removable_device_t, blk_file, "bpcd")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu0")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu1")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu2")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu3")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu4")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu5")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu6")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu7")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu8")
++	dev_filetrans($1, removable_device_t, blk_file, "cdu9")
++	dev_filetrans($1, removable_device_t, blk_file, "cm200")
++	dev_filetrans($1, removable_device_t, blk_file, "cm201")
++	dev_filetrans($1, removable_device_t, blk_file, "cm202")
++	dev_filetrans($1, removable_device_t, blk_file, "cm203")
++	dev_filetrans($1, removable_device_t, blk_file, "cm204")
++	dev_filetrans($1, removable_device_t, blk_file, "cm205")
++	dev_filetrans($1, removable_device_t, blk_file, "cm206")
++	dev_filetrans($1, removable_device_t, blk_file, "cm207")
++	dev_filetrans($1, removable_device_t, blk_file, "cm208")
++	dev_filetrans($1, removable_device_t, blk_file, "cm209")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sda9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdb9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdc9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdd9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sde9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdf9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "sdg9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "dm-9")
++	dev_filetrans($1, removable_device_t, blk_file, "gscd")
++	dev_filetrans($1, removable_device_t, blk_file, "hitcd")
++	dev_filetrans($1, tape_device_t, blk_file, "ht0")
++	dev_filetrans($1, tape_device_t, blk_file, "ht1")
++	dev_filetrans($1, removable_device_t, blk_file, "hwcdrom")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "initrd")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "jsfd")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "jsflash")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "loop9")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "lvm")
++	dev_filetrans($1, removable_device_t, blk_file, "mcd")
++	dev_filetrans($1, removable_device_t, blk_file, "mcdx")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev0")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev1")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev2")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev3")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev4")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev5")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev6")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev7")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev8")
++	dev_filetrans($1, removable_device_t, chr_file, "megadev9")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk0")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk1")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk2")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk3")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk4")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk5")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk6")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk7")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk8")
++	dev_filetrans($1, removable_device_t, blk_file, "mmcblk9")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk0")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk1")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk2")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk3")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk4")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk5")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk6")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk7")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk8")
++	dev_filetrans($1, removable_device_t, blk_file, "mspblk9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "mtd9")
++	dev_filetrans($1, removable_device_t, blk_file, "optcd")
++	dev_filetrans($1, removable_device_t, blk_file, "pf0")
++	dev_filetrans($1, removable_device_t, blk_file, "pf1")
++	dev_filetrans($1, removable_device_t, blk_file, "pf2")
++	dev_filetrans($1, removable_device_t, blk_file, "pf3")
++	dev_filetrans($1, removable_device_t, blk_file, "pg0")
++	dev_filetrans($1, removable_device_t, blk_file, "pg1")
++	dev_filetrans($1, removable_device_t, blk_file, "pg2")
++	dev_filetrans($1, removable_device_t, blk_file, "pg3")
++	dev_filetrans($1, removable_device_t, blk_file, "pcd0")
++	dev_filetrans($1, removable_device_t, blk_file, "pcd1")
++	dev_filetrans($1, removable_device_t, blk_file, "pcd2")
++	dev_filetrans($1, removable_device_t, blk_file, "pcd3")
++	dev_filetrans($1, removable_device_t, chr_file, "pg0")
++	dev_filetrans($1, removable_device_t, chr_file, "pg1")
++	dev_filetrans($1, removable_device_t, chr_file, "pg2")
++	dev_filetrans($1, removable_device_t, chr_file, "pg3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ps3d9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram10")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram11")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram12")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram13")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram14")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "ram15")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd0")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd1")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd2")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd3")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd4")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd5")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd6")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd7")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd8")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "rd9")
++	dev_filetrans($1, fixed_disk_device_t, blk_file, "root")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd0")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd1")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd2")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd3")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd4")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd5")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd6")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd7")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd8")
++	dev_filetrans($1, removable_device_t, blk_file, "sbpcd9")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg0")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg1")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg2")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg3")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg4")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg5")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg6")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg7")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg8")
++	dev_filetrans($1, scsi_generic_device_t, chr_file, "sg9")
++	dev_filetrans($1, removable_device_t, blk_file, "sr0")
++	dev_filetrans($1, removable_device_t, blk_file, "sr1")
++	dev_filetrans($1, removable_device_t, blk_file, "sr2")
++	dev_filetrans($1, removable_device_t, blk_file, "sr3")
++	dev_filetrans($1, removable_device_t, blk_file, "sr4")
++	dev_filetrans($1, removable_device_t, blk_file, "sr5")
++	dev_filetrans($1, removable_device_t, blk_file, "sr6")
++	dev_filetrans($1, removable_device_t, blk_file, "sr7")
++	dev_filetrans($1, removable_device_t, blk_file, "sr8")
++	dev_filetrans($1, removable_device_t, blk_file, "sr9")
++	dev_filetrans($1, removable_device_t, blk_file, "sjcd")
++	dev_filetrans($1, removable_device_t, blk_file, "sonycd")
++	dev_filetrans($1, tape_device_t, chr_file, "tape0")
++	dev_filetrans($1, tape_device_t, chr_file, "tape1")
++	dev_filetrans($1, tape_device_t, chr_file, "tape2")
++	dev_filetrans($1, tape_device_t, chr_file, "tape3")
++	dev_filetrans($1, tape_device_t, chr_file, "tape4")
++	dev_filetrans($1, tape_device_t, chr_file, "tape5")
++	dev_filetrans($1, tape_device_t, chr_file, "tape6")
++	dev_filetrans($1, tape_device_t, chr_file, "tape7")
++	dev_filetrans($1, tape_device_t, chr_file, "tape8")
++	dev_filetrans($1, tape_device_t, chr_file, "tape9")
++	dev_filetrans($1, fuse_device_t, chr_file, "fuse")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "device-mapper")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw0")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw1")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw2")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw3")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw4")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw5")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw6")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw7")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw8")
++	dev_filetrans($1, fixed_disk_device_t, chr_file, "raw9")
++	dev_filetrans($1, removable_device_t, chr_file, "rio500")
 +')
 diff --git a/policy/modules/kernel/terminal.fc b/policy/modules/kernel/terminal.fc
 index 3994e57..a1923fe 100644
@@ -16102,7 +16163,7 @@ index 3994e57..a1923fe 100644
 +
 +/lib/udev/devices/pts	-d	gen_context(system_u:object_r:devpts_t,s0-mls_systemhigh)
 diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
-index f3acfee..7691aff 100644
+index f3acfee..70c384c 100644
 --- a/policy/modules/kernel/terminal.if
 +++ b/policy/modules/kernel/terminal.if
 @@ -208,6 +208,27 @@ interface(`term_use_all_terms',`
@@ -16407,351 +16468,351 @@ index f3acfee..7691aff 100644
 +	type usbtty_device_t;
 +')
 +
-+	dev_filetrans($1, devtty_t, chr_file, tty)
-+	dev_filetrans($1, tty_device_t, chr_file, tty0)
-+	dev_filetrans($1, tty_device_t, chr_file, tty1)
-+	dev_filetrans($1, tty_device_t, chr_file, tty2)
-+	dev_filetrans($1, tty_device_t, chr_file, tty3)
-+	dev_filetrans($1, tty_device_t, chr_file, tty4)
-+	dev_filetrans($1, tty_device_t, chr_file, tty5)
-+	dev_filetrans($1, tty_device_t, chr_file, tty6)
-+	dev_filetrans($1, tty_device_t, chr_file, tty7)
-+	dev_filetrans($1, tty_device_t, chr_file, tty8)
-+	dev_filetrans($1, tty_device_t, chr_file, tty9)
-+	dev_filetrans($1, tty_device_t, chr_file, tty10)
-+	dev_filetrans($1, tty_device_t, chr_file, tty11)
-+	dev_filetrans($1, tty_device_t, chr_file, tty12)
-+	dev_filetrans($1, tty_device_t, chr_file, tty13)
-+	dev_filetrans($1, tty_device_t, chr_file, tty14)
-+	dev_filetrans($1, tty_device_t, chr_file, tty15)
-+	dev_filetrans($1, tty_device_t, chr_file, tty16)
-+	dev_filetrans($1, tty_device_t, chr_file, tty17)
-+	dev_filetrans($1, tty_device_t, chr_file, tty18)
-+	dev_filetrans($1, tty_device_t, chr_file, tty19)
-+	dev_filetrans($1, tty_device_t, chr_file, tty20)
-+	dev_filetrans($1, tty_device_t, chr_file, tty21)
-+	dev_filetrans($1, tty_device_t, chr_file, tty22)
-+	dev_filetrans($1, tty_device_t, chr_file, tty23)
-+	dev_filetrans($1, tty_device_t, chr_file, tty24)
-+	dev_filetrans($1, tty_device_t, chr_file, tty25)
-+	dev_filetrans($1, tty_device_t, chr_file, tty26)
-+	dev_filetrans($1, tty_device_t, chr_file, tty27)
-+	dev_filetrans($1, tty_device_t, chr_file, tty28)
-+	dev_filetrans($1, tty_device_t, chr_file, tty29)
-+	dev_filetrans($1, tty_device_t, chr_file, tty30)
-+	dev_filetrans($1, tty_device_t, chr_file, tty31)
-+	dev_filetrans($1, tty_device_t, chr_file, tty32)
-+	dev_filetrans($1, tty_device_t, chr_file, tty33)
-+	dev_filetrans($1, tty_device_t, chr_file, tty34)
-+	dev_filetrans($1, tty_device_t, chr_file, tty35)
-+	dev_filetrans($1, tty_device_t, chr_file, tty36)
-+	dev_filetrans($1, tty_device_t, chr_file, tty37)
-+	dev_filetrans($1, tty_device_t, chr_file, tty38)
-+	dev_filetrans($1, tty_device_t, chr_file, tty39)
-+	dev_filetrans($1, tty_device_t, chr_file, tty40)
-+	dev_filetrans($1, tty_device_t, chr_file, tty41)
-+	dev_filetrans($1, tty_device_t, chr_file, tty42)
-+	dev_filetrans($1, tty_device_t, chr_file, tty43)
-+	dev_filetrans($1, tty_device_t, chr_file, tty44)
-+	dev_filetrans($1, tty_device_t, chr_file, tty45)
-+	dev_filetrans($1, tty_device_t, chr_file, tty46)
-+	dev_filetrans($1, tty_device_t, chr_file, tty47)
-+	dev_filetrans($1, tty_device_t, chr_file, tty48)
-+	dev_filetrans($1, tty_device_t, chr_file, tty49)
-+	dev_filetrans($1, tty_device_t, chr_file, tty50)
-+	dev_filetrans($1, tty_device_t, chr_file, tty51)
-+	dev_filetrans($1, tty_device_t, chr_file, tty52)
-+	dev_filetrans($1, tty_device_t, chr_file, tty53)
-+	dev_filetrans($1, tty_device_t, chr_file, tty54)
-+	dev_filetrans($1, tty_device_t, chr_file, tty55)
-+	dev_filetrans($1, tty_device_t, chr_file, tty56)
-+	dev_filetrans($1, tty_device_t, chr_file, tty57)
-+	dev_filetrans($1, tty_device_t, chr_file, tty58)
-+	dev_filetrans($1, tty_device_t, chr_file, tty59)
-+	dev_filetrans($1, tty_device_t, chr_file, tty60)
-+	dev_filetrans($1, tty_device_t, chr_file, tty61)
-+	dev_filetrans($1, tty_device_t, chr_file, tty62)
-+	dev_filetrans($1, tty_device_t, chr_file, tty63)
-+	dev_filetrans($1, tty_device_t, chr_file, tty64)
-+	dev_filetrans($1, tty_device_t, chr_file, tty65)
-+	dev_filetrans($1, tty_device_t, chr_file, tty66)
-+	dev_filetrans($1, tty_device_t, chr_file, tty67)
-+	dev_filetrans($1, tty_device_t, chr_file, tty68)
-+	dev_filetrans($1, tty_device_t, chr_file, tty69)
-+	dev_filetrans($1, tty_device_t, chr_file, tty70)
-+	dev_filetrans($1, tty_device_t, chr_file, tty71)
-+	dev_filetrans($1, tty_device_t, chr_file, tty72)
-+	dev_filetrans($1, tty_device_t, chr_file, tty73)
-+	dev_filetrans($1, tty_device_t, chr_file, tty74)
-+	dev_filetrans($1, tty_device_t, chr_file, tty75)
-+	dev_filetrans($1, tty_device_t, chr_file, tty76)
-+	dev_filetrans($1, tty_device_t, chr_file, tty77)
-+	dev_filetrans($1, tty_device_t, chr_file, tty78)
-+	dev_filetrans($1, tty_device_t, chr_file, tty79)
-+	dev_filetrans($1, tty_device_t, chr_file, tty80)
-+	dev_filetrans($1, tty_device_t, chr_file, tty81)
-+	dev_filetrans($1, tty_device_t, chr_file, tty82)
-+	dev_filetrans($1, tty_device_t, chr_file, tty83)
-+	dev_filetrans($1, tty_device_t, chr_file, tty84)
-+	dev_filetrans($1, tty_device_t, chr_file, tty85)
-+	dev_filetrans($1, tty_device_t, chr_file, tty86)
-+	dev_filetrans($1, tty_device_t, chr_file, tty87)
-+	dev_filetrans($1, tty_device_t, chr_file, tty88)
-+	dev_filetrans($1, tty_device_t, chr_file, tty89)
-+	dev_filetrans($1, tty_device_t, chr_file, tty90)
-+	dev_filetrans($1, tty_device_t, chr_file, tty91)
-+	dev_filetrans($1, tty_device_t, chr_file, tty92)
-+	dev_filetrans($1, tty_device_t, chr_file, tty93)
-+	dev_filetrans($1, tty_device_t, chr_file, tty94)
-+	dev_filetrans($1, tty_device_t, chr_file, tty95)
-+	dev_filetrans($1, tty_device_t, chr_file, tty96)
-+	dev_filetrans($1, tty_device_t, chr_file, tty97)
-+	dev_filetrans($1, tty_device_t, chr_file, tty98)
-+	dev_filetrans($1, tty_device_t, chr_file, tty99)
-+	dev_filetrans($1, tty_device_t, chr_file, pty)
-+	dev_filetrans($1, tty_device_t, chr_file, pty0)
-+	dev_filetrans($1, tty_device_t, chr_file, pty1)
-+	dev_filetrans($1, tty_device_t, chr_file, pty2)
-+	dev_filetrans($1, tty_device_t, chr_file, pty3)
-+	dev_filetrans($1, tty_device_t, chr_file, pty4)
-+	dev_filetrans($1, tty_device_t, chr_file, pty5)
-+	dev_filetrans($1, tty_device_t, chr_file, pty6)
-+	dev_filetrans($1, tty_device_t, chr_file, pty7)
-+	dev_filetrans($1, tty_device_t, chr_file, pty8)
-+	dev_filetrans($1, tty_device_t, chr_file, pty9)
-+	dev_filetrans($1, tty_device_t, chr_file, pty10)
-+	dev_filetrans($1, tty_device_t, chr_file, pty11)
-+	dev_filetrans($1, tty_device_t, chr_file, pty12)
-+	dev_filetrans($1, tty_device_t, chr_file, pty13)
-+	dev_filetrans($1, tty_device_t, chr_file, pty14)
-+	dev_filetrans($1, tty_device_t, chr_file, pty15)
-+	dev_filetrans($1, tty_device_t, chr_file, pty16)
-+	dev_filetrans($1, tty_device_t, chr_file, pty17)
-+	dev_filetrans($1, tty_device_t, chr_file, pty18)
-+	dev_filetrans($1, tty_device_t, chr_file, pty19)
-+	dev_filetrans($1, tty_device_t, chr_file, pty20)
-+	dev_filetrans($1, tty_device_t, chr_file, pty21)
-+	dev_filetrans($1, tty_device_t, chr_file, pty22)
-+	dev_filetrans($1, tty_device_t, chr_file, pty23)
-+	dev_filetrans($1, tty_device_t, chr_file, pty24)
-+	dev_filetrans($1, tty_device_t, chr_file, pty25)
-+	dev_filetrans($1, tty_device_t, chr_file, pty26)
-+	dev_filetrans($1, tty_device_t, chr_file, pty27)
-+	dev_filetrans($1, tty_device_t, chr_file, pty28)
-+	dev_filetrans($1, tty_device_t, chr_file, pty29)
-+	dev_filetrans($1, tty_device_t, chr_file, pty30)
-+	dev_filetrans($1, tty_device_t, chr_file, pty31)
-+	dev_filetrans($1, tty_device_t, chr_file, pty32)
-+	dev_filetrans($1, tty_device_t, chr_file, pty33)
-+	dev_filetrans($1, tty_device_t, chr_file, pty34)
-+	dev_filetrans($1, tty_device_t, chr_file, pty35)
-+	dev_filetrans($1, tty_device_t, chr_file, pty36)
-+	dev_filetrans($1, tty_device_t, chr_file, pty37)
-+	dev_filetrans($1, tty_device_t, chr_file, pty38)
-+	dev_filetrans($1, tty_device_t, chr_file, pty39)
-+	dev_filetrans($1, tty_device_t, chr_file, pty40)
-+	dev_filetrans($1, tty_device_t, chr_file, pty41)
-+	dev_filetrans($1, tty_device_t, chr_file, pty42)
-+	dev_filetrans($1, tty_device_t, chr_file, pty43)
-+	dev_filetrans($1, tty_device_t, chr_file, pty44)
-+	dev_filetrans($1, tty_device_t, chr_file, pty45)
-+	dev_filetrans($1, tty_device_t, chr_file, pty46)
-+	dev_filetrans($1, tty_device_t, chr_file, pty47)
-+	dev_filetrans($1, tty_device_t, chr_file, pty48)
-+	dev_filetrans($1, tty_device_t, chr_file, pty49)
-+	dev_filetrans($1, tty_device_t, chr_file, pty50)
-+	dev_filetrans($1, tty_device_t, chr_file, pty51)
-+	dev_filetrans($1, tty_device_t, chr_file, pty52)
-+	dev_filetrans($1, tty_device_t, chr_file, pty53)
-+	dev_filetrans($1, tty_device_t, chr_file, pty54)
-+	dev_filetrans($1, tty_device_t, chr_file, pty55)
-+	dev_filetrans($1, tty_device_t, chr_file, pty56)
-+	dev_filetrans($1, tty_device_t, chr_file, pty57)
-+	dev_filetrans($1, tty_device_t, chr_file, pty58)
-+	dev_filetrans($1, tty_device_t, chr_file, pty59)
-+	dev_filetrans($1, tty_device_t, chr_file, pty60)
-+	dev_filetrans($1, tty_device_t, chr_file, pty61)
-+	dev_filetrans($1, tty_device_t, chr_file, pty62)
-+	dev_filetrans($1, tty_device_t, chr_file, pty63)
-+	dev_filetrans($1, tty_device_t, chr_file, pty64)
-+	dev_filetrans($1, tty_device_t, chr_file, pty65)
-+	dev_filetrans($1, tty_device_t, chr_file, pty66)
-+	dev_filetrans($1, tty_device_t, chr_file, pty67)
-+	dev_filetrans($1, tty_device_t, chr_file, pty68)
-+	dev_filetrans($1, tty_device_t, chr_file, pty69)
-+	dev_filetrans($1, tty_device_t, chr_file, pty70)
-+	dev_filetrans($1, tty_device_t, chr_file, pty71)
-+	dev_filetrans($1, tty_device_t, chr_file, pty72)
-+	dev_filetrans($1, tty_device_t, chr_file, pty73)
-+	dev_filetrans($1, tty_device_t, chr_file, pty74)
-+	dev_filetrans($1, tty_device_t, chr_file, pty75)
-+	dev_filetrans($1, tty_device_t, chr_file, pty76)
-+	dev_filetrans($1, tty_device_t, chr_file, pty77)
-+	dev_filetrans($1, tty_device_t, chr_file, pty78)
-+	dev_filetrans($1, tty_device_t, chr_file, pty79)
-+	dev_filetrans($1, tty_device_t, chr_file, pty80)
-+	dev_filetrans($1, tty_device_t, chr_file, pty81)
-+	dev_filetrans($1, tty_device_t, chr_file, pty82)
-+	dev_filetrans($1, tty_device_t, chr_file, pty83)
-+	dev_filetrans($1, tty_device_t, chr_file, pty84)
-+	dev_filetrans($1, tty_device_t, chr_file, pty85)
-+	dev_filetrans($1, tty_device_t, chr_file, pty86)
-+	dev_filetrans($1, tty_device_t, chr_file, pty87)
-+	dev_filetrans($1, tty_device_t, chr_file, pty88)
-+	dev_filetrans($1, tty_device_t, chr_file, pty89)
-+	dev_filetrans($1, tty_device_t, chr_file, pty90)
-+	dev_filetrans($1, tty_device_t, chr_file, pty91)
-+	dev_filetrans($1, tty_device_t, chr_file, pty92)
-+	dev_filetrans($1, tty_device_t, chr_file, pty93)
-+	dev_filetrans($1, tty_device_t, chr_file, pty94)
-+	dev_filetrans($1, tty_device_t, chr_file, pty95)
-+	dev_filetrans($1, tty_device_t, chr_file, pty96)
-+	dev_filetrans($1, tty_device_t, chr_file, pty97)
-+	dev_filetrans($1, tty_device_t, chr_file, pty98)
-+	dev_filetrans($1, tty_device_t, chr_file, pty99)
-+	dev_filetrans($1, tty_device_t, chr_file, adb0)
-+	dev_filetrans($1, tty_device_t, chr_file, adb1)
-+	dev_filetrans($1, tty_device_t, chr_file, adb2)
-+	dev_filetrans($1, tty_device_t, chr_file, adb3)
-+	dev_filetrans($1, tty_device_t, chr_file, adb4)
-+	dev_filetrans($1, tty_device_t, chr_file, adb5)
-+	dev_filetrans($1, tty_device_t, chr_file, adb6)
-+	dev_filetrans($1, tty_device_t, chr_file, adb7)
-+	dev_filetrans($1, tty_device_t, chr_file, adb8)
-+	dev_filetrans($1, tty_device_t, chr_file, adb9)
-+	dev_filetrans($1, tty_device_t, chr_file, capi0)
-+	dev_filetrans($1, tty_device_t, chr_file, capi1)
-+	dev_filetrans($1, tty_device_t, chr_file, capi2)
-+	dev_filetrans($1, tty_device_t, chr_file, capi3)
-+	dev_filetrans($1, tty_device_t, chr_file, capi4)
-+	dev_filetrans($1, tty_device_t, chr_file, capi5)
-+	dev_filetrans($1, tty_device_t, chr_file, capi6)
-+	dev_filetrans($1, tty_device_t, chr_file, capi7)
-+	dev_filetrans($1, tty_device_t, chr_file, capi8)
-+	dev_filetrans($1, tty_device_t, chr_file, capi9)
-+	dev_filetrans($1, console_device_t, chr_file, console)
-+	dev_filetrans($1, tty_device_t, chr_file, cu0)
-+	dev_filetrans($1, tty_device_t, chr_file, cu1)
-+	dev_filetrans($1, tty_device_t, chr_file, cu2)
-+	dev_filetrans($1, tty_device_t, chr_file, cu3)
-+	dev_filetrans($1, tty_device_t, chr_file, cu4)
-+	dev_filetrans($1, tty_device_t, chr_file, cu5)
-+	dev_filetrans($1, tty_device_t, chr_file, cu6)
-+	dev_filetrans($1, tty_device_t, chr_file, cu7)
-+	dev_filetrans($1, tty_device_t, chr_file, cu8)
-+	dev_filetrans($1, tty_device_t, chr_file, cu9)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri0)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri1)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri2)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri3)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri4)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri5)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri6)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri7)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri8)
-+	dev_filetrans($1, tty_device_t, chr_file, dcbri9)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc0)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc1)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc2)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc3)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc4)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc5)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc6)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc7)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc8)
-+	dev_filetrans($1, tty_device_t, chr_file, hvc9)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi0)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi1)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi2)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi3)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi4)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi5)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi6)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi7)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi8)
-+	dev_filetrans($1, tty_device_t, chr_file, hvsi9)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm0)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm1)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm2)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm3)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm4)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm5)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm6)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm7)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm8)
-+	dev_filetrans($1, tty_device_t, chr_file, ircomm9)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn0)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn1)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn2)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn3)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn4)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn5)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn6)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn7)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn8)
-+	dev_filetrans($1, tty_device_t, chr_file, isdn9)
-+	dev_filetrans($1, ptmx_t, chr_file, ptmx)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm0)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm1)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm2)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm3)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm4)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm5)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm6)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm7)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm8)
-+	dev_filetrans($1, tty_device_t, chr_file, rfcomm9)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr0)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr1)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr2)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr3)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr4)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr5)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr6)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr7)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr8)
-+	dev_filetrans($1, tty_device_t, chr_file, slamr9)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS0)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS1)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS2)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS3)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS4)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS5)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS6)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS7)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS8)
-+	dev_filetrans($1, tty_device_t, chr_file, ttyS9)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG0)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG1)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG2)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG3)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG4)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG5)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG6)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG7)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG8)
-+	dev_filetrans($1, tty_device_t, chr_file, ttySG9)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p0)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p1)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p2)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p3)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p4)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p5)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p6)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p7)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p8)
-+	dev_filetrans($1, virtio_device_t, chr_file, vport0p9)
-+	dev_filetrans($1, devpts_t, dir, pts)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc0)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc1)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc2)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc3)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc4)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc5)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc6)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc7)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc8)
-+	dev_filetrans($1, tty_device_t, chr_file, xvc9)
++	dev_filetrans($1, devtty_t, chr_file, "tty")
++	dev_filetrans($1, tty_device_t, chr_file, "tty0")
++	dev_filetrans($1, tty_device_t, chr_file, "tty1")
++	dev_filetrans($1, tty_device_t, chr_file, "tty2")
++	dev_filetrans($1, tty_device_t, chr_file, "tty3")
++	dev_filetrans($1, tty_device_t, chr_file, "tty4")
++	dev_filetrans($1, tty_device_t, chr_file, "tty5")
++	dev_filetrans($1, tty_device_t, chr_file, "tty6")
++	dev_filetrans($1, tty_device_t, chr_file, "tty7")
++	dev_filetrans($1, tty_device_t, chr_file, "tty8")
++	dev_filetrans($1, tty_device_t, chr_file, "tty9")
++	dev_filetrans($1, tty_device_t, chr_file, "tty10")
++	dev_filetrans($1, tty_device_t, chr_file, "tty11")
++	dev_filetrans($1, tty_device_t, chr_file, "tty12")
++	dev_filetrans($1, tty_device_t, chr_file, "tty13")
++	dev_filetrans($1, tty_device_t, chr_file, "tty14")
++	dev_filetrans($1, tty_device_t, chr_file, "tty15")
++	dev_filetrans($1, tty_device_t, chr_file, "tty16")
++	dev_filetrans($1, tty_device_t, chr_file, "tty17")
++	dev_filetrans($1, tty_device_t, chr_file, "tty18")
++	dev_filetrans($1, tty_device_t, chr_file, "tty19")
++	dev_filetrans($1, tty_device_t, chr_file, "tty20")
++	dev_filetrans($1, tty_device_t, chr_file, "tty21")
++	dev_filetrans($1, tty_device_t, chr_file, "tty22")
++	dev_filetrans($1, tty_device_t, chr_file, "tty23")
++	dev_filetrans($1, tty_device_t, chr_file, "tty24")
++	dev_filetrans($1, tty_device_t, chr_file, "tty25")
++	dev_filetrans($1, tty_device_t, chr_file, "tty26")
++	dev_filetrans($1, tty_device_t, chr_file, "tty27")
++	dev_filetrans($1, tty_device_t, chr_file, "tty28")
++	dev_filetrans($1, tty_device_t, chr_file, "tty29")
++	dev_filetrans($1, tty_device_t, chr_file, "tty30")
++	dev_filetrans($1, tty_device_t, chr_file, "tty31")
++	dev_filetrans($1, tty_device_t, chr_file, "tty32")
++	dev_filetrans($1, tty_device_t, chr_file, "tty33")
++	dev_filetrans($1, tty_device_t, chr_file, "tty34")
++	dev_filetrans($1, tty_device_t, chr_file, "tty35")
++	dev_filetrans($1, tty_device_t, chr_file, "tty36")
++	dev_filetrans($1, tty_device_t, chr_file, "tty37")
++	dev_filetrans($1, tty_device_t, chr_file, "tty38")
++	dev_filetrans($1, tty_device_t, chr_file, "tty39")
++	dev_filetrans($1, tty_device_t, chr_file, "tty40")
++	dev_filetrans($1, tty_device_t, chr_file, "tty41")
++	dev_filetrans($1, tty_device_t, chr_file, "tty42")
++	dev_filetrans($1, tty_device_t, chr_file, "tty43")
++	dev_filetrans($1, tty_device_t, chr_file, "tty44")
++	dev_filetrans($1, tty_device_t, chr_file, "tty45")
++	dev_filetrans($1, tty_device_t, chr_file, "tty46")
++	dev_filetrans($1, tty_device_t, chr_file, "tty47")
++	dev_filetrans($1, tty_device_t, chr_file, "tty48")
++	dev_filetrans($1, tty_device_t, chr_file, "tty49")
++	dev_filetrans($1, tty_device_t, chr_file, "tty50")
++	dev_filetrans($1, tty_device_t, chr_file, "tty51")
++	dev_filetrans($1, tty_device_t, chr_file, "tty52")
++	dev_filetrans($1, tty_device_t, chr_file, "tty53")
++	dev_filetrans($1, tty_device_t, chr_file, "tty54")
++	dev_filetrans($1, tty_device_t, chr_file, "tty55")
++	dev_filetrans($1, tty_device_t, chr_file, "tty56")
++	dev_filetrans($1, tty_device_t, chr_file, "tty57")
++	dev_filetrans($1, tty_device_t, chr_file, "tty58")
++	dev_filetrans($1, tty_device_t, chr_file, "tty59")
++	dev_filetrans($1, tty_device_t, chr_file, "tty60")
++	dev_filetrans($1, tty_device_t, chr_file, "tty61")
++	dev_filetrans($1, tty_device_t, chr_file, "tty62")
++	dev_filetrans($1, tty_device_t, chr_file, "tty63")
++	dev_filetrans($1, tty_device_t, chr_file, "tty64")
++	dev_filetrans($1, tty_device_t, chr_file, "tty65")
++	dev_filetrans($1, tty_device_t, chr_file, "tty66")
++	dev_filetrans($1, tty_device_t, chr_file, "tty67")
++	dev_filetrans($1, tty_device_t, chr_file, "tty68")
++	dev_filetrans($1, tty_device_t, chr_file, "tty69")
++	dev_filetrans($1, tty_device_t, chr_file, "tty70")
++	dev_filetrans($1, tty_device_t, chr_file, "tty71")
++	dev_filetrans($1, tty_device_t, chr_file, "tty72")
++	dev_filetrans($1, tty_device_t, chr_file, "tty73")
++	dev_filetrans($1, tty_device_t, chr_file, "tty74")
++	dev_filetrans($1, tty_device_t, chr_file, "tty75")
++	dev_filetrans($1, tty_device_t, chr_file, "tty76")
++	dev_filetrans($1, tty_device_t, chr_file, "tty77")
++	dev_filetrans($1, tty_device_t, chr_file, "tty78")
++	dev_filetrans($1, tty_device_t, chr_file, "tty79")
++	dev_filetrans($1, tty_device_t, chr_file, "tty80")
++	dev_filetrans($1, tty_device_t, chr_file, "tty81")
++	dev_filetrans($1, tty_device_t, chr_file, "tty82")
++	dev_filetrans($1, tty_device_t, chr_file, "tty83")
++	dev_filetrans($1, tty_device_t, chr_file, "tty84")
++	dev_filetrans($1, tty_device_t, chr_file, "tty85")
++	dev_filetrans($1, tty_device_t, chr_file, "tty86")
++	dev_filetrans($1, tty_device_t, chr_file, "tty87")
++	dev_filetrans($1, tty_device_t, chr_file, "tty88")
++	dev_filetrans($1, tty_device_t, chr_file, "tty89")
++	dev_filetrans($1, tty_device_t, chr_file, "tty90")
++	dev_filetrans($1, tty_device_t, chr_file, "tty91")
++	dev_filetrans($1, tty_device_t, chr_file, "tty92")
++	dev_filetrans($1, tty_device_t, chr_file, "tty93")
++	dev_filetrans($1, tty_device_t, chr_file, "tty94")
++	dev_filetrans($1, tty_device_t, chr_file, "tty95")
++	dev_filetrans($1, tty_device_t, chr_file, "tty96")
++	dev_filetrans($1, tty_device_t, chr_file, "tty97")
++	dev_filetrans($1, tty_device_t, chr_file, "tty98")
++	dev_filetrans($1, tty_device_t, chr_file, "tty99")
++	dev_filetrans($1, tty_device_t, chr_file, "pty")
++	dev_filetrans($1, tty_device_t, chr_file, "pty0")
++	dev_filetrans($1, tty_device_t, chr_file, "pty1")
++	dev_filetrans($1, tty_device_t, chr_file, "pty2")
++	dev_filetrans($1, tty_device_t, chr_file, "pty3")
++	dev_filetrans($1, tty_device_t, chr_file, "pty4")
++	dev_filetrans($1, tty_device_t, chr_file, "pty5")
++	dev_filetrans($1, tty_device_t, chr_file, "pty6")
++	dev_filetrans($1, tty_device_t, chr_file, "pty7")
++	dev_filetrans($1, tty_device_t, chr_file, "pty8")
++	dev_filetrans($1, tty_device_t, chr_file, "pty9")
++	dev_filetrans($1, tty_device_t, chr_file, "pty10")
++	dev_filetrans($1, tty_device_t, chr_file, "pty11")
++	dev_filetrans($1, tty_device_t, chr_file, "pty12")
++	dev_filetrans($1, tty_device_t, chr_file, "pty13")
++	dev_filetrans($1, tty_device_t, chr_file, "pty14")
++	dev_filetrans($1, tty_device_t, chr_file, "pty15")
++	dev_filetrans($1, tty_device_t, chr_file, "pty16")
++	dev_filetrans($1, tty_device_t, chr_file, "pty17")
++	dev_filetrans($1, tty_device_t, chr_file, "pty18")
++	dev_filetrans($1, tty_device_t, chr_file, "pty19")
++	dev_filetrans($1, tty_device_t, chr_file, "pty20")
++	dev_filetrans($1, tty_device_t, chr_file, "pty21")
++	dev_filetrans($1, tty_device_t, chr_file, "pty22")
++	dev_filetrans($1, tty_device_t, chr_file, "pty23")
++	dev_filetrans($1, tty_device_t, chr_file, "pty24")
++	dev_filetrans($1, tty_device_t, chr_file, "pty25")
++	dev_filetrans($1, tty_device_t, chr_file, "pty26")
++	dev_filetrans($1, tty_device_t, chr_file, "pty27")
++	dev_filetrans($1, tty_device_t, chr_file, "pty28")
++	dev_filetrans($1, tty_device_t, chr_file, "pty29")
++	dev_filetrans($1, tty_device_t, chr_file, "pty30")
++	dev_filetrans($1, tty_device_t, chr_file, "pty31")
++	dev_filetrans($1, tty_device_t, chr_file, "pty32")
++	dev_filetrans($1, tty_device_t, chr_file, "pty33")
++	dev_filetrans($1, tty_device_t, chr_file, "pty34")
++	dev_filetrans($1, tty_device_t, chr_file, "pty35")
++	dev_filetrans($1, tty_device_t, chr_file, "pty36")
++	dev_filetrans($1, tty_device_t, chr_file, "pty37")
++	dev_filetrans($1, tty_device_t, chr_file, "pty38")
++	dev_filetrans($1, tty_device_t, chr_file, "pty39")
++	dev_filetrans($1, tty_device_t, chr_file, "pty40")
++	dev_filetrans($1, tty_device_t, chr_file, "pty41")
++	dev_filetrans($1, tty_device_t, chr_file, "pty42")
++	dev_filetrans($1, tty_device_t, chr_file, "pty43")
++	dev_filetrans($1, tty_device_t, chr_file, "pty44")
++	dev_filetrans($1, tty_device_t, chr_file, "pty45")
++	dev_filetrans($1, tty_device_t, chr_file, "pty46")
++	dev_filetrans($1, tty_device_t, chr_file, "pty47")
++	dev_filetrans($1, tty_device_t, chr_file, "pty48")
++	dev_filetrans($1, tty_device_t, chr_file, "pty49")
++	dev_filetrans($1, tty_device_t, chr_file, "pty50")
++	dev_filetrans($1, tty_device_t, chr_file, "pty51")
++	dev_filetrans($1, tty_device_t, chr_file, "pty52")
++	dev_filetrans($1, tty_device_t, chr_file, "pty53")
++	dev_filetrans($1, tty_device_t, chr_file, "pty54")
++	dev_filetrans($1, tty_device_t, chr_file, "pty55")
++	dev_filetrans($1, tty_device_t, chr_file, "pty56")
++	dev_filetrans($1, tty_device_t, chr_file, "pty57")
++	dev_filetrans($1, tty_device_t, chr_file, "pty58")
++	dev_filetrans($1, tty_device_t, chr_file, "pty59")
++	dev_filetrans($1, tty_device_t, chr_file, "pty60")
++	dev_filetrans($1, tty_device_t, chr_file, "pty61")
++	dev_filetrans($1, tty_device_t, chr_file, "pty62")
++	dev_filetrans($1, tty_device_t, chr_file, "pty63")
++	dev_filetrans($1, tty_device_t, chr_file, "pty64")
++	dev_filetrans($1, tty_device_t, chr_file, "pty65")
++	dev_filetrans($1, tty_device_t, chr_file, "pty66")
++	dev_filetrans($1, tty_device_t, chr_file, "pty67")
++	dev_filetrans($1, tty_device_t, chr_file, "pty68")
++	dev_filetrans($1, tty_device_t, chr_file, "pty69")
++	dev_filetrans($1, tty_device_t, chr_file, "pty70")
++	dev_filetrans($1, tty_device_t, chr_file, "pty71")
++	dev_filetrans($1, tty_device_t, chr_file, "pty72")
++	dev_filetrans($1, tty_device_t, chr_file, "pty73")
++	dev_filetrans($1, tty_device_t, chr_file, "pty74")
++	dev_filetrans($1, tty_device_t, chr_file, "pty75")
++	dev_filetrans($1, tty_device_t, chr_file, "pty76")
++	dev_filetrans($1, tty_device_t, chr_file, "pty77")
++	dev_filetrans($1, tty_device_t, chr_file, "pty78")
++	dev_filetrans($1, tty_device_t, chr_file, "pty79")
++	dev_filetrans($1, tty_device_t, chr_file, "pty80")
++	dev_filetrans($1, tty_device_t, chr_file, "pty81")
++	dev_filetrans($1, tty_device_t, chr_file, "pty82")
++	dev_filetrans($1, tty_device_t, chr_file, "pty83")
++	dev_filetrans($1, tty_device_t, chr_file, "pty84")
++	dev_filetrans($1, tty_device_t, chr_file, "pty85")
++	dev_filetrans($1, tty_device_t, chr_file, "pty86")
++	dev_filetrans($1, tty_device_t, chr_file, "pty87")
++	dev_filetrans($1, tty_device_t, chr_file, "pty88")
++	dev_filetrans($1, tty_device_t, chr_file, "pty89")
++	dev_filetrans($1, tty_device_t, chr_file, "pty90")
++	dev_filetrans($1, tty_device_t, chr_file, "pty91")
++	dev_filetrans($1, tty_device_t, chr_file, "pty92")
++	dev_filetrans($1, tty_device_t, chr_file, "pty93")
++	dev_filetrans($1, tty_device_t, chr_file, "pty94")
++	dev_filetrans($1, tty_device_t, chr_file, "pty95")
++	dev_filetrans($1, tty_device_t, chr_file, "pty96")
++	dev_filetrans($1, tty_device_t, chr_file, "pty97")
++	dev_filetrans($1, tty_device_t, chr_file, "pty98")
++	dev_filetrans($1, tty_device_t, chr_file, "pty99")
++	dev_filetrans($1, tty_device_t, chr_file, "adb0")
++	dev_filetrans($1, tty_device_t, chr_file, "adb1")
++	dev_filetrans($1, tty_device_t, chr_file, "adb2")
++	dev_filetrans($1, tty_device_t, chr_file, "adb3")
++	dev_filetrans($1, tty_device_t, chr_file, "adb4")
++	dev_filetrans($1, tty_device_t, chr_file, "adb5")
++	dev_filetrans($1, tty_device_t, chr_file, "adb6")
++	dev_filetrans($1, tty_device_t, chr_file, "adb7")
++	dev_filetrans($1, tty_device_t, chr_file, "adb8")
++	dev_filetrans($1, tty_device_t, chr_file, "adb9")
++	dev_filetrans($1, tty_device_t, chr_file, "capi0")
++	dev_filetrans($1, tty_device_t, chr_file, "capi1")
++	dev_filetrans($1, tty_device_t, chr_file, "capi2")
++	dev_filetrans($1, tty_device_t, chr_file, "capi3")
++	dev_filetrans($1, tty_device_t, chr_file, "capi4")
++	dev_filetrans($1, tty_device_t, chr_file, "capi5")
++	dev_filetrans($1, tty_device_t, chr_file, "capi6")
++	dev_filetrans($1, tty_device_t, chr_file, "capi7")
++	dev_filetrans($1, tty_device_t, chr_file, "capi8")
++	dev_filetrans($1, tty_device_t, chr_file, "capi9")
++	dev_filetrans($1, console_device_t, chr_file, "console")
++	dev_filetrans($1, tty_device_t, chr_file, "cu0")
++	dev_filetrans($1, tty_device_t, chr_file, "cu1")
++	dev_filetrans($1, tty_device_t, chr_file, "cu2")
++	dev_filetrans($1, tty_device_t, chr_file, "cu3")
++	dev_filetrans($1, tty_device_t, chr_file, "cu4")
++	dev_filetrans($1, tty_device_t, chr_file, "cu5")
++	dev_filetrans($1, tty_device_t, chr_file, "cu6")
++	dev_filetrans($1, tty_device_t, chr_file, "cu7")
++	dev_filetrans($1, tty_device_t, chr_file, "cu8")
++	dev_filetrans($1, tty_device_t, chr_file, "cu9")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri0")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri1")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri2")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri3")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri4")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri5")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri6")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri7")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri8")
++	dev_filetrans($1, tty_device_t, chr_file, "dcbri9")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc0")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc1")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc2")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc3")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc4")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc5")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc6")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc7")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc8")
++	dev_filetrans($1, tty_device_t, chr_file, "hvc9")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi0")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi1")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi2")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi3")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi4")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi5")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi6")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi7")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi8")
++	dev_filetrans($1, tty_device_t, chr_file, "hvsi9")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm0")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm1")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm2")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm3")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm4")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm5")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm6")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm7")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm8")
++	dev_filetrans($1, tty_device_t, chr_file, "ircomm9")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn0")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn1")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn2")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn3")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn4")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn5")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn6")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn7")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn8")
++	dev_filetrans($1, tty_device_t, chr_file, "isdn9")
++	dev_filetrans($1, ptmx_t, chr_file, "ptmx")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm0")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm1")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm2")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm3")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm4")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm5")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm6")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm7")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm8")
++	dev_filetrans($1, tty_device_t, chr_file, "rfcomm9")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr0")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr1")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr2")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr3")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr4")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr5")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr6")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr7")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr8")
++	dev_filetrans($1, tty_device_t, chr_file, "slamr9")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS0")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS1")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS2")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS3")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS4")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS5")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS6")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS7")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS8")
++	dev_filetrans($1, tty_device_t, chr_file, "ttyS9")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG0")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG1")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG2")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG3")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG4")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG5")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG6")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG7")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG8")
++	dev_filetrans($1, tty_device_t, chr_file, "ttySG9")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p0")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p1")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p2")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p3")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p4")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p5")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p6")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p7")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p8")
++	dev_filetrans($1, virtio_device_t, chr_file, "vport0p9")
++	dev_filetrans($1, devpts_t, dir, "pts")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc0")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc1")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc2")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc3")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc4")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc5")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc6")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc7")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc8")
++	dev_filetrans($1, tty_device_t, chr_file, "xvc9")
 +')
 diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
 index 361692e..0f09fb5 100644
@@ -16866,7 +16927,7 @@ index 1cb7311..1de82b2 100644
 +
 +gen_user(guest_u, user, guest_r, s0, s0)
 diff --git a/policy/modules/roles/secadm.te b/policy/modules/roles/secadm.te
-index be4de58..cce681a 100644
+index be4de58..2efb6e9 100644
 --- a/policy/modules/roles/secadm.te
 +++ b/policy/modules/roles/secadm.te
 @@ -9,6 +9,8 @@ role secadm_r;
@@ -16878,8 +16939,18 @@ index be4de58..cce681a 100644
  
  ########################################
  #
+@@ -39,6 +41,9 @@ logging_read_audit_log(secadm_t)
+ logging_read_generic_logs(secadm_t)
+ logging_read_audit_config(secadm_t)
+ 
++seutil_rw_config(secadm_t)
++seutil_rw_default_contexts(secadm_t)
++
+ optional_policy(`
+ 	aide_run(secadm_t, secadm_r)
+ ')
 diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
-index 2be17d2..7f56ac0 100644
+index 2be17d2..9482840 100644
 --- a/policy/modules/roles/staff.te
 +++ b/policy/modules/roles/staff.te
 @@ -8,12 +8,51 @@ policy_module(staff, 2.2.0)
@@ -16934,7 +17005,7 @@ index 2be17d2..7f56ac0 100644
  optional_policy(`
  	apache_role(staff_r, staff_t)
  ')
-@@ -27,25 +66,138 @@ optional_policy(`
+@@ -27,19 +66,95 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -17032,10 +17103,10 @@ index 2be17d2..7f56ac0 100644
  ')
  
  optional_policy(`
- 	sysadm_role_change(staff_r)
- 	userdom_dontaudit_use_user_terminals(staff_t)
+@@ -48,10 +163,48 @@ optional_policy(`
  ')
-+optional_policy(`
+ 
+ optional_policy(`
 +	setroubleshoot_stream_connect(staff_t)
 +	setroubleshoot_dbus_chat(staff_t)
 +	setroubleshoot_dbus_chat_fixit(staff_t)
@@ -17066,16 +17137,22 @@ index 2be17d2..7f56ac0 100644
 +')
 +
 +optional_policy(`
+ 	vlock_run(staff_t, staff_r)
+ ')
+ 
+ optional_policy(`
 +	vnstatd_read_lib_files(staff_t)
 +')
 +
 +optional_policy(`
 +	webadm_role_change(staff_r)
 +')
++
++optional_policy(`
+ 	xserver_role(staff_r, staff_t)
+ ')
  
- optional_policy(`
- 	vlock_run(staff_t, staff_r)
-@@ -89,10 +241,6 @@ ifndef(`distro_redhat',`
+@@ -89,10 +242,6 @@ ifndef(`distro_redhat',`
  	')
  
  	optional_policy(`
@@ -17086,7 +17163,7 @@ index 2be17d2..7f56ac0 100644
  		gpg_role(staff_r, staff_t)
  	')
  
-@@ -137,10 +285,6 @@ ifndef(`distro_redhat',`
+@@ -137,10 +286,6 @@ ifndef(`distro_redhat',`
  	')
  
  	optional_policy(`
@@ -17097,7 +17174,7 @@ index 2be17d2..7f56ac0 100644
  		spamassassin_role(staff_r, staff_t)
  	')
  
-@@ -172,3 +316,7 @@ ifndef(`distro_redhat',`
+@@ -172,3 +317,7 @@ ifndef(`distro_redhat',`
  		wireshark_role(staff_r, staff_t)
  	')
  ')
@@ -17106,7 +17183,7 @@ index 2be17d2..7f56ac0 100644
 +	userdom_execmod_user_home_files(staff_usertype)
 +')
 diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
-index 4a8d146..4fb9455 100644
+index 4a8d146..2aa3ce0 100644
 --- a/policy/modules/roles/sysadm.te
 +++ b/policy/modules/roles/sysadm.te
 @@ -24,20 +24,55 @@ ifndef(`enable_mls',`
@@ -17144,11 +17221,11 @@ index 4a8d146..4fb9455 100644
 +
 +miscfiles_read_hwdata(sysadm_t)
 +
-+sysnet_etc_filetrans_config(sysadm_t, resolv.conf)
-+sysnet_etc_filetrans_config(sysadm_t, denyhosts)
-+sysnet_etc_filetrans_config(sysadm_t, hosts)
-+sysnet_etc_filetrans_config(sysadm_t, ethers)
-+sysnet_etc_filetrans_config(sysadm_t, yp.conf)
++sysnet_etc_filetrans_config(sysadm_t, "resolv.conf")
++sysnet_etc_filetrans_config(sysadm_t, "denyhosts")
++sysnet_etc_filetrans_config(sysadm_t, "hosts")
++sysnet_etc_filetrans_config(sysadm_t, "ethers")
++sysnet_etc_filetrans_config(sysadm_t, "yp.conf")
  
  # Add/remove user home directories
  userdom_manage_user_home_dirs(sysadm_t)
@@ -17319,7 +17396,18 @@ index 4a8d146..4fb9455 100644
  
  optional_policy(`
  	rsync_exec(sysadm_t)
-@@ -307,7 +354,7 @@ optional_policy(`
+@@ -302,12 +349,18 @@ optional_policy(`
+ ')
+ 
+ optional_policy(`
++	setroubleshoot_stream_connect(sysadm_t)
++	setroubleshoot_dbus_chat(sysadm_t)
++	setroubleshoot_dbus_chat_fixit(sysadm_t)
++')
++
++optional_policy(`
+ 	seutil_run_setfiles(sysadm_t, sysadm_r)
+ 	seutil_run_runinit(sysadm_t, sysadm_r)
  ')
  
  optional_policy(`
@@ -17328,7 +17416,7 @@ index 4a8d146..4fb9455 100644
  ')
  
  optional_policy(`
-@@ -332,10 +379,6 @@ optional_policy(`
+@@ -332,10 +385,6 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -17339,7 +17427,7 @@ index 4a8d146..4fb9455 100644
  	tripwire_run_siggen(sysadm_t, sysadm_r)
  	tripwire_run_tripwire(sysadm_t, sysadm_r)
  	tripwire_run_twadmin(sysadm_t, sysadm_r)
-@@ -343,19 +386,15 @@ optional_policy(`
+@@ -343,19 +392,15 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -17361,7 +17449,7 @@ index 4a8d146..4fb9455 100644
  ')
  
  optional_policy(`
-@@ -367,17 +406,14 @@ optional_policy(`
+@@ -367,45 +412,45 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -17374,31 +17462,42 @@ index 4a8d146..4fb9455 100644
  	usermanage_run_useradd(sysadm_t, sysadm_r)
  ')
  
-+
  optional_policy(`
 -	vmware_role(sysadm_r, sysadm_t)
-+	vpn_run(sysadm_t, sysadm_r)
- ')
- 
- optional_policy(`
-@@ -389,7 +425,8 @@ optional_policy(`
- ')
- 
- optional_policy(`
--	wireshark_role(sysadm_r, sysadm_t)
 +	virt_stream_connect(sysadm_t)
 +	virt_filetrans_home_content(sysadm_t)
  ')
  
  optional_policy(`
-@@ -404,8 +441,15 @@ optional_policy(`
- 	yam_run(sysadm_t, sysadm_r)
+-	vpn_run(sysadm_t, sysadm_r)
++	vlock_run(sysadm_t, sysadm_r)
  ')
  
-+optional_policy(`
+ optional_policy(`
+-	webalizer_run(sysadm_t, sysadm_r)
++	vpn_run(sysadm_t, sysadm_r)
+ ')
+ 
+ optional_policy(`
+-	wireshark_role(sysadm_r, sysadm_t)
++	webalizer_run(sysadm_t, sysadm_r)
+ ')
+ 
+ optional_policy(`
+-	vlock_run(sysadm_t, sysadm_r)
++	xserver_role(sysadm_r, sysadm_t)
+ ')
+ 
+ optional_policy(`
+-	xserver_role(sysadm_r, sysadm_t)
++	yam_run(sysadm_t, sysadm_r)
+ ')
+ 
+ optional_policy(`
+-	yam_run(sysadm_t, sysadm_r)
 +	zebra_stream_connect(sysadm_t)
-+')
-+
+ ')
+ 
  ifndef(`distro_redhat',`
  	optional_policy(`
 +		apache_role(sysadm_r, sysadm_t)
@@ -17407,7 +17506,7 @@ index 4a8d146..4fb9455 100644
  		auth_role(sysadm_r, sysadm_t)
  	')
  
-@@ -439,6 +483,7 @@ ifndef(`distro_redhat',`
+@@ -439,6 +484,7 @@ ifndef(`distro_redhat',`
  
  	optional_policy(`
  		gnome_role(sysadm_r, sysadm_t)
@@ -17415,7 +17514,7 @@ index 4a8d146..4fb9455 100644
  	')
  
  	optional_policy(`
-@@ -452,5 +497,60 @@ ifndef(`distro_redhat',`
+@@ -452,5 +498,60 @@ ifndef(`distro_redhat',`
  	optional_policy(`
  		java_role(sysadm_r, sysadm_t)
  	')
@@ -18186,10 +18285,10 @@ index 0000000..8b2cdf3
 +
 diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
 new file mode 100644
-index 0000000..b3b2479
+index 0000000..25eea4a
 --- /dev/null
 +++ b/policy/modules/roles/unconfineduser.te
-@@ -0,0 +1,526 @@
+@@ -0,0 +1,527 @@
 +policy_module(unconfineduser, 1.0.0)
 +
 +########################################
@@ -18282,11 +18381,11 @@ index 0000000..b3b2479
 +storage_filetrans_all_named_dev(unconfined_t)
 +term_filetrans_all_named_dev(unconfined_t)
 +
-+sysnet_etc_filetrans_config(unconfined_t, resolv.conf)
-+sysnet_etc_filetrans_config(unconfined_t, denyhosts)
-+sysnet_etc_filetrans_config(unconfined_t, hosts)
-+sysnet_etc_filetrans_config(unconfined_t, ethers)
-+sysnet_etc_filetrans_config(unconfined_t, yp.conf)
++sysnet_etc_filetrans_config(unconfined_t, "resolv.conf")
++sysnet_etc_filetrans_config(unconfined_t, "denyhosts")
++sysnet_etc_filetrans_config(unconfined_t, "hosts")
++sysnet_etc_filetrans_config(unconfined_t, "ethers")
++sysnet_etc_filetrans_config(unconfined_t, "yp.conf")
 +
 +optional_policy(`
 +	ssh_filetrans_admin_home_content(unconfined_t)
@@ -18311,6 +18410,7 @@ index 0000000..b3b2479
 +	mount_domtrans_unconfined(unconfined_t)
 +')
 +
++seutil_run_loadpolicy(unconfined_t, unconfined_r)
 +seutil_run_setsebool(unconfined_t, unconfined_r)
 +seutil_run_setfiles(unconfined_t, unconfined_r)
 +seutil_run_semanage(unconfined_t, unconfined_r)
@@ -20236,7 +20336,7 @@ index 9e39aa5..ec27284 100644
 +/var/run/dirsrv/admin-serv.*	gen_context(system_u:object_r:httpd_var_run_t,s0)
 +/opt/dirsrv/var/run/dirsrv/dsgw/cookies(/.*)?       gen_context(system_u:object_r:httpd_var_run_t,s0)
 diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if
-index 6480167..1440827 100644
+index 6480167..63822c0 100644
 --- a/policy/modules/services/apache.if
 +++ b/policy/modules/services/apache.if
 @@ -13,17 +13,13 @@
@@ -20844,12 +20944,12 @@ index 6480167..1440827 100644
 +		type httpd_user_content_t;
 +	')
 +
-+	userdom_user_home_dir_filetrans($1, httpd_user_content_t, dir, public_html)
-+	userdom_user_home_dir_filetrans($1, httpd_user_content_t, dir, www)
-+	userdom_user_home_dir_filetrans($1, httpd_user_content_t, dir, web)
++	userdom_user_home_dir_filetrans($1, httpd_user_content_t, dir, "public_html")
++	userdom_user_home_dir_filetrans($1, httpd_user_content_t, dir, "www")
++	userdom_user_home_dir_filetrans($1, httpd_user_content_t, dir, "web")
  ')
 diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
-index 3136c6a..02f0378 100644
+index 3136c6a..6a6fdc5 100644
 --- a/policy/modules/services/apache.te
 +++ b/policy/modules/services/apache.te
 @@ -18,130 +18,195 @@ policy_module(apache, 2.2.1)
@@ -21194,7 +21294,7 @@ index 3136c6a..02f0378 100644
  
  corenet_all_recvfrom_unlabeled(httpd_t)
  corenet_all_recvfrom_netlabel(httpd_t)
-@@ -365,8 +452,10 @@ corenet_udp_sendrecv_generic_node(httpd_t)
+@@ -365,8 +452,11 @@ corenet_udp_sendrecv_generic_node(httpd_t)
  corenet_tcp_sendrecv_all_ports(httpd_t)
  corenet_udp_sendrecv_all_ports(httpd_t)
  corenet_tcp_bind_generic_node(httpd_t)
@@ -21202,10 +21302,11 @@ index 3136c6a..02f0378 100644
  corenet_tcp_bind_http_port(httpd_t)
  corenet_tcp_bind_http_cache_port(httpd_t)
 +corenet_tcp_bind_ntop_port(httpd_t)
++corenet_tcp_bind_jboss_management_port(httpd_t)
  corenet_sendrecv_http_server_packets(httpd_t)
  # Signal self for shutdown
  corenet_tcp_connect_http_port(httpd_t)
-@@ -378,12 +467,12 @@ dev_rw_crypto(httpd_t)
+@@ -378,12 +468,12 @@ dev_rw_crypto(httpd_t)
  
  fs_getattr_all_fs(httpd_t)
  fs_search_auto_mountpoints(httpd_t)
@@ -21221,7 +21322,7 @@ index 3136c6a..02f0378 100644
  
  domain_use_interactive_fds(httpd_t)
  
-@@ -391,6 +480,7 @@ files_dontaudit_getattr_all_pids(httpd_t)
+@@ -391,6 +481,7 @@ files_dontaudit_getattr_all_pids(httpd_t)
  files_read_usr_files(httpd_t)
  files_list_mnt(httpd_t)
  files_search_spool(httpd_t)
@@ -21229,7 +21330,7 @@ index 3136c6a..02f0378 100644
  files_read_var_lib_files(httpd_t)
  files_search_home(httpd_t)
  files_getattr_home_dir(httpd_t)
-@@ -402,6 +492,13 @@ files_read_etc_files(httpd_t)
+@@ -402,6 +493,13 @@ files_read_etc_files(httpd_t)
  files_read_var_lib_symlinks(httpd_t)
  
  fs_search_auto_mountpoints(httpd_sys_script_t)
@@ -21243,7 +21344,7 @@ index 3136c6a..02f0378 100644
  
  libs_read_lib_files(httpd_t)
  
-@@ -416,34 +513,74 @@ seutil_dontaudit_search_config(httpd_t)
+@@ -416,34 +514,74 @@ seutil_dontaudit_search_config(httpd_t)
  
  userdom_use_unpriv_users_fds(httpd_t)
  
@@ -21320,7 +21421,7 @@ index 3136c6a..02f0378 100644
  ')
  
  tunable_policy(`httpd_enable_cgi && httpd_use_nfs',`
-@@ -456,6 +593,10 @@ tunable_policy(`httpd_enable_cgi && httpd_use_cifs',`
+@@ -456,6 +594,10 @@ tunable_policy(`httpd_enable_cgi && httpd_use_cifs',`
  
  tunable_policy(`httpd_enable_cgi && httpd_unified && httpd_builtin_scripting',`
  	domtrans_pattern(httpd_t, httpdcontent, httpd_sys_script_t)
@@ -21331,7 +21432,7 @@ index 3136c6a..02f0378 100644
  
  	manage_dirs_pattern(httpd_t, httpdcontent, httpdcontent)
  	manage_files_pattern(httpd_t, httpdcontent, httpdcontent)
-@@ -466,15 +607,27 @@ tunable_policy(`httpd_enable_ftp_server',`
+@@ -466,15 +608,27 @@ tunable_policy(`httpd_enable_ftp_server',`
  	corenet_tcp_bind_ftp_port(httpd_t)
  ')
  
@@ -21361,7 +21462,7 @@ index 3136c6a..02f0378 100644
  tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
  	fs_read_cifs_files(httpd_t)
  	fs_read_cifs_symlinks(httpd_t)
-@@ -484,7 +637,16 @@ tunable_policy(`httpd_can_sendmail',`
+@@ -484,7 +638,16 @@ tunable_policy(`httpd_can_sendmail',`
  	# allow httpd to connect to mail servers
  	corenet_tcp_connect_smtp_port(httpd_t)
  	corenet_sendrecv_smtp_client_packets(httpd_t)
@@ -21378,7 +21479,7 @@ index 3136c6a..02f0378 100644
  ')
  
  tunable_policy(`httpd_ssi_exec',`
-@@ -499,9 +661,19 @@ tunable_policy(`httpd_ssi_exec',`
+@@ -499,9 +662,19 @@ tunable_policy(`httpd_ssi_exec',`
  # to run correctly without this permission, so the permission
  # are dontaudited here.
  tunable_policy(`httpd_tty_comm',`
@@ -21399,7 +21500,7 @@ index 3136c6a..02f0378 100644
  ')
  
  optional_policy(`
-@@ -513,7 +685,13 @@ optional_policy(`
+@@ -513,7 +686,13 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -21414,7 +21515,7 @@ index 3136c6a..02f0378 100644
  ')
  
  optional_policy(`
-@@ -528,7 +706,18 @@ optional_policy(`
+@@ -528,7 +707,18 @@ optional_policy(`
  	daemontools_service_domain(httpd_t, httpd_exec_t)
  ')
  
@@ -21434,7 +21535,7 @@ index 3136c6a..02f0378 100644
  	dbus_system_bus_client(httpd_t)
  
  	tunable_policy(`httpd_dbus_avahi',`
-@@ -537,8 +726,13 @@ optional_policy(`
+@@ -537,8 +727,13 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -21449,7 +21550,7 @@ index 3136c6a..02f0378 100644
  	')
  ')
  
-@@ -556,7 +750,13 @@ optional_policy(`
+@@ -556,7 +751,13 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -21463,7 +21564,7 @@ index 3136c6a..02f0378 100644
  	mysql_stream_connect(httpd_t)
  	mysql_rw_db_sockets(httpd_t)
  
-@@ -567,6 +767,7 @@ optional_policy(`
+@@ -567,6 +768,7 @@ optional_policy(`
  
  optional_policy(`
  	nagios_read_config(httpd_t)
@@ -21471,7 +21572,7 @@ index 3136c6a..02f0378 100644
  ')
  
  optional_policy(`
-@@ -577,6 +778,16 @@ optional_policy(`
+@@ -577,6 +779,16 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -21488,7 +21589,7 @@ index 3136c6a..02f0378 100644
  	# Allow httpd to work with postgresql
  	postgresql_stream_connect(httpd_t)
  	postgresql_unpriv_client(httpd_t)
-@@ -591,6 +802,11 @@ optional_policy(`
+@@ -591,6 +803,11 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -21500,7 +21601,7 @@ index 3136c6a..02f0378 100644
  	snmp_dontaudit_read_snmp_var_lib_files(httpd_t)
  	snmp_dontaudit_write_snmp_var_lib_files(httpd_t)
  ')
-@@ -603,6 +819,11 @@ optional_policy(`
+@@ -603,6 +820,11 @@ optional_policy(`
  	yam_read_content(httpd_t)
  ')
  
@@ -21512,7 +21613,7 @@ index 3136c6a..02f0378 100644
  ########################################
  #
  # Apache helper local policy
-@@ -616,7 +837,11 @@ allow httpd_helper_t httpd_log_t:file append_file_perms;
+@@ -616,7 +838,11 @@ allow httpd_helper_t httpd_log_t:file append_file_perms;
  
  logging_send_syslog_msg(httpd_helper_t)
  
@@ -21525,7 +21626,7 @@ index 3136c6a..02f0378 100644
  
  ########################################
  #
-@@ -654,28 +879,30 @@ libs_exec_lib_files(httpd_php_t)
+@@ -654,28 +880,30 @@ libs_exec_lib_files(httpd_php_t)
  userdom_use_unpriv_users_fds(httpd_php_t)
  
  tunable_policy(`httpd_can_network_connect_db',`
@@ -21569,7 +21670,16 @@ index 3136c6a..02f0378 100644
  ')
  
  ########################################
-@@ -699,17 +926,22 @@ manage_dirs_pattern(httpd_suexec_t, httpd_suexec_tmp_t, httpd_suexec_tmp_t)
+@@ -685,6 +913,8 @@ optional_policy(`
+ 
+ allow httpd_suexec_t self:capability { setuid setgid };
+ allow httpd_suexec_t self:process signal_perms;
++
++allow httpd_suexec_t self:fifo_file rw_fifo_file_perms;
+ allow httpd_suexec_t self:unix_stream_socket create_stream_socket_perms;
+ 
+ domtrans_pattern(httpd_t, httpd_suexec_exec_t, httpd_suexec_t)
+@@ -699,17 +929,22 @@ manage_dirs_pattern(httpd_suexec_t, httpd_suexec_tmp_t, httpd_suexec_tmp_t)
  manage_files_pattern(httpd_suexec_t, httpd_suexec_tmp_t, httpd_suexec_tmp_t)
  files_tmp_filetrans(httpd_suexec_t, httpd_suexec_tmp_t, { file dir })
  
@@ -21595,7 +21705,7 @@ index 3136c6a..02f0378 100644
  
  files_read_etc_files(httpd_suexec_t)
  files_read_usr_files(httpd_suexec_t)
-@@ -740,13 +972,27 @@ tunable_policy(`httpd_can_network_connect',`
+@@ -740,13 +975,31 @@ tunable_policy(`httpd_can_network_connect',`
  	corenet_sendrecv_all_client_packets(httpd_suexec_t)
  ')
  
@@ -21608,6 +21718,10 @@ index 3136c6a..02f0378 100644
 +')
 +
 +domain_entry_file(httpd_sys_script_t, httpd_sys_content_t)
++
++tunable_policy(`httpd_can_sendmail',`
++	mta_send_mail(httpd_suexec_t)
++')
 +
  tunable_policy(`httpd_enable_cgi && httpd_unified',`
  	allow httpd_sys_script_t httpdcontent:file entrypoint;
@@ -21624,7 +21738,7 @@ index 3136c6a..02f0378 100644
  	fs_read_nfs_files(httpd_suexec_t)
  	fs_read_nfs_symlinks(httpd_suexec_t)
  	fs_exec_nfs_files(httpd_suexec_t)
-@@ -769,6 +1015,25 @@ optional_policy(`
+@@ -769,6 +1022,25 @@ optional_policy(`
  	dontaudit httpd_suexec_t httpd_t:unix_stream_socket { read write };
  ')
  
@@ -21650,7 +21764,7 @@ index 3136c6a..02f0378 100644
  ########################################
  #
  # Apache system script local policy
-@@ -789,12 +1054,17 @@ read_lnk_files_pattern(httpd_sys_script_t, squirrelmail_spool_t, squirrelmail_sp
+@@ -789,12 +1061,17 @@ read_lnk_files_pattern(httpd_sys_script_t, squirrelmail_spool_t, squirrelmail_sp
  
  kernel_read_kernel_sysctls(httpd_sys_script_t)
  
@@ -21668,7 +21782,7 @@ index 3136c6a..02f0378 100644
  ifdef(`distro_redhat',`
  	allow httpd_sys_script_t httpd_log_t:file append_file_perms;
  ')
-@@ -803,18 +1073,50 @@ tunable_policy(`httpd_can_sendmail',`
+@@ -803,18 +1080,50 @@ tunable_policy(`httpd_can_sendmail',`
  	mta_send_mail(httpd_sys_script_t)
  ')
  
@@ -21725,7 +21839,7 @@ index 3136c6a..02f0378 100644
  	corenet_tcp_sendrecv_all_ports(httpd_sys_script_t)
  	corenet_udp_sendrecv_all_ports(httpd_sys_script_t)
  	corenet_tcp_connect_all_ports(httpd_sys_script_t)
-@@ -822,14 +1124,29 @@ tunable_policy(`httpd_enable_cgi && httpd_can_network_connect',`
+@@ -822,14 +1131,29 @@ tunable_policy(`httpd_enable_cgi && httpd_can_network_connect',`
  ')
  
  tunable_policy(`httpd_enable_homedirs',`
@@ -21756,7 +21870,7 @@ index 3136c6a..02f0378 100644
  tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
  	fs_read_cifs_files(httpd_sys_script_t)
  	fs_read_cifs_symlinks(httpd_sys_script_t)
-@@ -842,10 +1159,20 @@ optional_policy(`
+@@ -842,10 +1166,20 @@ optional_policy(`
  optional_policy(`
  	mysql_stream_connect(httpd_sys_script_t)
  	mysql_rw_db_sockets(httpd_sys_script_t)
@@ -21777,7 +21891,7 @@ index 3136c6a..02f0378 100644
  ')
  
  ########################################
-@@ -891,11 +1218,21 @@ optional_policy(`
+@@ -891,11 +1225,21 @@ optional_policy(`
  
  tunable_policy(`httpd_enable_cgi && httpd_unified',`
  	allow httpd_user_script_t httpdcontent:file entrypoint;
@@ -21803,10 +21917,19 @@ index 3136c6a..02f0378 100644
 +	userdom_read_user_home_content_files(httpd_user_script_t)
  ')
 diff --git a/policy/modules/services/apcupsd.fc b/policy/modules/services/apcupsd.fc
-index cd07b96..a87d1dd 100644
+index cd07b96..9b7742f 100644
 --- a/policy/modules/services/apcupsd.fc
 +++ b/policy/modules/services/apcupsd.fc
-@@ -13,3 +13,4 @@
+@@ -4,6 +4,8 @@
+ 
+ /usr/sbin/apcupsd		--	gen_context(system_u:object_r:apcupsd_exec_t,s0)
+ 
++/var/lock/subsys/apcupsd	--	gen_context(system_u:object_r:apcupsd_lock_t,s0)
++
+ /var/log/apcupsd\.events.*	--	gen_context(system_u:object_r:apcupsd_log_t,s0)
+ /var/log/apcupsd\.status.*	--	gen_context(system_u:object_r:apcupsd_log_t,s0)
+ 
+@@ -13,3 +15,4 @@
  /var/www/apcupsd/upsfstats\.cgi	--	gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
  /var/www/apcupsd/upsimage\.cgi	--	gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
  /var/www/apcupsd/upsstats\.cgi	--	gen_context(system_u:object_r:httpd_apcupsd_cgi_script_exec_t,s0)
@@ -22119,10 +22242,18 @@ index d80a16b..a43e006 100644
  
  	init_labeled_script_domtrans($1, automount_initrc_exec_t)
 diff --git a/policy/modules/services/automount.te b/policy/modules/services/automount.te
-index 39799db..d174b05 100644
+index 39799db..9390ef1 100644
 --- a/policy/modules/services/automount.te
 +++ b/policy/modules/services/automount.te
-@@ -143,9 +143,6 @@ logging_search_logs(automount_t)
+@@ -64,6 +64,7 @@ kernel_read_network_state(automount_t)
+ kernel_list_proc(automount_t)
+ kernel_dontaudit_search_xen_state(automount_t)
+ 
++files_read_usr_files(automount_t)
+ files_search_boot(automount_t)
+ # Automount is slowly adding all mount functionality internally
+ files_search_all(automount_t)
+@@ -143,9 +144,6 @@ logging_search_logs(automount_t)
  miscfiles_read_localization(automount_t)
  miscfiles_read_generic_certs(automount_t)
  
@@ -22132,7 +22263,7 @@ index 39799db..d174b05 100644
  
  userdom_dontaudit_use_unpriv_user_fds(automount_t)
  userdom_dontaudit_search_user_home_dirs(automount_t)
-@@ -155,6 +152,13 @@ optional_policy(`
+@@ -155,6 +153,13 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -22742,10 +22873,10 @@ index 0000000..fa9b95a
 +')
 diff --git a/policy/modules/services/boinc.te b/policy/modules/services/boinc.te
 new file mode 100644
-index 0000000..11ad49a
+index 0000000..1442451
 --- /dev/null
 +++ b/policy/modules/services/boinc.te
-@@ -0,0 +1,171 @@
+@@ -0,0 +1,172 @@
 +policy_module(boinc, 1.0.0)
 +
 +########################################
@@ -22828,6 +22959,7 @@ index 0000000..11ad49a
 +corenet_tcp_bind_generic_node(boinc_t)
 +corenet_udp_bind_generic_node(boinc_t)
 +corenet_tcp_bind_boinc_port(boinc_t)
++corenet_tcp_bind_boinc_client_ctrl_port(boinc_t)
 +corenet_tcp_connect_boinc_port(boinc_t)
 +corenet_tcp_connect_http_port(boinc_t)
 +corenet_tcp_connect_http_cache_port(boinc_t)
@@ -23322,10 +23454,10 @@ index 0000000..3e15c63
 +/var/spool/callweaver(/.*)?		gen_context(system_u:object_r:callweaver_spool_t,s0)
 diff --git a/policy/modules/services/callweaver.if b/policy/modules/services/callweaver.if
 new file mode 100644
-index 0000000..c8d7b83
+index 0000000..ad3d3c0
 --- /dev/null
 +++ b/policy/modules/services/callweaver.if
-@@ -0,0 +1,338 @@
+@@ -0,0 +1,358 @@
 +## <summary>Open source PBX project.</summary>
 +
 +########################################
@@ -23351,6 +23483,26 @@ index 0000000..c8d7b83
 +########################################
 +## <summary>
 +##	Execute callweaver in the
++##	callers domain.
++## </summary>
++## <param name="domain">
++## <summary>
++##	Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`callweaver_exec',`
++	gen_require(`
++		type callweaver_exec_t;
++	')
++
++	corecmd_search_bin($1)
++	can_exec($1, callweaver_exec_t)
++')
++
++########################################
++## <summary>
++##	Execute callweaver in the
 +##	callweaver domain.
 +## </summary>
 +## <param name="domain">
@@ -24077,7 +24229,7 @@ index d020c93..e5cbcef 100644
  	cgroup_initrc_domtrans_cgconfig($1)
  	domain_system_change_exemption($1)
 diff --git a/policy/modules/services/cgroup.te b/policy/modules/services/cgroup.te
-index 8ca2333..09a114b 100644
+index 8ca2333..93c7789 100644
 --- a/policy/modules/services/cgroup.te
 +++ b/policy/modules/services/cgroup.te
 @@ -16,14 +16,17 @@ init_daemon_domain(cgred_t, cgred_exec_t)
@@ -24143,6 +24295,15 @@ index 8ca2333..09a114b 100644
  # rc script creates pid file
  manage_files_pattern(cgred_t, cgred_var_run_t, cgred_var_run_t)
  manage_sock_files_pattern(cgred_t, cgred_var_run_t, cgred_var_run_t)
+@@ -97,6 +103,8 @@ files_read_etc_files(cgred_t)
+ 
+ fs_write_cgroup_files(cgred_t)
+ 
++auth_use_nsswitch(cgred_t)
++
+ logging_send_syslog_msg(cgred_t)
+ 
+ miscfiles_read_localization(cgred_t)
 diff --git a/policy/modules/services/chronyd.if b/policy/modules/services/chronyd.if
 index 9a0da94..2ede737 100644
 --- a/policy/modules/services/chronyd.if
@@ -24325,17 +24486,19 @@ index fa82327..db20d26 100644
  	gpsd_rw_shm(chronyd_t)
  ')
 diff --git a/policy/modules/services/clamav.fc b/policy/modules/services/clamav.fc
-index e8e9a21..0af0260 100644
+index e8e9a21..89fc935 100644
 --- a/policy/modules/services/clamav.fc
 +++ b/policy/modules/services/clamav.fc
-@@ -10,6 +10,7 @@
+@@ -10,7 +10,9 @@
  
  /var/clamav(/.*)?			gen_context(system_u:object_r:clamd_var_lib_t,s0)
  /var/lib/clamav(/.*)?			gen_context(system_u:object_r:clamd_var_lib_t,s0)
 +/var/lib/clamd.*			gen_context(system_u:object_r:clamd_var_lib_t,s0)
  /var/log/clamav.*			gen_context(system_u:object_r:clamd_var_log_t,s0)
++/var/log/freshclam.*		--	gen_context(system_u:object_r:freshclam_var_log_t,s0)
  /var/log/clamav/freshclam.*	--	gen_context(system_u:object_r:freshclam_var_log_t,s0)
  /var/log/clamd.*			gen_context(system_u:object_r:clamd_var_log_t,s0)
+ /var/run/amavis(d)?/clamd\.pid	--	gen_context(system_u:object_r:clamd_var_run_t,s0)
 diff --git a/policy/modules/services/clamav.if b/policy/modules/services/clamav.if
 index 1f11572..7f6a7ab 100644
 --- a/policy/modules/services/clamav.if
@@ -24377,7 +24540,7 @@ index 1f11572..7f6a7ab 100644
  	')
  
 diff --git a/policy/modules/services/clamav.te b/policy/modules/services/clamav.te
-index f758323..28166c1 100644
+index f758323..a2e2d35 100644
 --- a/policy/modules/services/clamav.te
 +++ b/policy/modules/services/clamav.te
 @@ -1,9 +1,9 @@
@@ -24526,7 +24689,7 @@ index f758323..28166c1 100644
  
  files_read_etc_files(clamscan_t)
  files_read_etc_runtime_files(clamscan_t)
-@@ -264,7 +286,12 @@ miscfiles_read_public_files(clamscan_t)
+@@ -264,10 +286,15 @@ miscfiles_read_public_files(clamscan_t)
  
  clamav_stream_connect(clamscan_t)
  
@@ -24539,7 +24702,11 @@ index f758323..28166c1 100644
 +')
  
  optional_policy(`
- 	amavis_read_spool_files(clamscan_t)
+-	amavis_read_spool_files(clamscan_t)
++	amavis_manage_spool_files(clamscan_t)
+ ')
+ 
+ optional_policy(`
 diff --git a/policy/modules/services/clockspeed.te b/policy/modules/services/clockspeed.te
 index b40f3f7..3676ecc 100644
 --- a/policy/modules/services/clockspeed.te
@@ -25318,10 +25485,10 @@ index 0000000..939d76e
 +')
 diff --git a/policy/modules/services/colord.te b/policy/modules/services/colord.te
 new file mode 100644
-index 0000000..74788d2
+index 0000000..837a832
 --- /dev/null
 +++ b/policy/modules/services/colord.te
-@@ -0,0 +1,108 @@
+@@ -0,0 +1,114 @@
 +policy_module(colord,1.0.0)
 +
 +########################################
@@ -25367,6 +25534,7 @@ index 0000000..74788d2
 +
 +kernel_getattr_proc_files(colord_t)
 +kernel_read_device_sysctls(colord_t)
++kernel_request_load_module(colord_t)
 +
 +corenet_udp_bind_generic_node(colord_t)
 +corenet_udp_bind_ipp_port(colord_t)
@@ -25382,6 +25550,7 @@ index 0000000..74788d2
 +dev_read_urand(colord_t)
 +dev_list_sysfs(colord_t)
 +dev_rw_generic_usb_dev(colord_t)
++
 +storage_getattr_fixed_disk_dev(colord_t)
 +storage_read_scsi_generic(colord_t)
 +storage_write_scsi_generic(colord_t)
@@ -25392,15 +25561,19 @@ index 0000000..74788d2
 +files_read_etc_files(colord_t)
 +files_read_usr_files(colord_t)
 +
++fs_search_all(colord_t)
++fs_read_noxattr_fs_files(colord_t)
++
++storage_read_scsi_generic(colord_t)
++storage_write_scsi_generic(colord_t)
++storage_getattr_fixed_disk_dev(colord_t)
++
 +logging_send_syslog_msg(colord_t)
 +
 +miscfiles_read_localization(colord_t)
 +
 +sysnet_dns_name_resolve(colord_t)
 +
-+fs_search_all(colord_t)
-+fs_read_noxattr_fs_files(colord_t)
-+
 +tunable_policy(`use_nfs_home_dirs',`
 +        fs_read_nfs_files(colord_t)
 +')
@@ -25843,7 +26016,7 @@ index 2eefc08..6030f34 100644
 +
 +/var/log/mcelog.*		--	gen_context(system_u:object_r:cron_log_t,s0)
 diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if
-index 35241ed..b6c4cc9 100644
+index 35241ed..9ba011e 100644
 --- a/policy/modules/services/cron.if
 +++ b/policy/modules/services/cron.if
 @@ -12,6 +12,11 @@
@@ -25858,8 +26031,12 @@ index 35241ed..b6c4cc9 100644
  	##############################
  	#
  	# Declarations
-@@ -34,8 +39,12 @@ template(`cron_common_crontab_template',`
- 	allow $1_t self:process { setsched signal_perms };
+@@ -31,11 +36,15 @@ template(`cron_common_crontab_template',`
+ 
+ 	# dac_override is to create the file in the directory under /tmp
+ 	allow $1_t self:capability { fowner setuid setgid chown dac_override };
+-	allow $1_t self:process { setsched signal_perms };
++	allow $1_t self:process { getcap setsched signal_perms };
  	allow $1_t self:fifo_file rw_fifo_file_perms;
  
 -	allow $1_t $1_tmp_t:file manage_file_perms;
@@ -25882,7 +26059,20 @@ index 35241ed..b6c4cc9 100644
  
  	kernel_read_system_state($1_t)
  
-@@ -62,6 +71,7 @@ template(`cron_common_crontab_template',`
+@@ -51,6 +60,8 @@ template(`cron_common_crontab_template',`
+ 	selinux_dontaudit_search_fs($1_t)
+ 
+ 	fs_getattr_xattr_fs($1_t)
++	fs_manage_cgroup_dirs($1_t)
++	fs_manage_cgroup_files($1_t)
+ 
+ 	domain_use_interactive_fds($1_t)
+ 
+@@ -59,12 +70,15 @@ template(`cron_common_crontab_template',`
+ 	files_dontaudit_search_pids($1_t)
+ 
+ 	auth_domtrans_chk_passwd($1_t)
++	auth_rw_var_auth($1_t)
  
  	logging_send_syslog_msg($1_t)
  	logging_send_audit_msgs($1_t)
@@ -25890,7 +26080,11 @@ index 35241ed..b6c4cc9 100644
  
  	init_dontaudit_write_utmp($1_t)
  	init_read_utmp($1_t)
-@@ -73,9 +83,10 @@ template(`cron_common_crontab_template',`
++	init_read_state($1_t)
+ 
+ 	miscfiles_read_localization($1_t)
+ 
+@@ -73,9 +87,10 @@ template(`cron_common_crontab_template',`
  	userdom_manage_user_tmp_dirs($1_t)
  	userdom_manage_user_tmp_files($1_t)
  	# Access terminals.
@@ -25902,7 +26096,7 @@ index 35241ed..b6c4cc9 100644
  
  	tunable_policy(`fcron_crond',`
  		# fcron wants an instant update of a crontab change for the administrator
-@@ -102,10 +113,12 @@ template(`cron_common_crontab_template',`
+@@ -102,10 +117,12 @@ template(`cron_common_crontab_template',`
  ##	User domain for the role
  ##	</summary>
  ## </param>
@@ -25915,7 +26109,7 @@ index 35241ed..b6c4cc9 100644
  	')
  
  	role $1 types { cronjob_t crontab_t };
-@@ -116,9 +129,16 @@ interface(`cron_role',`
+@@ -116,9 +133,16 @@ interface(`cron_role',`
  	# Transition from the user domain to the derived domain.
  	domtrans_pattern($2, crontab_exec_t, crontab_t)
  
@@ -25924,7 +26118,7 @@ index 35241ed..b6c4cc9 100644
 +	allow $2 crond_t:process sigchld;
 +
 +	# needs to be authorized SELinux context for cron
-+	allow $2 user_cron_spool_t:file entrypoint;
++	allow $2 user_cron_spool_t:file { getattr read write ioctl entrypoint };
 +
  	# crontab shows up in user ps
  	ps_process_pattern($2, crontab_t)
@@ -25933,7 +26127,7 @@ index 35241ed..b6c4cc9 100644
  
  	# Run helper programs as the user domain
  	#corecmd_bin_domtrans(crontab_t, $2)
-@@ -132,9 +152,8 @@ interface(`cron_role',`
+@@ -132,9 +156,8 @@ interface(`cron_role',`
  		')
  
  		dbus_stub(cronjob_t)
@@ -25944,7 +26138,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -151,29 +170,18 @@ interface(`cron_role',`
+@@ -151,29 +174,18 @@ interface(`cron_role',`
  ##	User domain for the role
  ##	</summary>
  ## </param>
@@ -25978,7 +26172,7 @@ index 35241ed..b6c4cc9 100644
  
  	optional_policy(`
  		gen_require(`
-@@ -181,9 +189,8 @@ interface(`cron_unconfined_role',`
+@@ -181,9 +193,8 @@ interface(`cron_unconfined_role',`
  		')
  
  		dbus_stub(unconfined_cronjob_t)
@@ -25989,7 +26183,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -200,6 +207,7 @@ interface(`cron_unconfined_role',`
+@@ -200,6 +211,7 @@ interface(`cron_unconfined_role',`
  ##	User domain for the role
  ##	</summary>
  ## </param>
@@ -25997,7 +26191,7 @@ index 35241ed..b6c4cc9 100644
  #
  interface(`cron_admin_role',`
  	gen_require(`
-@@ -220,7 +228,7 @@ interface(`cron_admin_role',`
+@@ -220,7 +232,7 @@ interface(`cron_admin_role',`
  
  	# crontab shows up in user ps
  	ps_process_pattern($2, admin_crontab_t)
@@ -26006,7 +26200,7 @@ index 35241ed..b6c4cc9 100644
  
  	# Run helper programs as the user domain
  	#corecmd_bin_domtrans(admin_crontab_t, $2)
-@@ -234,9 +242,8 @@ interface(`cron_admin_role',`
+@@ -234,9 +246,8 @@ interface(`cron_admin_role',`
  		')
  
  		dbus_stub(admin_cronjob_t)
@@ -26017,7 +26211,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -304,7 +311,7 @@ interface(`cron_exec',`
+@@ -304,7 +315,7 @@ interface(`cron_exec',`
  
  ########################################
  ## <summary>
@@ -26026,7 +26220,7 @@ index 35241ed..b6c4cc9 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -408,7 +415,43 @@ interface(`cron_rw_pipes',`
+@@ -408,7 +419,43 @@ interface(`cron_rw_pipes',`
  		type crond_t;
  	')
  
@@ -26071,7 +26265,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -481,6 +524,7 @@ interface(`cron_manage_pid_files',`
+@@ -481,6 +528,7 @@ interface(`cron_manage_pid_files',`
  		type crond_var_run_t;
  	')
  
@@ -26079,7 +26273,7 @@ index 35241ed..b6c4cc9 100644
  	manage_files_pattern($1, crond_var_run_t, crond_var_run_t)
  ')
  
-@@ -536,7 +580,7 @@ interface(`cron_write_system_job_pipes',`
+@@ -536,7 +584,7 @@ interface(`cron_write_system_job_pipes',`
  		type system_cronjob_t;
  	')
  
@@ -26088,7 +26282,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -554,7 +598,7 @@ interface(`cron_rw_system_job_pipes',`
+@@ -554,7 +602,7 @@ interface(`cron_rw_system_job_pipes',`
  		type system_cronjob_t;
  	')
  
@@ -26097,7 +26291,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -587,11 +631,14 @@ interface(`cron_rw_system_job_stream_sockets',`
+@@ -587,11 +635,14 @@ interface(`cron_rw_system_job_stream_sockets',`
  #
  interface(`cron_read_system_job_tmp_files',`
  	gen_require(`
@@ -26113,7 +26307,7 @@ index 35241ed..b6c4cc9 100644
  ')
  
  ########################################
-@@ -627,7 +674,47 @@ interface(`cron_dontaudit_append_system_job_tmp_files',`
+@@ -627,7 +678,47 @@ interface(`cron_dontaudit_append_system_job_tmp_files',`
  interface(`cron_dontaudit_write_system_job_tmp_files',`
  	gen_require(`
  		type system_cronjob_tmp_t;
@@ -26162,7 +26356,7 @@ index 35241ed..b6c4cc9 100644
 +	manage_files_pattern($1, system_cronjob_var_lib_t, system_cronjob_var_lib_t)
  ')
 diff --git a/policy/modules/services/cron.te b/policy/modules/services/cron.te
-index f7583ab..254e671 100644
+index f7583ab..e6ddde9 100644
 --- a/policy/modules/services/cron.te
 +++ b/policy/modules/services/cron.te
 @@ -10,18 +10,18 @@ gen_require(`
@@ -26278,9 +26472,12 @@ index f7583ab..254e671 100644
  	# fcron wants an instant update of a crontab change for the administrator
  	# also crontab does a security check for crontab -u
  	allow admin_crontab_t self:process setfscreate;
-@@ -138,7 +151,7 @@ tunable_policy(`fcron_crond', `
+@@ -136,9 +149,9 @@ tunable_policy(`fcron_crond', `
+ # Cron daemon local policy
+ #
  
- allow crond_t self:capability { dac_override setgid setuid sys_nice dac_read_search };
+-allow crond_t self:capability { dac_override setgid setuid sys_nice dac_read_search };
++allow crond_t self:capability { dac_override chown setgid setuid sys_nice dac_read_search };
  dontaudit crond_t self:capability { sys_resource sys_tty_config };
 -allow crond_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
 +allow crond_t self:process ~{ ptrace setcurrent setexec setfscreate execmem execstack execheap };
@@ -27031,7 +27228,7 @@ index 81eba14..d0ab56c 100644
  /usr/bin/dbus-daemon(-1)? --	gen_context(system_u:object_r:dbusd_exec_t,s0)
  /usr/libexec/dbus-daemon-launch-helper -- gen_context(system_u:object_r:dbusd_exec_t,s0)
 diff --git a/policy/modules/services/dbus.if b/policy/modules/services/dbus.if
-index 0d5711c..1564a13 100644
+index 0d5711c..6e35cb2 100644
 --- a/policy/modules/services/dbus.if
 +++ b/policy/modules/services/dbus.if
 @@ -41,9 +41,9 @@ interface(`dbus_stub',`
@@ -27242,29 +27439,54 @@ index 0d5711c..1564a13 100644
  		dontaudit $1 system_dbusd_t:netlink_selinux_socket { read write };
  	')
  ')
-@@ -497,3 +554,23 @@ interface(`dbus_unconfined',`
+@@ -463,26 +520,25 @@ interface(`dbus_use_system_bus_fds',`
  
- 	typeattribute $1 dbusd_unconfined;
- ')
-+
-+########################################
-+## <summary>
-+##	Delete all dbus pid files
-+## </summary>
-+## <param name="domain">
-+##	<summary>
+ ########################################
+ ## <summary>
+-##	Dontaudit Read, and write system dbus TCP sockets.
++##	Allow unconfined access to the system DBUS.
+ ## </summary>
+ ## <param name="domain">
+ ##	<summary>
+-##	Domain to not audit.
 +##	Domain allowed access.
-+##	</summary>
-+## </param>
-+#
+ ##	</summary>
+ ## </param>
+ #
+-interface(`dbus_dontaudit_system_bus_rw_tcp_sockets',`
++interface(`dbus_unconfined',`
+ 	gen_require(`
+-		type system_dbusd_t;
++		attribute dbusd_unconfined;
+ 	')
+ 
+-	allow $1 system_dbusd_t:tcp_socket { read write };
+-	allow $1 system_dbusd_t:fd use;
++	typeattribute $1 dbusd_unconfined;
+ ')
+ 
+ ########################################
+ ## <summary>
+-##	Allow unconfined access to the system DBUS.
++##	Delete all dbus pid files
+ ## </summary>
+ ## <param name="domain">
+ ##	<summary>
+@@ -490,10 +546,12 @@ interface(`dbus_dontaudit_system_bus_rw_tcp_sockets',`
+ ##	</summary>
+ ## </param>
+ #
+-interface(`dbus_unconfined',`
 +interface(`dbus_delete_pid_files',`
-+	gen_require(`
+ 	gen_require(`
+-		attribute dbusd_unconfined;
 +		type system_dbusd_var_run_t;
-+	')
-+
+ 	')
+ 
+-	typeattribute $1 dbusd_unconfined;
 +	files_search_pids($1)
 +	delete_files_pattern($1, system_dbusd_var_run_t, system_dbusd_var_run_t)
-+')
+ ')
 +
 diff --git a/policy/modules/services/dbus.te b/policy/modules/services/dbus.te
 index 86d09b4..8e05351 100644
@@ -29550,8 +29772,20 @@ index f28f64b..0b19f11 100644
  ')
  
  optional_policy(`
+diff --git a/policy/modules/services/fail2ban.fc b/policy/modules/services/fail2ban.fc
+index 0de2b83..b93171c 100644
+--- a/policy/modules/services/fail2ban.fc
++++ b/policy/modules/services/fail2ban.fc
+@@ -1,6 +1,7 @@
+ /etc/rc\.d/init\.d/fail2ban --	gen_context(system_u:object_r:fail2ban_initrc_exec_t,s0)
+ 
+ /usr/bin/fail2ban	--	gen_context(system_u:object_r:fail2ban_exec_t,s0)
++/usr/bin/fail2ban-client	--	gen_context(system_u:object_r:fail2ban_client_exec_t,s0)
+ /usr/bin/fail2ban-server --	gen_context(system_u:object_r:fail2ban_exec_t,s0)
+ 
+ /var/lib/fail2ban(/.*)?		gen_context(system_u:object_r:fail2ban_var_lib_t,s0)
 diff --git a/policy/modules/services/fail2ban.if b/policy/modules/services/fail2ban.if
-index f590a1f..3cc3f80 100644
+index f590a1f..338e5bf 100644
 --- a/policy/modules/services/fail2ban.if
 +++ b/policy/modules/services/fail2ban.if
 @@ -5,9 +5,9 @@
@@ -29566,7 +29800,42 @@ index f590a1f..3cc3f80 100644
  ## </param>
  #
  interface(`fail2ban_domtrans',`
-@@ -102,9 +102,9 @@ interface(`fail2ban_read_log',`
+@@ -40,6 +40,25 @@ interface(`fail2ban_stream_connect',`
+ 
+ ########################################
+ ## <summary>
++##	Read and write inherited temporary files.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`fail2ban_rw_inherited_tmp_files',`
++	gen_require(`
++		type fail2ban_tmp_t;
++	')
++
++	files_search_tmp($1)
++	allow $1 fail2ban_tmp_t:file rw_inherited_file_perms;
++')
++
++########################################
++## <summary>
+ ##	Read and write to an fail2ban unix stream socket.
+ ## </summary>
+ ## <param name="domain">
+@@ -72,7 +91,7 @@ interface(`fail2ban_read_lib_files',`
+ 	')
+ 
+ 	files_search_var_lib($1)
+-	allow $1 fail2ban_var_lib_t:file read_file_perms;
++	read_files_pattern($1, fail2ban_var_lib_t, fail2ban_var_lib_t)
+ ')
+ 
+ ########################################
+@@ -102,9 +121,9 @@ interface(`fail2ban_read_log',`
  ##	fail2ban log files.
  ## </summary>
  ## <param name="domain">
@@ -29578,7 +29847,7 @@ index f590a1f..3cc3f80 100644
  ## </param>
  #
  interface(`fail2ban_append_log',`
-@@ -138,6 +138,26 @@ interface(`fail2ban_read_pid_files',`
+@@ -138,6 +157,26 @@ interface(`fail2ban_read_pid_files',`
  
  ########################################
  ## <summary>
@@ -29605,23 +29874,57 @@ index f590a1f..3cc3f80 100644
  ##	All of the rules required to administrate 
  ##	an fail2ban environment
  ## </summary>
-@@ -155,8 +175,8 @@ interface(`fail2ban_read_pid_files',`
+@@ -155,12 +194,13 @@ interface(`fail2ban_read_pid_files',`
  #
  interface(`fail2ban_admin',`
  	gen_require(`
 -		type fail2ban_t, fail2ban_log_t;
 -		type fail2ban_var_run_t, fail2ban_initrc_exec_t;
 +		type fail2ban_t, fail2ban_log_t, fail2ban_initrc_exec_t;
-+		type fail2ban_var_run_t;
++		type fail2ban_var_run_t, fail2ban_var_lib_t, fail2ban_tmp_t;
++		type fail2ban_client_t;
  	')
  
- 	allow $1 fail2ban_t:process { ptrace signal_perms };
+-	allow $1 fail2ban_t:process { ptrace signal_perms };
+-	ps_process_pattern($1, fail2ban_t)
++	allow $1 { fail2ban_t fail2ban_client_t }:process { ptrace signal_perms };
++	ps_process_pattern($1, { fail2ban_t fail2ban_client_t })
+ 
+ 	init_labeled_script_domtrans($1, fail2ban_initrc_exec_t)
+ 	domain_system_change_exemption($1)
+@@ -172,4 +212,10 @@ interface(`fail2ban_admin',`
+ 
+ 	files_list_pids($1)
+ 	admin_pattern($1, fail2ban_var_run_t)
++
++	files_list_var_lib($1)
++	admin_pattern($1, fail2ban_var_lib_t)
++
++	files_list_tmp($1)
++	admin_pattern($1, fail2ban_tmp_t)
+ ')
 diff --git a/policy/modules/services/fail2ban.te b/policy/modules/services/fail2ban.te
-index 2a69e5e..84e7ce2 100644
+index 2a69e5e..e6d2dd2 100644
 --- a/policy/modules/services/fail2ban.te
 +++ b/policy/modules/services/fail2ban.te
-@@ -28,7 +28,7 @@ files_pid_file(fail2ban_var_run_t)
- # fail2ban local policy
+@@ -23,12 +23,22 @@ files_type(fail2ban_var_lib_t)
+ type fail2ban_var_run_t;
+ files_pid_file(fail2ban_var_run_t)
+ 
++type fail2ban_tmp_t;
++files_tmp_file(fail2ban_tmp_t)
++
++type fail2ban_client_t;
++type fail2ban_client_exec_t;
++init_daemon_domain(fail2ban_client_t, fail2ban_client_exec_t)
++
++# new in F16
++permissive fail2ban_client_t;
++
+ ########################################
+ #
+-# fail2ban local policy
++# fail2ban server local policy
  #
  
 -allow fail2ban_t self:capability { sys_tty_config };
@@ -29629,7 +29932,7 @@ index 2a69e5e..84e7ce2 100644
  allow fail2ban_t self:process signal;
  allow fail2ban_t self:fifo_file rw_fifo_file_perms;
  allow fail2ban_t self:unix_stream_socket { connectto create_stream_socket_perms };
-@@ -36,7 +36,7 @@ allow fail2ban_t self:unix_dgram_socket create_socket_perms;
+@@ -36,7 +46,7 @@ allow fail2ban_t self:unix_dgram_socket create_socket_perms;
  allow fail2ban_t self:tcp_socket create_stream_socket_perms;
  
  # log files
@@ -29638,7 +29941,18 @@ index 2a69e5e..84e7ce2 100644
  manage_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
  logging_log_filetrans(fail2ban_t, fail2ban_log_t, file)
  
-@@ -66,6 +66,7 @@ corenet_sendrecv_whois_client_packets(fail2ban_t)
+@@ -50,6 +60,10 @@ manage_sock_files_pattern(fail2ban_t, fail2ban_var_run_t, fail2ban_var_run_t)
+ manage_files_pattern(fail2ban_t, fail2ban_var_run_t, fail2ban_var_run_t)
+ files_pid_filetrans(fail2ban_t, fail2ban_var_run_t, { dir file sock_file })
+ 
++manage_files_pattern(fail2ban_t, fail2ban_tmp_t, fail2ban_tmp_t)
++exec_files_pattern(fail2ban_t, fail2ban_tmp_t, fail2ban_tmp_t)
++files_tmp_filetrans(fail2ban_t, fail2ban_tmp_t, file)
++
+ kernel_read_system_state(fail2ban_t)
+ 
+ corecmd_exec_bin(fail2ban_t)
+@@ -66,6 +80,7 @@ corenet_sendrecv_whois_client_packets(fail2ban_t)
  dev_read_urand(fail2ban_t)
  
  domain_use_interactive_fds(fail2ban_t)
@@ -29646,7 +29960,7 @@ index 2a69e5e..84e7ce2 100644
  
  files_read_etc_files(fail2ban_t)
  files_read_etc_runtime_files(fail2ban_t)
-@@ -94,5 +95,9 @@ optional_policy(`
+@@ -94,5 +109,34 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -29656,6 +29970,31 @@ index 2a69e5e..84e7ce2 100644
 +optional_policy(`
  	iptables_domtrans(fail2ban_t)
  ')
++
++optional_policy(`
++	libs_exec_ldconfig(fail2ban_t)
++')
++
++########################################
++#
++# fail2ban client local policy
++#
++
++domtrans_pattern(fail2ban_client_t, fail2ban_exec_t, fail2ban_t)
++
++stream_connect_pattern(fail2ban_client_t, fail2ban_var_run_t, fail2ban_var_run_t, fail2ban_t)
++
++kernel_read_system_state(fail2ban_client_t)
++
++# python
++corecmd_exec_bin(fail2ban_client_t)
++
++# nsswitch.conf, passwd
++files_read_etc_files(fail2ban_client_t)
++files_read_usr_files(fail2ban_client_t)
++files_search_pids(fail2ban_client_t)
++
++miscfiles_read_localization(fail2ban_client_t)
 diff --git a/policy/modules/services/fetchmail.if b/policy/modules/services/fetchmail.if
 index 6537214..7d64c0a 100644
 --- a/policy/modules/services/fetchmail.if
@@ -29938,7 +30277,7 @@ index bc27421..a65582e 100644
  ## <summary>
  ##	Allow domain dyntransition to sftpd_anon domain.
 diff --git a/policy/modules/services/ftp.te b/policy/modules/services/ftp.te
-index 8a74a83..a75cf2c 100644
+index 8a74a83..0e56a5d 100644
 --- a/policy/modules/services/ftp.te
 +++ b/policy/modules/services/ftp.te
 @@ -40,6 +40,13 @@ gen_tunable(allow_ftpd_use_nfs, false)
@@ -30040,7 +30379,18 @@ index 8a74a83..a75cf2c 100644
  ')
  
  tunable_policy(`ftp_home_dir && use_nfs_home_dirs',`
-@@ -316,6 +338,25 @@ optional_policy(`
+@@ -309,6 +331,10 @@ optional_policy(`
+ ')
+ 
+ optional_policy(`
++	fail2ban_read_lib_files(ftpd_t)
++')
++
++optional_policy(`
+ 	selinux_validate_context(ftpd_t)
+ 
+ 	kerberos_keytab_template(ftpd, ftpd_t)
+@@ -316,6 +342,25 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -30066,7 +30416,7 @@ index 8a74a83..a75cf2c 100644
  	inetd_tcp_service_domain(ftpd_t, ftpd_exec_t)
  
  	optional_policy(`
-@@ -347,16 +388,17 @@ optional_policy(`
+@@ -347,16 +392,17 @@ optional_policy(`
  
  # Allow ftpdctl to talk to ftpd over a socket connection
  stream_connect_pattern(ftpdctl_t, ftpd_var_run_t, ftpd_var_run_t, ftpd_t)
@@ -30086,7 +30436,7 @@ index 8a74a83..a75cf2c 100644
  
  ########################################
  #
-@@ -368,15 +410,28 @@ files_read_etc_files(sftpd_t)
+@@ -368,15 +414,28 @@ files_read_etc_files(sftpd_t)
  # allow read access to /home by default
  userdom_read_user_home_content_files(sftpd_t)
  userdom_read_user_home_content_symlinks(sftpd_t)
@@ -30936,10 +31286,10 @@ index 671d8fd..25c7ab8 100644
 +	dontaudit gnomeclock_t $1:dbus send_msg;
 +')
 diff --git a/policy/modules/services/gnomeclock.te b/policy/modules/services/gnomeclock.te
-index 4fde46b..4417f4e 100644
+index 4fde46b..b9032a7 100644
 --- a/policy/modules/services/gnomeclock.te
 +++ b/policy/modules/services/gnomeclock.te
-@@ -9,24 +9,31 @@ type gnomeclock_t;
+@@ -9,24 +9,32 @@ type gnomeclock_t;
  type gnomeclock_exec_t;
  dbus_system_domain(gnomeclock_t, gnomeclock_exec_t)
  
@@ -30961,6 +31311,7 @@ index 4fde46b..4417f4e 100644
 +
  corecmd_exec_bin(gnomeclock_t)
 +corecmd_exec_shell(gnomeclock_t)
++corecmd_dontaudit_access_check_bin(gnomeclock_t)
  
  files_read_etc_files(gnomeclock_t)
 +files_read_etc_runtime_files(gnomeclock_t)
@@ -30974,7 +31325,7 @@ index 4fde46b..4417f4e 100644
  
  miscfiles_read_localization(gnomeclock_t)
  miscfiles_manage_localization(gnomeclock_t)
-@@ -35,12 +42,51 @@ miscfiles_etc_filetrans_localization(gnomeclock_t)
+@@ -35,12 +43,51 @@ miscfiles_etc_filetrans_localization(gnomeclock_t)
  userdom_read_all_users_state(gnomeclock_t)
  
  optional_policy(`
@@ -32166,7 +32517,7 @@ index 3525d24..923e979 100644
  /var/tmp/host_0			-- 	gen_context(system_u:object_r:krb5_host_rcache_t,s0)
 +/var/tmp/HTTP_23		-- 	gen_context(system_u:object_r:krb5_host_rcache_t,s0)
 diff --git a/policy/modules/services/kerberos.if b/policy/modules/services/kerberos.if
-index 604f67b..04309ea 100644
+index 604f67b..1692784 100644
 --- a/policy/modules/services/kerberos.if
 +++ b/policy/modules/services/kerberos.if
 @@ -26,9 +26,9 @@
@@ -32354,7 +32705,7 @@ index 604f67b..04309ea 100644
 +		type kerberos_home_t;
 +	')
 +
-+	userdom_admin_home_dir_filetrans($1, kerberos_home_t, file, .k5login)
++	userdom_admin_home_dir_filetrans($1, kerberos_home_t, file, ".k5login")
 +')
 +
 +########################################
@@ -32372,7 +32723,7 @@ index 604f67b..04309ea 100644
 +		type kerberos_home_t;
 +	')
 +
-+	userdom_user_home_dir_filetrans($1, kerberos_home_t, file, .k5login)
++	userdom_user_home_dir_filetrans($1, kerberos_home_t, file, ".k5login")
 +')
 +
 +########################################
@@ -32391,18 +32742,18 @@ index 604f67b..04309ea 100644
 +		type krb5kdc_principal_t;
 +	')
 +
-+	files_etc_filetrans($1, krb5_conf_t, file, krb5.conf)
-+	filetrans_pattern($1, krb5kdc_conf_t, krb5_keytab_t, file, kadm5.keytab)
-+	filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, principal)
-+	filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, principal0)
-+	filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, principal1)
-+	#filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, principal1)
++	files_etc_filetrans($1, krb5_conf_t, file, "krb5.conf")
++	filetrans_pattern($1, krb5kdc_conf_t, krb5_keytab_t, file, "kadm5.keytab")
++	filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, "principal")
++	filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, "principal0")
++	filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, "principal1")
++	#filetrans_pattern($1, krb5kdc_conf_t, krb5kdc_principal_t, file, "principal1")
 +
-+	kerberos_etc_filetrans_keytab($1, krb5.keytab)
++	kerberos_etc_filetrans_keytab($1, "krb5.keytab")
 +	kerberos_filetrans_admin_home_content($1)
 +
-+	kerberos_tmp_filetrans_host_rcache($1, host_0)
-+	kerberos_tmp_filetrans_host_rcache($1, HTTP_23)
++	kerberos_tmp_filetrans_host_rcache($1, "host_0")
++	kerberos_tmp_filetrans_host_rcache($1, "HTTP_23")
 +')
 diff --git a/policy/modules/services/kerberos.te b/policy/modules/services/kerberos.te
 index 8edc29b..92dde2c 100644
@@ -32999,7 +33350,7 @@ index 49e04e5..69db026 100644
  /usr/sbin/lircd		--	gen_context(system_u:object_r:lircd_exec_t,s0)
  
 diff --git a/policy/modules/services/lircd.te b/policy/modules/services/lircd.te
-index 6a78de1..ae8af5b 100644
+index 6a78de1..0aebce6 100644
 --- a/policy/modules/services/lircd.te
 +++ b/policy/modules/services/lircd.te
 @@ -13,7 +13,7 @@ type lircd_initrc_exec_t;
@@ -33011,7 +33362,15 @@ index 6a78de1..ae8af5b 100644
  
  type lircd_var_run_t alias lircd_sock_t;
  files_pid_file(lircd_var_run_t)
-@@ -44,13 +44,13 @@ corenet_tcp_bind_lirc_port(lircd_t)
+@@ -24,6 +24,7 @@ files_pid_file(lircd_var_run_t)
+ #
+ 
+ allow lircd_t self:capability { chown kill sys_admin };
++allow lircd_t self:process signal;
+ allow lircd_t self:fifo_file rw_fifo_file_perms;
+ allow lircd_t self:unix_dgram_socket create_socket_perms;
+ allow lircd_t self:tcp_socket create_stream_socket_perms;
+@@ -44,13 +45,13 @@ corenet_tcp_bind_lirc_port(lircd_t)
  corenet_tcp_sendrecv_all_ports(lircd_t)
  corenet_tcp_connect_lirc_port(lircd_t)
  
@@ -34866,7 +35225,7 @@ index 256166a..df99841 100644
  
  /usr/sbin/rmail		--	gen_context(system_u:object_r:sendmail_exec_t,s0)
 diff --git a/policy/modules/services/mta.if b/policy/modules/services/mta.if
-index 343cee3..0fbbe06 100644
+index 343cee3..a1094e2 100644
 --- a/policy/modules/services/mta.if
 +++ b/policy/modules/services/mta.if
 @@ -37,9 +37,9 @@ interface(`mta_stub',`
@@ -35152,8 +35511,8 @@ index 343cee3..0fbbe06 100644
 +		type mail_home_t;
 +	')
 +
-+	userdom_admin_home_dir_filetrans($1, mail_home_t, file, dead.letter)
-+	userdom_admin_home_dir_filetrans($1, mail_home_t, file, .forward)
++	userdom_admin_home_dir_filetrans($1, mail_home_t, file, "dead.letter")
++	userdom_admin_home_dir_filetrans($1, mail_home_t, file, ".forward")
 +')
 +
 +########################################
@@ -35171,8 +35530,8 @@ index 343cee3..0fbbe06 100644
 +		type mail_home_t;
 +	')
 +
-+	userdom_user_home_dir_filetrans($1, mail_home_t, file, dead.letter)
-+	userdom_user_home_dir_filetrans($1, mail_home_t, file, .forward)
++	userdom_user_home_dir_filetrans($1, mail_home_t, file, "dead.letter")
++	userdom_user_home_dir_filetrans($1, mail_home_t, file, ".forward")
 +')
 +
 +########################################
@@ -35192,13 +35551,13 @@ index 343cee3..0fbbe06 100644
 +	')
 +
 +	filetrans_pattern($1, etc_mail_t, etc_aliases_t, { dir file })
-+	mta_etc_filetrans_aliases($1, aliases)
-+	mta_etc_filetrans_aliases($1, aliases.db)
++	mta_etc_filetrans_aliases($1, "aliases")
++	mta_etc_filetrans_aliases($1, "aliases.db")
 +	mta_filetrans_home_content($1)
 +	mta_filetrans_admin_home_content($1)
 +')
 diff --git a/policy/modules/services/mta.te b/policy/modules/services/mta.te
-index 64268e4..9ddac52 100644
+index 64268e4..24ab364 100644
 --- a/policy/modules/services/mta.te
 +++ b/policy/modules/services/mta.te
 @@ -20,8 +20,8 @@ files_type(etc_aliases_t)
@@ -35291,7 +35650,7 @@ index 64268e4..9ddac52 100644
  ')
  
  optional_policy(`
-@@ -124,12 +132,8 @@ optional_policy(`
+@@ -124,12 +132,9 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -35302,10 +35661,11 @@ index 64268e4..9ddac52 100644
 -optional_policy(`
  	fail2ban_append_log(system_mail_t)
 +	fail2ban_dontaudit_leaks(system_mail_t)
++	fail2ban_rw_inherited_tmp_files(system_mail_t)
  ')
  
  optional_policy(`
-@@ -146,6 +150,10 @@ optional_policy(`
+@@ -146,6 +151,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -35316,7 +35676,7 @@ index 64268e4..9ddac52 100644
  	nagios_read_tmp_files(system_mail_t)
  ')
  
-@@ -158,18 +166,6 @@ optional_policy(`
+@@ -158,18 +167,6 @@ optional_policy(`
  	files_etc_filetrans(system_mail_t, etc_aliases_t, { file lnk_file sock_file fifo_file })
  
  	domain_use_interactive_fds(system_mail_t)
@@ -35335,7 +35695,7 @@ index 64268e4..9ddac52 100644
  ')
  
  optional_policy(`
-@@ -189,6 +185,10 @@ optional_policy(`
+@@ -189,6 +186,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -35346,7 +35706,7 @@ index 64268e4..9ddac52 100644
  	smartmon_read_tmp_files(system_mail_t)
  ')
  
-@@ -199,7 +199,7 @@ optional_policy(`
+@@ -199,7 +200,7 @@ optional_policy(`
  	arpwatch_search_data(mailserver_delivery)
  	arpwatch_manage_tmp_files(mta_user_agent)
  
@@ -35355,7 +35715,7 @@ index 64268e4..9ddac52 100644
  		arpwatch_dontaudit_rw_packet_sockets(mta_user_agent)
  	')
  
-@@ -220,7 +220,8 @@ append_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
+@@ -220,7 +221,8 @@ append_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
  create_lnk_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
  read_lnk_files_pattern(mailserver_delivery, mail_spool_t, mail_spool_t)
  
@@ -35365,7 +35725,7 @@ index 64268e4..9ddac52 100644
  
  read_files_pattern(mailserver_delivery, system_mail_tmp_t, system_mail_tmp_t)
  
-@@ -242,6 +243,10 @@ optional_policy(`
+@@ -242,6 +244,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -35376,7 +35736,7 @@ index 64268e4..9ddac52 100644
  	# so MTA can access /var/lib/mailman/mail/wrapper
  	files_search_var_lib(mailserver_delivery)
  
-@@ -249,16 +254,21 @@ optional_policy(`
+@@ -249,16 +255,21 @@ optional_policy(`
  	mailman_read_data_symlinks(mailserver_delivery)
  ')
  
@@ -35400,7 +35760,7 @@ index 64268e4..9ddac52 100644
  # Create dead.letter in user home directories.
  userdom_manage_user_home_content_files(user_mail_t)
  userdom_user_home_dir_filetrans_user_home_content(user_mail_t, file)
-@@ -292,3 +302,44 @@ optional_policy(`
+@@ -292,3 +303,44 @@ optional_policy(`
  	postfix_read_config(user_mail_t)
  	postfix_list_spool(user_mail_t)
  ')
@@ -39301,7 +39661,7 @@ index 55e62d2..6082184 100644
  /var/spool/postfix/pid/.*	gen_context(system_u:object_r:postfix_var_run_t,s0)
  /var/spool/postfix/private(/.*)? gen_context(system_u:object_r:postfix_private_t,s0)
 diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if
-index 46bee12..37bd751 100644
+index 46bee12..f064487 100644
 --- a/policy/modules/services/postfix.if
 +++ b/policy/modules/services/postfix.if
 @@ -34,8 +34,9 @@ template(`postfix_domain_template',`
@@ -39332,7 +39692,16 @@ index 46bee12..37bd751 100644
  	files_read_usr_symlinks(postfix_$1_t)
  	files_search_spool(postfix_$1_t)
  	files_getattr_tmp_dirs(postfix_$1_t)
-@@ -272,7 +274,8 @@ interface(`postfix_read_local_state',`
+@@ -165,6 +167,8 @@ template(`postfix_user_domain_template',`
+ 	domtrans_pattern(postfix_user_domtrans, postfix_$1_exec_t, postfix_$1_t)
+ 
+ 	domain_use_interactive_fds(postfix_$1_t)
++
++	application_domain(postfix_$1_t, postfix_$1_exec_t)
+ ')
+ 
+ ########################################
+@@ -272,7 +276,8 @@ interface(`postfix_read_local_state',`
  		type postfix_local_t;
  	')
  
@@ -39342,7 +39711,7 @@ index 46bee12..37bd751 100644
  ')
  
  ########################################
-@@ -290,7 +293,8 @@ interface(`postfix_read_master_state',`
+@@ -290,7 +295,8 @@ interface(`postfix_read_master_state',`
  		type postfix_master_t;
  	')
  
@@ -39352,7 +39721,7 @@ index 46bee12..37bd751 100644
  ')
  
  ########################################
-@@ -376,6 +380,25 @@ interface(`postfix_domtrans_master',`
+@@ -376,6 +382,25 @@ interface(`postfix_domtrans_master',`
  	domtrans_pattern($1, postfix_master_exec_t, postfix_master_t)
  ')
  
@@ -39378,7 +39747,7 @@ index 46bee12..37bd751 100644
  ########################################
  ## <summary>
  ##	Execute the master postfix program in the
-@@ -404,7 +427,6 @@ interface(`postfix_exec_master',`
+@@ -404,7 +429,6 @@ interface(`postfix_exec_master',`
  ##	Domain allowed access.
  ##	</summary>
  ## </param>
@@ -39386,7 +39755,7 @@ index 46bee12..37bd751 100644
  #
  interface(`postfix_stream_connect_master',`
  	gen_require(`
-@@ -416,6 +438,24 @@ interface(`postfix_stream_connect_master',`
+@@ -416,6 +440,24 @@ interface(`postfix_stream_connect_master',`
  
  ########################################
  ## <summary>
@@ -39411,7 +39780,7 @@ index 46bee12..37bd751 100644
  ##	Execute the master postdrop in the
  ##	postfix_postdrop domain.
  ## </summary>
-@@ -462,7 +502,7 @@ interface(`postfix_domtrans_postqueue',`
+@@ -462,7 +504,7 @@ interface(`postfix_domtrans_postqueue',`
  ##	</summary>
  ## </param>
  #
@@ -39420,7 +39789,7 @@ index 46bee12..37bd751 100644
  	gen_require(`
  		type postfix_postqueue_exec_t;
  	')
-@@ -529,6 +569,25 @@ interface(`postfix_domtrans_smtp',`
+@@ -529,6 +571,25 @@ interface(`postfix_domtrans_smtp',`
  
  ########################################
  ## <summary>
@@ -39446,7 +39815,7 @@ index 46bee12..37bd751 100644
  ##	Search postfix mail spool directories.
  ## </summary>
  ## <param name="domain">
-@@ -539,10 +598,10 @@ interface(`postfix_domtrans_smtp',`
+@@ -539,10 +600,10 @@ interface(`postfix_domtrans_smtp',`
  #
  interface(`postfix_search_spool',`
  	gen_require(`
@@ -39459,7 +39828,7 @@ index 46bee12..37bd751 100644
  	files_search_spool($1)
  ')
  
-@@ -558,10 +617,10 @@ interface(`postfix_search_spool',`
+@@ -558,10 +619,10 @@ interface(`postfix_search_spool',`
  #
  interface(`postfix_list_spool',`
  	gen_require(`
@@ -39472,7 +39841,7 @@ index 46bee12..37bd751 100644
  	files_search_spool($1)
  ')
  
-@@ -577,11 +636,11 @@ interface(`postfix_list_spool',`
+@@ -577,11 +638,11 @@ interface(`postfix_list_spool',`
  #
  interface(`postfix_read_spool_files',`
  	gen_require(`
@@ -39486,7 +39855,7 @@ index 46bee12..37bd751 100644
  ')
  
  ########################################
-@@ -596,11 +655,11 @@ interface(`postfix_read_spool_files',`
+@@ -596,11 +657,11 @@ interface(`postfix_read_spool_files',`
  #
  interface(`postfix_manage_spool_files',`
  	gen_require(`
@@ -39500,7 +39869,7 @@ index 46bee12..37bd751 100644
  ')
  
  ########################################
-@@ -621,3 +680,103 @@ interface(`postfix_domtrans_user_mail_handler',`
+@@ -621,3 +682,103 @@ interface(`postfix_domtrans_user_mail_handler',`
  
  	typeattribute $1 postfix_user_domtrans;
  ')
@@ -42570,10 +42939,10 @@ index de37806..229a3c7 100644
 +	read_files_pattern($1, cluster_var_lib_t, cluster_var_lib_t)
 +')
 diff --git a/policy/modules/services/rhcs.te b/policy/modules/services/rhcs.te
-index 93c896a..883f6f5 100644
+index 93c896a..2331615 100644
 --- a/policy/modules/services/rhcs.te
 +++ b/policy/modules/services/rhcs.te
-@@ -6,13 +6,15 @@ policy_module(rhcs, 1.1.0)
+@@ -6,13 +6,22 @@ policy_module(rhcs, 1.1.0)
  #
  
  ## <desc>
@@ -42586,13 +42955,20 @@ index 93c896a..883f6f5 100644
  ## </desc>
  gen_tunable(fenced_can_network_connect, false)
  
++## <desc>
++##  <p>
++##  Allow fenced domain to execute ssh.
++##  </p>
++## </desc>
++gen_tunable(fenced_can_ssh, false)
++
  attribute cluster_domain;
 +attribute cluster_tmpfs;
 +attribute cluster_pid;
  
  rhcs_domain_template(dlm_controld)
  
-@@ -24,6 +26,8 @@ files_lock_file(fenced_lock_t)
+@@ -24,6 +33,8 @@ files_lock_file(fenced_lock_t)
  type fenced_tmp_t;
  files_tmp_file(fenced_tmp_t)
  
@@ -42601,7 +42977,7 @@ index 93c896a..883f6f5 100644
  rhcs_domain_template(gfs_controld)
  
  rhcs_domain_template(groupd)
-@@ -33,6 +37,10 @@ rhcs_domain_template(qdiskd)
+@@ -33,6 +44,10 @@ rhcs_domain_template(qdiskd)
  type qdiskd_var_lib_t;
  files_type(qdiskd_var_lib_t)
  
@@ -42612,7 +42988,7 @@ index 93c896a..883f6f5 100644
  #####################################
  #
  # dlm_controld local policy
-@@ -55,20 +63,17 @@ fs_manage_configfs_dirs(dlm_controld_t)
+@@ -55,20 +70,17 @@ fs_manage_configfs_dirs(dlm_controld_t)
  
  init_rw_script_tmp_files(dlm_controld_t)
  
@@ -42635,7 +43011,7 @@ index 93c896a..883f6f5 100644
  
  can_exec(fenced_t, fenced_exec_t)
  
-@@ -82,7 +87,10 @@ files_tmp_filetrans(fenced_t, fenced_tmp_t, { file fifo_file dir })
+@@ -82,8 +94,12 @@ files_tmp_filetrans(fenced_t, fenced_tmp_t, { file fifo_file dir })
  
  stream_connect_pattern(fenced_t, groupd_var_run_t, groupd_var_run_t, groupd_t)
  
@@ -42644,24 +43020,37 @@ index 93c896a..883f6f5 100644
  corecmd_exec_bin(fenced_t)
 +corecmd_exec_shell(fenced_t)
  
++corenet_tcp_bind_zented_port(fenced_t)
  corenet_tcp_connect_http_port(fenced_t)
  
-@@ -104,9 +112,13 @@ tunable_policy(`fenced_can_network_connect',`
- 	corenet_tcp_connect_all_ports(fenced_t)
+ dev_read_sysfs(fenced_t)
+@@ -105,8 +121,24 @@ tunable_policy(`fenced_can_network_connect',`
  ')
  
+ optional_policy(`
++	tunable_policy(`fenced_can_ssh',`
++
++		allow fenced_t self:capability { setuid setgid };
++
++		corenet_tcp_connect_ssh_port(fenced_t)
++
++		ssh_exec(fenced_t)
++		ssh_read_user_home_files(fenced_t)
++	')
++')
++
 +# needed by fence_scsi
 +optional_policy(`
 +	corosync_exec(fenced_t)
 +')
 +
- optional_policy(`
++optional_policy(`
  	ccs_read_config(fenced_t)
 -	ccs_stream_connect(fenced_t)
  ')
  
  optional_policy(`
-@@ -114,13 +126,37 @@ optional_policy(`
+@@ -114,13 +146,37 @@ optional_policy(`
  	lvm_read_config(fenced_t)
  ')
  
@@ -42700,7 +43089,7 @@ index 93c896a..883f6f5 100644
  allow gfs_controld_t self:shm create_shm_perms;
  allow gfs_controld_t self:netlink_kobject_uevent_socket create_socket_perms;
  
-@@ -139,10 +175,6 @@ storage_getattr_removable_dev(gfs_controld_t)
+@@ -139,10 +195,6 @@ storage_getattr_removable_dev(gfs_controld_t)
  init_rw_script_tmp_files(gfs_controld_t)
  
  optional_policy(`
@@ -42711,7 +43100,7 @@ index 93c896a..883f6f5 100644
  	lvm_exec(gfs_controld_t)
  	dev_rw_lvm_control(gfs_controld_t)
  ')
-@@ -154,9 +186,10 @@ optional_policy(`
+@@ -154,9 +206,10 @@ optional_policy(`
  
  allow groupd_t self:capability { sys_nice sys_resource };
  allow groupd_t self:process setsched;
@@ -42723,7 +43112,7 @@ index 93c896a..883f6f5 100644
  dev_list_sysfs(groupd_t)
  
  files_read_etc_files(groupd_t)
-@@ -168,8 +201,7 @@ init_rw_script_tmp_files(groupd_t)
+@@ -168,8 +221,7 @@ init_rw_script_tmp_files(groupd_t)
  # qdiskd local policy
  #
  
@@ -42733,7 +43122,7 @@ index 93c896a..883f6f5 100644
  allow qdiskd_t self:tcp_socket create_stream_socket_perms;
  allow qdiskd_t self:udp_socket create_socket_perms;
  
-@@ -199,6 +231,8 @@ files_dontaudit_getattr_all_sockets(qdiskd_t)
+@@ -199,6 +251,8 @@ files_dontaudit_getattr_all_sockets(qdiskd_t)
  files_dontaudit_getattr_all_pipes(qdiskd_t)
  files_read_etc_files(qdiskd_t)
  
@@ -42742,7 +43131,7 @@ index 93c896a..883f6f5 100644
  storage_raw_read_removable_device(qdiskd_t)
  storage_raw_write_removable_device(qdiskd_t)
  storage_raw_read_fixed_disk(qdiskd_t)
-@@ -207,10 +241,6 @@ storage_raw_write_fixed_disk(qdiskd_t)
+@@ -207,10 +261,6 @@ storage_raw_write_fixed_disk(qdiskd_t)
  auth_use_nsswitch(qdiskd_t)
  
  optional_policy(`
@@ -42753,7 +43142,7 @@ index 93c896a..883f6f5 100644
  	netutils_domtrans_ping(qdiskd_t)
  ')
  
-@@ -223,18 +253,28 @@ optional_policy(`
+@@ -223,18 +273,28 @@ optional_policy(`
  # rhcs domains common policy
  #
  
@@ -44490,6 +44879,181 @@ index 150c85d..71e9315 100644
  
  ########################################
  #
+diff --git a/policy/modules/services/sanlock.fc b/policy/modules/services/sanlock.fc
+new file mode 100644
+index 0000000..19d7347
+--- /dev/null
++++ b/policy/modules/services/sanlock.fc
+@@ -0,0 +1,6 @@
++
++/etc/rc\.d/init\.d/sanlock	--	gen_context(system_u:object_r:sanlock_initrc_exec_t,s0)
++
++/var/run/sanlock(/.*)?			gen_context(system_u:object_r:sanlock_var_run_t,s0)
++
++/usr/sbin/sanlock		--	gen_context(system_u:object_r:sanlock_exec_t,s0)
+diff --git a/policy/modules/services/sanlock.if b/policy/modules/services/sanlock.if
+new file mode 100644
+index 0000000..21a17ce
+--- /dev/null
++++ b/policy/modules/services/sanlock.if
+@@ -0,0 +1,92 @@
++
++## <summary>policy for sanlock</summary>
++
++
++########################################
++## <summary>
++##	Execute a domain transition to run sanlock.
++## </summary>
++## <param name="domain">
++## <summary>
++##	Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`sanlock_domtrans',`
++	gen_require(`
++		type sanlock_t, sanlock_exec_t;
++	')
++
++	domtrans_pattern($1, sanlock_exec_t, sanlock_t)
++')
++
++
++########################################
++## <summary>
++##	Execute sanlock server in the sanlock domain.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	The type of the process performing this action.
++##	</summary>
++## </param>
++#
++interface(`sanlock_initrc_domtrans',`
++	gen_require(`
++		type sanlock_initrc_exec_t;
++	')
++
++	init_labeled_script_domtrans($1, sanlock_initrc_exec_t)
++')
++
++########################################
++## <summary>
++##	All of the rules required to administrate
++##	an sanlock environment
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++## <param name="role">
++##	<summary>
++##	Role allowed access.
++##	</summary>
++## </param>
++## <rolecap/>
++#
++interface(`sanlock_admin',`
++	gen_require(`
++		type sanlock_t;
++		type sanlock_initrc_exec_t;
++	')
++
++	allow $1 sanlock_t:process { ptrace signal_perms };
++	ps_process_pattern($1, sanlock_t)
++
++	sanlock_initrc_domtrans($1)
++	domain_system_change_exemption($1)
++	role_transition $2 sanlock_initrc_exec_t system_r;
++	allow $2 system_r;
++
++')
++
++########################################
++## <summary>
++##      Connect to sanlock over an unix stream socket.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      Domain allowed access.
++##      </summary>
++## </param>
++#
++interface(`sanlock_stream_connect',`
++        gen_require(`
++                type sanlock_t, sanlock_var_run_t;
++        ')
++
++        files_search_pids($1)
++        stream_connect_pattern($1, sanlock_var_run_t, sanlock_var_run_t, sanlock_t)
++')
+diff --git a/policy/modules/services/sanlock.te b/policy/modules/services/sanlock.te
+new file mode 100644
+index 0000000..86d947e
+--- /dev/null
++++ b/policy/modules/services/sanlock.te
+@@ -0,0 +1,59 @@
++policy_module(sanlock,1.0.0)
++
++########################################
++#
++# Declarations
++#
++
++type sanlock_t;
++type sanlock_exec_t;
++init_daemon_domain(sanlock_t, sanlock_exec_t)
++
++permissive sanlock_t;
++
++type sanlock_var_run_t;
++files_pid_file(sanlock_var_run_t)
++
++type sanlock_initrc_exec_t;
++init_script_file(sanlock_initrc_exec_t)
++
++########################################
++#
++# sanlock local policy
++#
++allow sanlock_t self:capability { sys_nice ipc_lock };
++allow sanlock_t self:process { setsched signull };
++
++allow sanlock_t self:fifo_file rw_fifo_file_perms;
++allow sanlock_t self:unix_stream_socket create_stream_socket_perms;
++
++manage_dirs_pattern(sanlock_t, sanlock_var_run_t, sanlock_var_run_t)
++manage_files_pattern(sanlock_t, sanlock_var_run_t, sanlock_var_run_t)
++manage_sock_files_pattern(sanlock_t, sanlock_var_run_t, sanlock_var_run_t)
++
++domain_use_interactive_fds(sanlock_t)
++
++files_read_etc_files(sanlock_t)
++
++logging_send_syslog_msg(sanlock_t)
++
++init_read_utmp(sanlock_t)
++init_dontaudit_write_utmp(sanlock_t)
++
++miscfiles_read_localization(sanlock_t)
++
++wdmd_stream_connect(sanlock_t)
++require {
++	type sanlock_t;
++}
++
++#============= sanlock_t ==============
++storage_raw_rw_fixed_disk(sanlock_t)
++
++gen_require(`
++	attribute virt_domain;
++')
++
++# virt_kill_svirt(sanlock_t)
++# virt_signal_svirt(sanlock_t)
++allow sanlock_t virt_domain:process { signal sigkill };
 diff --git a/policy/modules/services/sasl.if b/policy/modules/services/sasl.if
 index f1aea88..a5a75a8 100644
 --- a/policy/modules/services/sasl.if
@@ -45943,7 +46507,7 @@ index 078bcd7..2d60774 100644
 +/root/\.ssh(/.*)?			gen_context(system_u:object_r:ssh_home_t,s0)
 +/root/\.shosts				gen_context(system_u:object_r:ssh_home_t,s0)
 diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if
-index 22adaca..0ecf6e4 100644
+index 22adaca..76e8829 100644
 --- a/policy/modules/services/ssh.if
 +++ b/policy/modules/services/ssh.if
 @@ -32,10 +32,10 @@
@@ -46299,8 +46863,8 @@ index 22adaca..0ecf6e4 100644
 +		type ssh_home_t;
 +	')
 +
-+	userdom_admin_home_dir_filetrans($1, ssh_home_t, dir, .ssh)
-+	userdom_admin_home_dir_filetrans($1, ssh_home_t, dir, .shosts)
++	userdom_admin_home_dir_filetrans($1, ssh_home_t, dir, ".ssh")
++	userdom_admin_home_dir_filetrans($1, ssh_home_t, dir, ".shosts")
 +')
 +
 +########################################
@@ -46320,8 +46884,8 @@ index 22adaca..0ecf6e4 100644
 +		type ssh_home_t;
 +	')
 +
-+	userdom_user_home_dir_filetrans($1, ssh_home_t, dir, .ssh)
-+	userdom_user_home_dir_filetrans($1, ssh_home_t, dir, .shosts)
++	userdom_user_home_dir_filetrans($1, ssh_home_t, dir, ".ssh")
++	userdom_user_home_dir_filetrans($1, ssh_home_t, dir, ".shosts")
 +')
 diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
 index 2dad3c8..c71bdb9 100644
@@ -47907,7 +48471,7 @@ index 2124b6a..9682c44 100644
 +/var/lib/oz(/.*)?					gen_context(system_u:object_r:virt_var_lib_t,s0)
 +/var/lib/oz/isos(/.*)?				gen_context(system_u:object_r:virt_content_t,s0)
 diff --git a/policy/modules/services/virt.if b/policy/modules/services/virt.if
-index 7c5d8d8..16f69c9 100644
+index 7c5d8d8..0516ded 100644
 --- a/policy/modules/services/virt.if
 +++ b/policy/modules/services/virt.if
 @@ -13,14 +13,15 @@
@@ -48342,11 +48906,11 @@ index 7c5d8d8..16f69c9 100644
 +		type virt_home_t;
 +	')
 +
-+	userdom_user_home_dir_filetrans($1, virt_home_t, dir, .libvirt)
-+	userdom_user_home_dir_filetrans($1, virt_home_t, dir, .virtinst)
++	userdom_user_home_dir_filetrans($1, virt_home_t, dir, ".libvirt")
++	userdom_user_home_dir_filetrans($1, virt_home_t, dir, ".virtinst")
  ')
 diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te
-index 3eca020..f715498 100644
+index 3eca020..0caac74 100644
 --- a/policy/modules/services/virt.te
 +++ b/policy/modules/services/virt.te
 @@ -5,56 +5,66 @@ policy_module(virt, 1.4.0)
@@ -48724,7 +49288,7 @@ index 3eca020..f715498 100644
  ')
  
  optional_policy(`
-@@ -385,23 +486,35 @@ optional_policy(`
+@@ -385,23 +486,37 @@ optional_policy(`
  	udev_read_db(virtd_t)
  ')
  
@@ -48761,11 +49325,13 @@ index 3eca020..f715498 100644
 +stream_connect_pattern(virt_domain, qemu_var_run_t, qemu_var_run_t, virtd_t)
 +
 +dontaudit virtd_t virt_domain:process  { siginh noatsecure rlimitinh };
++
++dontaudit virt_domain virt_tmpfs_type:file { read write };
 +
  append_files_pattern(virt_domain, virt_log_t, virt_log_t)
  
  append_files_pattern(virt_domain, virt_var_lib_t, virt_var_lib_t)
-@@ -422,6 +535,7 @@ corenet_rw_tun_tap_dev(virt_domain)
+@@ -422,6 +537,7 @@ corenet_rw_tun_tap_dev(virt_domain)
  corenet_tcp_bind_virt_migration_port(virt_domain)
  corenet_tcp_connect_virt_migration_port(virt_domain)
  
@@ -48773,7 +49339,7 @@ index 3eca020..f715498 100644
  dev_read_rand(virt_domain)
  dev_read_sound(virt_domain)
  dev_read_urand(virt_domain)
-@@ -429,10 +543,12 @@ dev_write_sound(virt_domain)
+@@ -429,10 +545,12 @@ dev_write_sound(virt_domain)
  dev_rw_ksm(virt_domain)
  dev_rw_kvm(virt_domain)
  dev_rw_qemu(virt_domain)
@@ -48786,7 +49352,7 @@ index 3eca020..f715498 100644
  files_read_usr_files(virt_domain)
  files_read_var_files(virt_domain)
  files_search_all(virt_domain)
-@@ -440,8 +556,16 @@ files_search_all(virt_domain)
+@@ -440,8 +558,16 @@ files_search_all(virt_domain)
  fs_getattr_tmpfs(virt_domain)
  fs_rw_anon_inodefs_files(virt_domain)
  fs_rw_tmpfs_files(virt_domain)
@@ -48804,7 +49370,7 @@ index 3eca020..f715498 100644
  term_getattr_pty_fs(virt_domain)
  term_use_generic_ptys(virt_domain)
  term_use_ptmx(virt_domain)
-@@ -457,8 +581,117 @@ optional_policy(`
+@@ -457,8 +583,117 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -49199,6 +49765,174 @@ index 1174ad8..f4c4c1b 100644
  sysnet_dns_name_resolve(httpd_w3c_validator_script_t)
 +
 +apache_dontaudit_rw_tmp_files(httpd_w3c_validator_script_t)
+diff --git a/policy/modules/services/wdmd.fc b/policy/modules/services/wdmd.fc
+new file mode 100644
+index 0000000..2f21759
+--- /dev/null
++++ b/policy/modules/services/wdmd.fc
+@@ -0,0 +1,6 @@
++
++/etc/rc\.d/init\.d/wdmd	--	gen_context(system_u:object_r:wdmd_initrc_exec_t,s0)
++
++/var/run/wdmd(/.*)?			gen_context(system_u:object_r:wdmd_var_run_t,s0)
++
++/usr/sbin/wdmd		--	gen_context(system_u:object_r:wdmd_exec_t,s0)
+diff --git a/policy/modules/services/wdmd.if b/policy/modules/services/wdmd.if
+new file mode 100644
+index 0000000..51831f9
+--- /dev/null
++++ b/policy/modules/services/wdmd.if
+@@ -0,0 +1,92 @@
++
++## <summary>policy for wdmd</summary>
++
++
++########################################
++## <summary>
++##	Execute a domain transition to run wdmd.
++## </summary>
++## <param name="domain">
++## <summary>
++##	Domain allowed access.
++## </summary>
++## </param>
++#
++interface(`wdmd_domtrans',`
++	gen_require(`
++		type wdmd_t, wdmd_exec_t;
++	')
++
++	domtrans_pattern($1, wdmd_exec_t, wdmd_t)
++')
++
++
++########################################
++## <summary>
++##	Execute wdmd server in the wdmd domain.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	The type of the process performing this action.
++##	</summary>
++## </param>
++#
++interface(`wdmd_initrc_domtrans',`
++	gen_require(`
++		type wdmd_initrc_exec_t;
++	')
++
++	init_labeled_script_domtrans($1, wdmd_initrc_exec_t)
++')
++
++########################################
++## <summary>
++##	All of the rules required to administrate
++##	an wdmd environment
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++## <param name="role">
++##	<summary>
++##	Role allowed access.
++##	</summary>
++## </param>
++## <rolecap/>
++#
++interface(`wdmd_admin',`
++	gen_require(`
++		type wdmd_t;
++		type wdmd_initrc_exec_t;
++	')
++
++	allow $1 wdmd_t:process { ptrace signal_perms };
++	ps_process_pattern($1, wdmd_t)
++
++	wdmd_initrc_domtrans($1)
++	domain_system_change_exemption($1)
++	role_transition $2 wdmd_initrc_exec_t system_r;
++	allow $2 system_r;
++
++')
++
++########################################
++## <summary>
++##      Connect to wdmd over an unix stream socket.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      Domain allowed access.
++##      </summary>
++## </param>
++#
++interface(`wdmd_stream_connect',`
++        gen_require(`
++                type wdmd_t, wdmd_var_run_t;
++        ')
++
++        files_search_pids($1)
++        stream_connect_pattern($1, wdmd_var_run_t, wdmd_var_run_t, wdmd_t)
++')
+diff --git a/policy/modules/services/wdmd.te b/policy/modules/services/wdmd.te
+new file mode 100644
+index 0000000..9017079
+--- /dev/null
++++ b/policy/modules/services/wdmd.te
+@@ -0,0 +1,52 @@
++policy_module(wdmd,1.0.0)
++
++########################################
++#
++# Declarations
++#
++
++type wdmd_t;
++type wdmd_exec_t;
++init_daemon_domain(wdmd_t, wdmd_exec_t)
++
++permissive wdmd_t;
++
++type wdmd_var_run_t;
++files_pid_file(wdmd_var_run_t)
++
++type wdmd_initrc_exec_t;
++init_script_file(wdmd_initrc_exec_t)
++
++########################################
++#
++# wdmd local policy
++#
++allow wdmd_t self:capability { sys_nice ipc_lock };
++allow wdmd_t self:process { setsched signal };
++
++allow wdmd_t self:fifo_file rw_fifo_file_perms;
++allow wdmd_t self:unix_stream_socket create_stream_socket_perms;
++
++manage_dirs_pattern(wdmd_t, wdmd_var_run_t, wdmd_var_run_t)
++manage_files_pattern(wdmd_t, wdmd_var_run_t, wdmd_var_run_t)
++manage_sock_files_pattern(wdmd_t, wdmd_var_run_t, wdmd_var_run_t)
++
++dev_write_watchdog(wdmd_t)
++
++domain_use_interactive_fds(wdmd_t)
++
++files_read_etc_files(wdmd_t)
++
++logging_send_syslog_msg(wdmd_t)
++
++miscfiles_read_localization(wdmd_t)
++
++fs_read_anon_inodefs_files(wdmd_t)
++
++gen_require(`
++	type watchdog_device_t;
++')
++
++#dev_read_watchdog(wdmd_t)
++#============= wdmd_t ==============
++allow wdmd_t watchdog_device_t:chr_file read;
 diff --git a/policy/modules/services/xfs.if b/policy/modules/services/xfs.if
 index aa6e5a8..42a0efb 100644
 --- a/policy/modules/services/xfs.if
@@ -49344,7 +50078,7 @@ index 6f1e3c7..a3986f4 100644
 +/var/lib/pqsql/\.Xauthority.*	--	gen_context(system_u:object_r:xauth_home_t,s0)
 +
 diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if
-index 130ced9..463447d 100644
+index 130ced9..092ae1d 100644
 --- a/policy/modules/services/xserver.if
 +++ b/policy/modules/services/xserver.if
 @@ -19,9 +19,10 @@
@@ -49585,12 +50319,12 @@ index 130ced9..463447d 100644
  	allow $2 xauth_home_t:file read_file_perms;
  	allow $2 iceauth_home_t:file read_file_perms;
  
-+	userdom_user_home_dir_filetrans($2, iceauth_home_t, file, .DCOP)
-+	userdom_user_home_dir_filetrans($2, iceauth_home_t, file, .ICEauthority)
-+	userdom_user_home_dir_filetrans($2, xauth_home_t, file, .Xauthority)
-+	userdom_user_home_dir_filetrans($2, xauth_home_t, file, .xauth)
-+	userdom_user_home_dir_filetrans($2, xdm_home_t, file, .xsession-errors)
-+	userdom_user_home_dir_filetrans($2, xdm_home_t, file, .dmrc)
++	userdom_user_home_dir_filetrans($2, iceauth_home_t, file, ".DCOP")
++	userdom_user_home_dir_filetrans($2, iceauth_home_t, file, ".ICEauthority")
++	userdom_user_home_dir_filetrans($2, xauth_home_t, file, ".Xauthority")
++	userdom_user_home_dir_filetrans($2, xauth_home_t, file, ".xauth")
++	userdom_user_home_dir_filetrans($2, xdm_home_t, file, ".xsession-errors")
++	userdom_user_home_dir_filetrans($2, xdm_home_t, file, ".dmrc")
 +
  	# for when /tmp/.X11-unix is created by the system
  	allow $2 xdm_t:fd use;
@@ -50389,9 +51123,9 @@ index 130ced9..463447d 100644
 +
 +	manage_files_pattern($1, user_fonts_config_t, user_fonts_config_t)
 +
-+#	userdom_user_home_dir_filetrans($1, user_fonts_t, dir, .fonts.d)
-+#	userdom_user_home_dir_filetrans($1, user_fonts_t, dir, .fonts)
-+#	userdom_user_home_dir_filetrans($1, user_fonts_cache_t, dir, .fontconfig)
++#	userdom_user_home_dir_filetrans($1, user_fonts_t, dir, ".fonts.d")
++#	userdom_user_home_dir_filetrans($1, user_fonts_t, dir, ".fonts")
++#	userdom_user_home_dir_filetrans($1, user_fonts_cache_t, dir, ".fontconfig")
 +')
 +
 +########################################
@@ -50415,21 +51149,21 @@ index 130ced9..463447d 100644
 +		type user_fonts_config_t;
 +	')
 +
-+	userdom_user_home_dir_filetrans($1, xdm_home_t, file, .dmrc)
-+	userdom_user_home_dir_filetrans($1, xdm_home_t, file, .xsession-errors)
-+	userdom_user_home_dir_filetrans($1, iceauth_home_t, file, .DCOP)
-+	userdom_user_home_dir_filetrans($1, iceauth_home_t, file, .ICEauthority)
-+	userdom_user_home_dir_filetrans($1, xauth_home_t, file, .Xauthority)
-+	userdom_user_home_dir_filetrans($1, xauth_home_t, file, .xauth)
-+	userdom_user_home_dir_filetrans($1, xauth_home_t, file, .Xauth)
-+	userdom_user_home_dir_filetrans($1, user_fonts_config_t, file, .fonts.conf)
-+	userdom_user_home_dir_filetrans($1, user_fonts_config_t, dir, .fonts.d)
-+	userdom_user_home_dir_filetrans($1, user_fonts_t, dir, .fonts)
-+	userdom_user_home_dir_filetrans($1, user_fonts_cache_t, dir, .fontconfig)
-+	filetrans_pattern($1, user_fonts_t, user_fonts_cache_t, dir, auto)
++	userdom_user_home_dir_filetrans($1, xdm_home_t, file, ".dmrc")
++	userdom_user_home_dir_filetrans($1, xdm_home_t, file, ".xsession-errors")
++	userdom_user_home_dir_filetrans($1, iceauth_home_t, file, ".DCOP")
++	userdom_user_home_dir_filetrans($1, iceauth_home_t, file, ".ICEauthority")
++	userdom_user_home_dir_filetrans($1, xauth_home_t, file, ".Xauthority")
++	userdom_user_home_dir_filetrans($1, xauth_home_t, file, ".xauth")
++	userdom_user_home_dir_filetrans($1, xauth_home_t, file, ".Xauth")
++	userdom_user_home_dir_filetrans($1, user_fonts_config_t, file, ".fonts.conf")
++	userdom_user_home_dir_filetrans($1, user_fonts_config_t, dir, ".fonts.d")
++	userdom_user_home_dir_filetrans($1, user_fonts_t, dir, ".fonts")
++	userdom_user_home_dir_filetrans($1, user_fonts_cache_t, dir, ".fontconfig")
++	filetrans_pattern($1, user_fonts_t, user_fonts_cache_t, dir, "auto")
 +')
 diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
-index 6c01261..1a345d6 100644
+index 6c01261..fb82ba3 100644
 --- a/policy/modules/services/xserver.te
 +++ b/policy/modules/services/xserver.te
 @@ -26,27 +26,50 @@ gen_require(`
@@ -50635,7 +51369,7 @@ index 6c01261..1a345d6 100644
  
  tunable_policy(`use_nfs_home_dirs',`
  	fs_manage_nfs_files(iceauth_t)
-@@ -247,50 +301,109 @@ tunable_policy(`use_samba_home_dirs',`
+@@ -247,50 +301,110 @@ tunable_policy(`use_samba_home_dirs',`
  	fs_manage_cifs_files(iceauth_t)
  ')
  
@@ -50663,6 +51397,7 @@ index 6c01261..1a345d6 100644
  
 +allow xauth_t self:capability dac_override;
  allow xauth_t self:process signal;
++allow xauth_t self:shm create_shm_perms;
  allow xauth_t self:unix_stream_socket create_stream_socket_perms;
  
 +allow xauth_t xdm_t:process sigchld;
@@ -50751,7 +51486,7 @@ index 6c01261..1a345d6 100644
  optional_policy(`
  	ssh_sigchld(xauth_t)
  	ssh_read_pipes(xauth_t)
-@@ -302,20 +415,34 @@ optional_policy(`
+@@ -302,20 +416,34 @@ optional_policy(`
  # XDM Local policy
  #
  
@@ -50790,7 +51525,7 @@ index 6c01261..1a345d6 100644
  
  # Allow gdm to run gdm-binary
  can_exec(xdm_t, xdm_exec_t)
-@@ -323,43 +450,62 @@ can_exec(xdm_t, xdm_exec_t)
+@@ -323,43 +451,62 @@ can_exec(xdm_t, xdm_exec_t)
  allow xdm_t xdm_lock_t:file manage_file_perms;
  files_lock_filetrans(xdm_t, xdm_lock_t, file)
  
@@ -50859,7 +51594,7 @@ index 6c01261..1a345d6 100644
  
  # connect to xdm xserver over stream socket
  stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
-@@ -368,18 +514,26 @@ stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
+@@ -368,18 +515,26 @@ stream_connect_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t, xserver_t)
  delete_files_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t)
  delete_sock_files_pattern(xdm_t, xserver_tmp_t, xserver_tmp_t)
  
@@ -50883,11 +51618,11 @@ index 6c01261..1a345d6 100644
  
  corecmd_exec_shell(xdm_t)
  corecmd_exec_bin(xdm_t)
-+corecmd_dontaudit_write_bin_files(xdm_t)
++corecmd_dontaudit_access_check_bin(xdm_t)
  
  corenet_all_recvfrom_unlabeled(xdm_t)
  corenet_all_recvfrom_netlabel(xdm_t)
-@@ -391,18 +545,22 @@ corenet_tcp_sendrecv_all_ports(xdm_t)
+@@ -391,18 +546,22 @@ corenet_tcp_sendrecv_all_ports(xdm_t)
  corenet_udp_sendrecv_all_ports(xdm_t)
  corenet_tcp_bind_generic_node(xdm_t)
  corenet_udp_bind_generic_node(xdm_t)
@@ -50911,7 +51646,7 @@ index 6c01261..1a345d6 100644
  dev_setattr_apm_bios_dev(xdm_t)
  dev_rw_dri(xdm_t)
  dev_rw_agp(xdm_t)
-@@ -411,18 +569,24 @@ dev_setattr_xserver_misc_dev(xdm_t)
+@@ -411,18 +570,24 @@ dev_setattr_xserver_misc_dev(xdm_t)
  dev_getattr_misc_dev(xdm_t)
  dev_setattr_misc_dev(xdm_t)
  dev_dontaudit_rw_misc(xdm_t)
@@ -50939,7 +51674,7 @@ index 6c01261..1a345d6 100644
  
  files_read_etc_files(xdm_t)
  files_read_var_files(xdm_t)
-@@ -433,9 +597,23 @@ files_list_mnt(xdm_t)
+@@ -433,9 +598,23 @@ files_list_mnt(xdm_t)
  files_read_usr_files(xdm_t)
  # Poweroff wants to create the /poweroff file when run from xdm
  files_create_boot_flag(xdm_t)
@@ -50963,7 +51698,7 @@ index 6c01261..1a345d6 100644
  
  storage_dontaudit_read_fixed_disk(xdm_t)
  storage_dontaudit_write_fixed_disk(xdm_t)
-@@ -444,28 +622,36 @@ storage_dontaudit_raw_read_removable_device(xdm_t)
+@@ -444,28 +623,36 @@ storage_dontaudit_raw_read_removable_device(xdm_t)
  storage_dontaudit_raw_write_removable_device(xdm_t)
  storage_dontaudit_setattr_removable_dev(xdm_t)
  storage_dontaudit_rw_scsi_generic(xdm_t)
@@ -51002,7 +51737,7 @@ index 6c01261..1a345d6 100644
  
  userdom_dontaudit_use_unpriv_user_fds(xdm_t)
  userdom_create_all_users_keys(xdm_t)
-@@ -474,9 +660,30 @@ userdom_read_user_home_content_files(xdm_t)
+@@ -474,9 +661,30 @@ userdom_read_user_home_content_files(xdm_t)
  # Search /proc for any user domain processes.
  userdom_read_all_users_state(xdm_t)
  userdom_signal_all_users(xdm_t)
@@ -51033,7 +51768,7 @@ index 6c01261..1a345d6 100644
  
  tunable_policy(`use_nfs_home_dirs',`
  	fs_manage_nfs_dirs(xdm_t)
-@@ -492,6 +699,14 @@ tunable_policy(`use_samba_home_dirs',`
+@@ -492,6 +700,14 @@ tunable_policy(`use_samba_home_dirs',`
  	fs_exec_cifs_files(xdm_t)
  ')
  
@@ -51048,7 +51783,7 @@ index 6c01261..1a345d6 100644
  tunable_policy(`xdm_sysadm_login',`
  	userdom_xsession_spec_domtrans_all_users(xdm_t)
  	# FIXME:
-@@ -505,11 +720,21 @@ tunable_policy(`xdm_sysadm_login',`
+@@ -505,11 +721,21 @@ tunable_policy(`xdm_sysadm_login',`
  ')
  
  optional_policy(`
@@ -51070,7 +51805,7 @@ index 6c01261..1a345d6 100644
  ')
  
  optional_policy(`
-@@ -517,7 +742,43 @@ optional_policy(`
+@@ -517,7 +743,43 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -51115,7 +51850,7 @@ index 6c01261..1a345d6 100644
  ')
  
  optional_policy(`
-@@ -527,6 +788,16 @@ optional_policy(`
+@@ -527,6 +789,16 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -51132,7 +51867,7 @@ index 6c01261..1a345d6 100644
  	hostname_exec(xdm_t)
  ')
  
-@@ -544,28 +815,65 @@ optional_policy(`
+@@ -544,28 +816,65 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -51207,7 +51942,7 @@ index 6c01261..1a345d6 100644
  ')
  
  optional_policy(`
-@@ -577,6 +885,14 @@ optional_policy(`
+@@ -577,6 +886,14 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -51222,7 +51957,7 @@ index 6c01261..1a345d6 100644
  	xfs_stream_connect(xdm_t)
  ')
  
-@@ -601,7 +917,7 @@ allow xserver_t input_xevent_t:x_event send;
+@@ -601,7 +918,7 @@ allow xserver_t input_xevent_t:x_event send;
  # execheap needed until the X module loader is fixed.
  # NVIDIA Needs execstack
  
@@ -51231,7 +51966,7 @@ index 6c01261..1a345d6 100644
  dontaudit xserver_t self:capability chown;
  allow xserver_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
  allow xserver_t self:fd use;
-@@ -615,8 +931,15 @@ allow xserver_t self:unix_dgram_socket { create_socket_perms sendto };
+@@ -615,8 +932,15 @@ allow xserver_t self:unix_dgram_socket { create_socket_perms sendto };
  allow xserver_t self:unix_stream_socket { create_stream_socket_perms connectto };
  allow xserver_t self:tcp_socket create_stream_socket_perms;
  allow xserver_t self:udp_socket create_socket_perms;
@@ -51247,7 +51982,7 @@ index 6c01261..1a345d6 100644
  manage_dirs_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
  manage_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
  manage_sock_files_pattern(xserver_t, xserver_tmp_t, xserver_tmp_t)
-@@ -635,12 +958,19 @@ manage_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
+@@ -635,12 +959,19 @@ manage_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
  manage_lnk_files_pattern(xserver_t, xkb_var_lib_t, xkb_var_lib_t)
  files_search_var_lib(xserver_t)
  
@@ -51269,7 +52004,7 @@ index 6c01261..1a345d6 100644
  
  kernel_read_system_state(xserver_t)
  kernel_read_device_sysctls(xserver_t)
-@@ -648,6 +978,7 @@ kernel_read_modprobe_sysctls(xserver_t)
+@@ -648,6 +979,7 @@ kernel_read_modprobe_sysctls(xserver_t)
  # Xorg wants to check if kernel is tainted
  kernel_read_kernel_sysctls(xserver_t)
  kernel_write_proc_files(xserver_t)
@@ -51277,7 +52012,7 @@ index 6c01261..1a345d6 100644
  
  # Run helper programs in xserver_t.
  corecmd_exec_bin(xserver_t)
-@@ -674,7 +1005,6 @@ dev_rw_apm_bios(xserver_t)
+@@ -674,7 +1006,6 @@ dev_rw_apm_bios(xserver_t)
  dev_rw_agp(xserver_t)
  dev_rw_framebuffer(xserver_t)
  dev_manage_dri_dev(xserver_t)
@@ -51285,7 +52020,7 @@ index 6c01261..1a345d6 100644
  dev_create_generic_dirs(xserver_t)
  dev_setattr_generic_dirs(xserver_t)
  # raw memory access is needed if not using the frame buffer
-@@ -684,11 +1014,17 @@ dev_wx_raw_memory(xserver_t)
+@@ -684,11 +1015,17 @@ dev_wx_raw_memory(xserver_t)
  dev_rw_xserver_misc(xserver_t)
  # read events - the synaptics touchpad driver reads raw events
  dev_rw_input_dev(xserver_t)
@@ -51303,7 +52038,7 @@ index 6c01261..1a345d6 100644
  
  # brought on by rhgb
  files_search_mnt(xserver_t)
-@@ -699,8 +1035,13 @@ fs_getattr_xattr_fs(xserver_t)
+@@ -699,8 +1036,13 @@ fs_getattr_xattr_fs(xserver_t)
  fs_search_nfs(xserver_t)
  fs_search_auto_mountpoints(xserver_t)
  fs_search_ramfs(xserver_t)
@@ -51317,7 +52052,7 @@ index 6c01261..1a345d6 100644
  
  selinux_validate_context(xserver_t)
  selinux_compute_access_vector(xserver_t)
-@@ -713,8 +1054,6 @@ init_getpgid(xserver_t)
+@@ -713,8 +1055,6 @@ init_getpgid(xserver_t)
  term_setattr_unallocated_ttys(xserver_t)
  term_use_unallocated_ttys(xserver_t)
  
@@ -51326,7 +52061,7 @@ index 6c01261..1a345d6 100644
  locallogin_use_fds(xserver_t)
  
  logging_send_syslog_msg(xserver_t)
-@@ -722,11 +1061,12 @@ logging_send_audit_msgs(xserver_t)
+@@ -722,11 +1062,12 @@ logging_send_audit_msgs(xserver_t)
  
  miscfiles_read_localization(xserver_t)
  miscfiles_read_fonts(xserver_t)
@@ -51341,7 +52076,7 @@ index 6c01261..1a345d6 100644
  
  userdom_search_user_home_dirs(xserver_t)
  userdom_use_user_ttys(xserver_t)
-@@ -780,16 +1120,36 @@ optional_policy(`
+@@ -780,16 +1121,36 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -51379,7 +52114,7 @@ index 6c01261..1a345d6 100644
  	unconfined_domtrans(xserver_t)
  ')
  
-@@ -798,6 +1158,10 @@ optional_policy(`
+@@ -798,6 +1159,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -51390,7 +52125,7 @@ index 6c01261..1a345d6 100644
  	xfs_stream_connect(xserver_t)
  ')
  
-@@ -813,10 +1177,10 @@ allow xserver_t xdm_t:shm rw_shm_perms;
+@@ -813,10 +1178,10 @@ allow xserver_t xdm_t:shm rw_shm_perms;
  
  # NB we do NOT allow xserver_t xdm_var_lib_t:dir, only access to an open
  # handle of a file inside the dir!!!
@@ -51404,7 +52139,7 @@ index 6c01261..1a345d6 100644
  
  # Label pid and temporary files with derived types.
  manage_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
-@@ -824,7 +1188,7 @@ manage_lnk_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
+@@ -824,7 +1189,7 @@ manage_lnk_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
  manage_sock_files_pattern(xserver_t, xdm_tmp_t, xdm_tmp_t)
  
  # Run xkbcomp.
@@ -51413,7 +52148,7 @@ index 6c01261..1a345d6 100644
  can_exec(xserver_t, xkb_var_lib_t)
  
  # VNC v4 module in X server
-@@ -837,6 +1201,9 @@ init_use_fds(xserver_t)
+@@ -837,6 +1202,9 @@ init_use_fds(xserver_t)
  # to read ROLE_home_t - examine this in more detail
  # (xauth?)
  userdom_read_user_home_content_files(xserver_t)
@@ -51423,7 +52158,7 @@ index 6c01261..1a345d6 100644
  
  tunable_policy(`use_nfs_home_dirs',`
  	fs_manage_nfs_dirs(xserver_t)
-@@ -844,6 +1211,11 @@ tunable_policy(`use_nfs_home_dirs',`
+@@ -844,6 +1212,11 @@ tunable_policy(`use_nfs_home_dirs',`
  	fs_manage_nfs_symlinks(xserver_t)
  ')
  
@@ -51435,7 +52170,7 @@ index 6c01261..1a345d6 100644
  tunable_policy(`use_samba_home_dirs',`
  	fs_manage_cifs_dirs(xserver_t)
  	fs_manage_cifs_files(xserver_t)
-@@ -852,11 +1224,14 @@ tunable_policy(`use_samba_home_dirs',`
+@@ -852,11 +1225,14 @@ tunable_policy(`use_samba_home_dirs',`
  
  optional_policy(`
  	dbus_system_bus_client(xserver_t)
@@ -51452,7 +52187,7 @@ index 6c01261..1a345d6 100644
  ')
  
  optional_policy(`
-@@ -864,6 +1239,10 @@ optional_policy(`
+@@ -864,6 +1240,10 @@ optional_policy(`
  	rhgb_rw_tmpfs_files(xserver_t)
  ')
  
@@ -51463,7 +52198,7 @@ index 6c01261..1a345d6 100644
  ########################################
  #
  # Rules common to all X window domains
-@@ -907,7 +1286,7 @@ allow x_domain xproperty_t:x_property { getattr create read write append destroy
+@@ -907,7 +1287,7 @@ allow x_domain xproperty_t:x_property { getattr create read write append destroy
  allow x_domain root_xdrawable_t:x_drawable { getattr setattr list_child add_child remove_child send receive hide show };
  # operations allowed on my windows
  allow x_domain self:x_drawable { create destroy getattr setattr read write show hide list_child add_child remove_child manage send receive };
@@ -51472,7 +52207,7 @@ index 6c01261..1a345d6 100644
  # operations allowed on all windows
  allow x_domain x_domain:x_drawable { getattr get_property set_property remove_child };
  
-@@ -961,11 +1340,31 @@ allow x_domain self:x_resource { read write };
+@@ -961,11 +1341,31 @@ allow x_domain self:x_resource { read write };
  # can mess with the screensaver
  allow x_domain xserver_t:x_screen { getattr saver_getattr };
  
@@ -51504,7 +52239,7 @@ index 6c01261..1a345d6 100644
  tunable_policy(`! xserver_object_manager',`
  	# should be xserver_unconfined(x_domain),
  	# but typeattribute doesnt work in conditionals
-@@ -987,18 +1386,32 @@ tunable_policy(`! xserver_object_manager',`
+@@ -987,18 +1387,32 @@ tunable_policy(`! xserver_object_manager',`
  	allow x_domain xevent_type:{ x_event x_synthetic_event } *;
  ')
  
@@ -53920,7 +54655,7 @@ index cc83689..48662f1 100644
 +')
 +
 diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
-index ea29513..787ac51 100644
+index ea29513..353ef34 100644
 --- a/policy/modules/system/init.te
 +++ b/policy/modules/system/init.te
 @@ -16,6 +16,34 @@ gen_require(`
@@ -54209,7 +54944,7 @@ index ea29513..787ac51 100644
  ')
  
  optional_policy(`
-@@ -199,10 +359,25 @@ optional_policy(`
+@@ -199,10 +359,26 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54224,6 +54959,7 @@ index ea29513..787ac51 100644
  optional_policy(`
 +	udev_read_db(init_t)
 +	udev_relabelto_db(init_t)
++	udev_create_kobject_uevent_socket(init_t)
 +')
 +
 +optional_policy(`
@@ -54235,7 +54971,7 @@ index ea29513..787ac51 100644
  	unconfined_domain(init_t)
  ')
  
-@@ -212,7 +387,7 @@ optional_policy(`
+@@ -212,7 +388,7 @@ optional_policy(`
  #
  
  allow initrc_t self:process { getpgid setsched setpgid setrlimit getsched };
@@ -54244,7 +54980,7 @@ index ea29513..787ac51 100644
  dontaudit initrc_t self:capability sys_module; # sysctl is triggering this
  allow initrc_t self:passwd rootok;
  allow initrc_t self:key manage_key_perms;
-@@ -241,12 +416,15 @@ manage_fifo_files_pattern(initrc_t, initrc_state_t, initrc_state_t)
+@@ -241,12 +417,15 @@ manage_fifo_files_pattern(initrc_t, initrc_state_t, initrc_state_t)
  
  allow initrc_t initrc_var_run_t:file manage_file_perms;
  files_pid_filetrans(initrc_t, initrc_var_run_t, file)
@@ -54260,7 +54996,7 @@ index ea29513..787ac51 100644
  
  init_write_initctl(initrc_t)
  
-@@ -258,20 +436,32 @@ kernel_change_ring_buffer_level(initrc_t)
+@@ -258,20 +437,32 @@ kernel_change_ring_buffer_level(initrc_t)
  kernel_clear_ring_buffer(initrc_t)
  kernel_get_sysvipc_info(initrc_t)
  kernel_read_all_sysctls(initrc_t)
@@ -54297,7 +55033,7 @@ index ea29513..787ac51 100644
  corenet_tcp_sendrecv_all_ports(initrc_t)
  corenet_udp_sendrecv_all_ports(initrc_t)
  corenet_tcp_connect_all_ports(initrc_t)
-@@ -279,6 +469,7 @@ corenet_sendrecv_all_client_packets(initrc_t)
+@@ -279,6 +470,7 @@ corenet_sendrecv_all_client_packets(initrc_t)
  
  dev_read_rand(initrc_t)
  dev_read_urand(initrc_t)
@@ -54305,7 +55041,7 @@ index ea29513..787ac51 100644
  dev_write_kmsg(initrc_t)
  dev_write_rand(initrc_t)
  dev_write_urand(initrc_t)
-@@ -289,8 +480,10 @@ dev_write_framebuffer(initrc_t)
+@@ -289,8 +481,10 @@ dev_write_framebuffer(initrc_t)
  dev_read_realtime_clock(initrc_t)
  dev_read_sound_mixer(initrc_t)
  dev_write_sound_mixer(initrc_t)
@@ -54316,7 +55052,7 @@ index ea29513..787ac51 100644
  dev_delete_lvm_control_dev(initrc_t)
  dev_manage_generic_symlinks(initrc_t)
  dev_manage_generic_files(initrc_t)
-@@ -298,13 +491,13 @@ dev_manage_generic_files(initrc_t)
+@@ -298,13 +492,13 @@ dev_manage_generic_files(initrc_t)
  dev_delete_generic_symlinks(initrc_t)
  dev_getattr_all_blk_files(initrc_t)
  dev_getattr_all_chr_files(initrc_t)
@@ -54332,7 +55068,7 @@ index ea29513..787ac51 100644
  domain_sigchld_all_domains(initrc_t)
  domain_read_all_domains_state(initrc_t)
  domain_getattr_all_domains(initrc_t)
-@@ -316,6 +509,7 @@ domain_dontaudit_getattr_all_udp_sockets(initrc_t)
+@@ -316,6 +510,7 @@ domain_dontaudit_getattr_all_udp_sockets(initrc_t)
  domain_dontaudit_getattr_all_tcp_sockets(initrc_t)
  domain_dontaudit_getattr_all_dgram_sockets(initrc_t)
  domain_dontaudit_getattr_all_pipes(initrc_t)
@@ -54340,7 +55076,7 @@ index ea29513..787ac51 100644
  
  files_getattr_all_dirs(initrc_t)
  files_getattr_all_files(initrc_t)
-@@ -323,8 +517,10 @@ files_getattr_all_symlinks(initrc_t)
+@@ -323,8 +518,10 @@ files_getattr_all_symlinks(initrc_t)
  files_getattr_all_pipes(initrc_t)
  files_getattr_all_sockets(initrc_t)
  files_purge_tmp(initrc_t)
@@ -54352,7 +55088,7 @@ index ea29513..787ac51 100644
  files_delete_all_pids(initrc_t)
  files_delete_all_pid_dirs(initrc_t)
  files_read_etc_files(initrc_t)
-@@ -340,8 +536,12 @@ files_list_isid_type_dirs(initrc_t)
+@@ -340,8 +537,12 @@ files_list_isid_type_dirs(initrc_t)
  files_mounton_isid_type_dirs(initrc_t)
  files_list_default(initrc_t)
  files_mounton_default(initrc_t)
@@ -54366,7 +55102,7 @@ index ea29513..787ac51 100644
  fs_list_inotifyfs(initrc_t)
  fs_register_binary_executable_type(initrc_t)
  # rhgb-console writes to ramfs
-@@ -351,6 +551,8 @@ fs_mount_all_fs(initrc_t)
+@@ -351,6 +552,8 @@ fs_mount_all_fs(initrc_t)
  fs_unmount_all_fs(initrc_t)
  fs_remount_all_fs(initrc_t)
  fs_getattr_all_fs(initrc_t)
@@ -54375,7 +55111,7 @@ index ea29513..787ac51 100644
  
  # initrc_t needs to do a pidof which requires ptrace
  mcs_ptrace_all(initrc_t)
-@@ -363,6 +565,7 @@ mls_process_read_up(initrc_t)
+@@ -363,6 +566,7 @@ mls_process_read_up(initrc_t)
  mls_process_write_down(initrc_t)
  mls_rangetrans_source(initrc_t)
  mls_fd_share_all_levels(initrc_t)
@@ -54383,7 +55119,7 @@ index ea29513..787ac51 100644
  
  selinux_get_enforce_mode(initrc_t)
  
-@@ -374,6 +577,7 @@ term_use_all_terms(initrc_t)
+@@ -374,6 +578,7 @@ term_use_all_terms(initrc_t)
  term_reset_tty_labels(initrc_t)
  
  auth_rw_login_records(initrc_t)
@@ -54391,7 +55127,7 @@ index ea29513..787ac51 100644
  auth_setattr_login_records(initrc_t)
  auth_rw_lastlog(initrc_t)
  auth_read_pam_pid(initrc_t)
-@@ -394,18 +598,17 @@ logging_read_audit_config(initrc_t)
+@@ -394,18 +599,17 @@ logging_read_audit_config(initrc_t)
  
  miscfiles_read_localization(initrc_t)
  # slapd needs to read cert files from its initscript
@@ -54413,7 +55149,7 @@ index ea29513..787ac51 100644
  
  ifdef(`distro_debian',`
  	dev_setattr_generic_dirs(initrc_t)
-@@ -458,6 +661,10 @@ ifdef(`distro_gentoo',`
+@@ -458,6 +662,10 @@ ifdef(`distro_gentoo',`
  	sysnet_setattr_config(initrc_t)
  
  	optional_policy(`
@@ -54424,7 +55160,7 @@ index ea29513..787ac51 100644
  		alsa_read_lib(initrc_t)
  	')
  
-@@ -478,7 +685,7 @@ ifdef(`distro_redhat',`
+@@ -478,7 +686,7 @@ ifdef(`distro_redhat',`
  
  	# Red Hat systems seem to have a stray
  	# fd open from the initrd
@@ -54433,7 +55169,7 @@ index ea29513..787ac51 100644
  	files_dontaudit_read_root_files(initrc_t)
  
  	# These seem to be from the initrd
-@@ -493,6 +700,7 @@ ifdef(`distro_redhat',`
+@@ -493,6 +701,7 @@ ifdef(`distro_redhat',`
  	files_create_boot_dirs(initrc_t)
  	files_create_boot_flag(initrc_t)
  	files_rw_boot_symlinks(initrc_t)
@@ -54441,7 +55177,7 @@ index ea29513..787ac51 100644
  	# wants to read /.fonts directory
  	files_read_default_files(initrc_t)
  	files_mountpoint(initrc_tmp_t)
-@@ -522,8 +730,29 @@ ifdef(`distro_redhat',`
+@@ -522,8 +731,29 @@ ifdef(`distro_redhat',`
  	')
  
  	optional_policy(`
@@ -54471,7 +55207,7 @@ index ea29513..787ac51 100644
  	')
  
  	optional_policy(`
-@@ -531,10 +760,22 @@ ifdef(`distro_redhat',`
+@@ -531,10 +761,22 @@ ifdef(`distro_redhat',`
  		rpc_write_exports(initrc_t)
  		rpc_manage_nfs_state_data(initrc_t)
  	')
@@ -54486,15 +55222,15 @@ index ea29513..787ac51 100644
 +		sysnet_relabelfrom_dhcpc_state(initrc_t)
 +		sysnet_relabelfrom_net_conf(initrc_t)
 +		sysnet_relabelto_net_conf(initrc_t)
-+		sysnet_etc_filetrans_config(initrc_t, resolv.conf)
-+		sysnet_etc_filetrans_config(initrc_t, denyhosts)
-+		sysnet_etc_filetrans_config(initrc_t, hosts)
-+		sysnet_etc_filetrans_config(initrc_t, ethers)
-+		sysnet_etc_filetrans_config(initrc_t, yp.conf)
++		sysnet_etc_filetrans_config(initrc_t, "resolv.conf")
++		sysnet_etc_filetrans_config(initrc_t, "denyhosts")
++		sysnet_etc_filetrans_config(initrc_t, "hosts")
++		sysnet_etc_filetrans_config(initrc_t, "ethers")
++		sysnet_etc_filetrans_config(initrc_t, "yp.conf")
  	')
  
  	optional_policy(`
-@@ -549,6 +790,39 @@ ifdef(`distro_suse',`
+@@ -549,6 +791,39 @@ ifdef(`distro_suse',`
  	')
  ')
  
@@ -54534,7 +55270,7 @@ index ea29513..787ac51 100644
  optional_policy(`
  	amavis_search_lib(initrc_t)
  	amavis_setattr_pid_files(initrc_t)
-@@ -561,6 +835,8 @@ optional_policy(`
+@@ -561,6 +836,8 @@ optional_policy(`
  optional_policy(`
  	apache_read_config(initrc_t)
  	apache_list_modules(initrc_t)
@@ -54543,7 +55279,7 @@ index ea29513..787ac51 100644
  ')
  
  optional_policy(`
-@@ -577,6 +853,7 @@ optional_policy(`
+@@ -577,6 +854,7 @@ optional_policy(`
  
  optional_policy(`
  	cgroup_stream_connect_cgred(initrc_t)
@@ -54551,7 +55287,7 @@ index ea29513..787ac51 100644
  ')
  
  optional_policy(`
-@@ -589,6 +866,11 @@ optional_policy(`
+@@ -589,6 +867,11 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54563,7 +55299,7 @@ index ea29513..787ac51 100644
  	dev_getattr_printer_dev(initrc_t)
  
  	cups_read_log(initrc_t)
-@@ -605,9 +887,13 @@ optional_policy(`
+@@ -605,9 +888,13 @@ optional_policy(`
  	dbus_connect_system_bus(initrc_t)
  	dbus_system_bus_client(initrc_t)
  	dbus_read_config(initrc_t)
@@ -54577,7 +55313,7 @@ index ea29513..787ac51 100644
  	')
  
  	optional_policy(`
-@@ -649,6 +935,11 @@ optional_policy(`
+@@ -649,6 +936,11 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54589,7 +55325,7 @@ index ea29513..787ac51 100644
  	inn_exec_config(initrc_t)
  ')
  
-@@ -706,7 +997,13 @@ optional_policy(`
+@@ -706,7 +998,13 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54603,7 +55339,7 @@ index ea29513..787ac51 100644
  	mta_dontaudit_read_spool_symlinks(initrc_t)
  ')
  
-@@ -729,6 +1026,10 @@ optional_policy(`
+@@ -729,6 +1027,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54614,7 +55350,7 @@ index ea29513..787ac51 100644
  	postgresql_manage_db(initrc_t)
  	postgresql_read_config(initrc_t)
  ')
-@@ -738,10 +1039,20 @@ optional_policy(`
+@@ -738,10 +1040,20 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54635,7 +55371,7 @@ index ea29513..787ac51 100644
  	quota_manage_flags(initrc_t)
  ')
  
-@@ -750,6 +1061,10 @@ optional_policy(`
+@@ -750,6 +1062,10 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54646,7 +55382,7 @@ index ea29513..787ac51 100644
  	fs_write_ramfs_sockets(initrc_t)
  	fs_search_ramfs(initrc_t)
  
-@@ -771,8 +1086,6 @@ optional_policy(`
+@@ -771,8 +1087,6 @@ optional_policy(`
  	# bash tries ioctl for some reason
  	files_dontaudit_ioctl_all_pids(initrc_t)
  
@@ -54655,7 +55391,7 @@ index ea29513..787ac51 100644
  ')
  
  optional_policy(`
-@@ -781,14 +1094,21 @@ optional_policy(`
+@@ -781,14 +1095,21 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54677,7 +55413,7 @@ index ea29513..787ac51 100644
  
  optional_policy(`
  	ssh_dontaudit_read_server_keys(initrc_t)
-@@ -800,7 +1120,6 @@ optional_policy(`
+@@ -800,7 +1121,6 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54685,7 +55421,7 @@ index ea29513..787ac51 100644
  	udev_manage_pid_files(initrc_t)
  	udev_manage_rules_files(initrc_t)
  ')
-@@ -810,11 +1129,24 @@ optional_policy(`
+@@ -810,11 +1130,24 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -54711,7 +55447,7 @@ index ea29513..787ac51 100644
  
  	ifdef(`distro_redhat',`
  		# system-config-services causes avc messages that should be dontaudited
-@@ -824,6 +1156,25 @@ optional_policy(`
+@@ -824,6 +1157,25 @@ optional_policy(`
  	optional_policy(`
  		mono_domtrans(initrc_t)
  	')
@@ -54737,7 +55473,7 @@ index ea29513..787ac51 100644
  ')
  
  optional_policy(`
-@@ -849,3 +1200,42 @@ optional_policy(`
+@@ -849,3 +1201,42 @@ optional_policy(`
  optional_policy(`
  	zebra_read_config(initrc_t)
  ')
@@ -57171,15 +57907,16 @@ index 72c746e..704d2d7 100644
 +/var/run/davfs2(/.*)?		gen_context(system_u:object_r:mount_var_run_t,s0)
 +/var/run/mount(/.*)?		gen_context(system_u:object_r:mount_var_run_t,s0)
 diff --git a/policy/modules/system/mount.if b/policy/modules/system/mount.if
-index 8b5c196..f66d272 100644
+index 8b5c196..ae934cd 100644
 --- a/policy/modules/system/mount.if
 +++ b/policy/modules/system/mount.if
-@@ -16,6 +16,16 @@ interface(`mount_domtrans',`
+@@ -16,6 +16,17 @@ interface(`mount_domtrans',`
  	')
  
  	domtrans_pattern($1, mount_exec_t, mount_t)
 +	mount_domtrans_fusermount($1)
 +	
++	allow $1 mount_t:fd use;
 +	ps_process_pattern(mount_t, $1)
 +
 +ifdef(`hide_broken_symptoms', `
@@ -57191,7 +57928,7 @@ index 8b5c196..f66d272 100644
  ')
  
  ########################################
-@@ -45,8 +55,73 @@ interface(`mount_run',`
+@@ -45,8 +56,73 @@ interface(`mount_run',`
  	role $2 types mount_t;
  
  	optional_policy(`
@@ -57266,7 +58003,7 @@ index 8b5c196..f66d272 100644
  ')
  
  ########################################
-@@ -84,9 +159,11 @@ interface(`mount_exec',`
+@@ -84,9 +160,11 @@ interface(`mount_exec',`
  interface(`mount_signal',`
  	gen_require(`
  		type mount_t;
@@ -57278,7 +58015,7 @@ index 8b5c196..f66d272 100644
  ')
  
  ########################################
-@@ -95,7 +172,7 @@ interface(`mount_signal',`
+@@ -95,7 +173,7 @@ interface(`mount_signal',`
  ## </summary>
  ## <param name="domain">
  ##	<summary>
@@ -57287,7 +58024,7 @@ index 8b5c196..f66d272 100644
  ##	</summary>
  ## </param>
  #
-@@ -135,6 +212,24 @@ interface(`mount_send_nfs_client_request',`
+@@ -135,6 +213,24 @@ interface(`mount_send_nfs_client_request',`
  
  ########################################
  ## <summary>
@@ -57312,7 +58049,7 @@ index 8b5c196..f66d272 100644
  ##	Execute mount in the unconfined mount domain.
  ## </summary>
  ## <param name="domain">
-@@ -176,4 +271,110 @@ interface(`mount_run_unconfined',`
+@@ -176,4 +272,110 @@ interface(`mount_run_unconfined',`
  
  	mount_domtrans_unconfined($1)
  	role $2 types unconfined_mount_t;
@@ -58004,7 +58741,7 @@ index 2cc4bda..167c358 100644
 +/etc/share/selinux/targeted(/.*)?	gen_context(system_u:object_r:semanage_store_t,s0)
 +/etc/share/selinux/mls(/.*)?		gen_context(system_u:object_r:semanage_store_t,s0)
 diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
-index 170e2c7..0aa893a 100644
+index 170e2c7..e64d6e8 100644
 --- a/policy/modules/system/selinuxutil.if
 +++ b/policy/modules/system/selinuxutil.if
 @@ -85,6 +85,10 @@ interface(`seutil_domtrans_loadpolicy',`
@@ -58130,7 +58867,37 @@ index 170e2c7..0aa893a 100644
  	manage_files_pattern($1, selinux_config_t, selinux_config_t)
  	read_lnk_files_pattern($1, selinux_config_t, selinux_config_t)
  ')
-@@ -1005,6 +1086,30 @@ interface(`seutil_domtrans_semanage',`
+@@ -756,6 +837,29 @@ interface(`seutil_read_default_contexts',`
+ 	read_files_pattern($1, default_context_t, default_context_t)
+ ')
+ 
++#######################################
++## <summary>
++##  Read and write the default_contexts files.
++## </summary>
++## <param name="domain">
++##  <summary>
++##  Domain allowed access.
++##  </summary>
++## </param>
++## <rolecap/>
++#
++interface(`seutil_rw_default_contexts',`
++    gen_require(`
++        type default_context_t;
++		type selinux_config_t;
++    ')
++
++    files_search_etc($1)
++    allow $1 selinux_config_t:dir list_dir_perms;
++	allow $1 default_context_t:dir list_dir_perms;
++    rw_files_pattern($1, default_context_t, default_context_t)
++')
++
+ ########################################
+ ## <summary>
+ ##	Create, read, write, and delete the default_contexts files.
+@@ -1005,6 +1109,30 @@ interface(`seutil_domtrans_semanage',`
  	files_search_usr($1)
  	corecmd_search_bin($1)
  	domtrans_pattern($1, semanage_exec_t, semanage_t)
@@ -58161,7 +58928,7 @@ index 170e2c7..0aa893a 100644
  ')
  
  ########################################
-@@ -1038,6 +1143,54 @@ interface(`seutil_run_semanage',`
+@@ -1038,6 +1166,54 @@ interface(`seutil_run_semanage',`
  
  ########################################
  ## <summary>
@@ -58216,7 +58983,7 @@ index 170e2c7..0aa893a 100644
  ##	Full management of the semanage
  ##	module store.
  ## </summary>
-@@ -1149,3 +1302,194 @@ interface(`seutil_dontaudit_libselinux_linked',`
+@@ -1149,3 +1325,194 @@ interface(`seutil_dontaudit_libselinux_linked',`
  	selinux_dontaudit_get_fs_mount($1)
  	seutil_dontaudit_read_config($1)
  ')
@@ -59177,7 +59944,7 @@ index ff80d0a..95e705c 100644
 +	role_transition $1 dhcpc_exec_t system_r;
 +')
 diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
-index df32316..5dfe875 100644
+index df32316..14df5cf 100644
 --- a/policy/modules/system/sysnetwork.te
 +++ b/policy/modules/system/sysnetwork.te
 @@ -5,6 +5,13 @@ policy_module(sysnetwork, 1.11.1)
@@ -59289,7 +60056,7 @@ index df32316..5dfe875 100644
  userdom_dontaudit_search_user_home_dirs(dhcpc_t)
  
  ifdef(`distro_redhat', `
-@@ -155,6 +173,14 @@ optional_policy(`
+@@ -155,6 +173,15 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -59297,6 +60064,7 @@ index df32316..5dfe875 100644
 +')
 +
 +optional_policy(`
++	devicekit_dontaudit_rw_log(dhcpc_t)
 +	devicekit_dontaudit_read_pid_files(dhcpc_t)
 +')
 +
@@ -59304,7 +60072,7 @@ index df32316..5dfe875 100644
  	init_dbus_chat_script(dhcpc_t)
  
  	dbus_system_bus_client(dhcpc_t)
-@@ -171,6 +197,8 @@ optional_policy(`
+@@ -171,6 +198,8 @@ optional_policy(`
  
  optional_policy(`
  	hal_dontaudit_rw_dgram_sockets(dhcpc_t)
@@ -59313,7 +60081,7 @@ index df32316..5dfe875 100644
  ')
  
  optional_policy(`
-@@ -192,6 +220,17 @@ optional_policy(`
+@@ -192,6 +221,17 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -59331,7 +60099,7 @@ index df32316..5dfe875 100644
  	nis_read_ypbind_pid(dhcpc_t)
  ')
  
-@@ -213,6 +252,10 @@ optional_policy(`
+@@ -213,6 +253,10 @@ optional_policy(`
  optional_policy(`
  	seutil_sigchld_newrole(dhcpc_t)
  	seutil_dontaudit_search_config(dhcpc_t)
@@ -59342,7 +60110,7 @@ index df32316..5dfe875 100644
  ')
  
  optional_policy(`
-@@ -276,8 +319,11 @@ dev_read_urand(ifconfig_t)
+@@ -276,8 +320,11 @@ dev_read_urand(ifconfig_t)
  
  domain_use_interactive_fds(ifconfig_t)
  
@@ -59354,7 +60122,7 @@ index df32316..5dfe875 100644
  
  fs_getattr_xattr_fs(ifconfig_t)
  fs_search_auto_mountpoints(ifconfig_t)
-@@ -301,11 +347,12 @@ logging_send_syslog_msg(ifconfig_t)
+@@ -301,11 +348,12 @@ logging_send_syslog_msg(ifconfig_t)
  
  miscfiles_read_localization(ifconfig_t)
  
@@ -59369,7 +60137,7 @@ index df32316..5dfe875 100644
  userdom_use_all_users_fds(ifconfig_t)
  
  ifdef(`distro_ubuntu',`
-@@ -314,7 +361,14 @@ ifdef(`distro_ubuntu',`
+@@ -314,7 +362,14 @@ ifdef(`distro_ubuntu',`
  	')
  ')
  
@@ -59384,7 +60152,7 @@ index df32316..5dfe875 100644
  	optional_policy(`
  		dev_dontaudit_rw_cardmgr(ifconfig_t)
  	')
-@@ -325,12 +379,31 @@ ifdef(`hide_broken_symptoms',`
+@@ -325,12 +380,31 @@ ifdef(`hide_broken_symptoms',`
  ')
  
  optional_policy(`
@@ -59416,7 +60184,7 @@ index df32316..5dfe875 100644
  ')
  
  optional_policy(`
-@@ -355,3 +428,9 @@ optional_policy(`
+@@ -355,3 +429,9 @@ optional_policy(`
  	xen_append_log(ifconfig_t)
  	xen_dontaudit_rw_unix_stream_sockets(ifconfig_t)
  ')
@@ -59448,10 +60216,10 @@ index 0000000..c7476cb
 +
 diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
 new file mode 100644
-index 0000000..71398e5
+index 0000000..c59c37c
 --- /dev/null
 +++ b/policy/modules/system/systemd.if
-@@ -0,0 +1,246 @@
+@@ -0,0 +1,248 @@
 +## <summary>SELinux policy for systemd components</summary>
 +
 +#######################################
@@ -59483,6 +60251,8 @@ index 0000000..71398e5
 +	role system_r types $1_systemctl_t;
 +
 +	domtrans_pattern($1_t, systemd_systemctl_exec_t , $1_systemctl_t)
++
++	init_use_fds($1_t)
 +')
 +
 +########################################
@@ -59912,7 +60682,7 @@ index 0291685..7e94f4b 100644
 +/var/run/libgpod(/.*)?	        gen_context(system_u:object_r:udev_var_run_t,s0)    
 +/var/run/udev(/.*)?		gen_context(system_u:object_r:udev_var_run_t,s0)
 diff --git a/policy/modules/system/udev.if b/policy/modules/system/udev.if
-index 025348a..4e2ca03 100644
+index 025348a..c15e57c 100644
 --- a/policy/modules/system/udev.if
 +++ b/policy/modules/system/udev.if
 @@ -34,6 +34,7 @@ interface(`udev_domtrans',`
@@ -60024,7 +60794,7 @@ index 025348a..4e2ca03 100644
  ')
  
  ########################################
-@@ -228,6 +264,65 @@ interface(`udev_manage_pid_files',`
+@@ -228,6 +264,84 @@ interface(`udev_manage_pid_files',`
  		type udev_var_run_t;
  	')
  
@@ -60059,6 +60829,25 @@ index 025348a..4e2ca03 100644
 +    role $2 types udev_t;
 +')
 +
++#######################################
++## <summary>
++##	Allow caller to create kobject uevent socket for udev
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++#
++interface(`udev_create_kobject_uevent_socket',`
++	gen_require(`
++		type udev_t;
++		role system_r;
++	')
++
++	allow $1 udev_t:netlink_kobject_uevent_socket create_socket_perms;
++')
++
 +########################################
 +## <summary>
 +##	Create a domain for processes
@@ -61053,7 +61842,7 @@ index db75976..392d1ee 100644
 +HOME_DIR/\.gvfs(/.*)?	<<none>>
 +HOME_DIR/\.debug(/.*)?	<<none>>
 diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
-index 28b88de..73fd082 100644
+index 28b88de..66557b6 100644
 --- a/policy/modules/system/userdomain.if
 +++ b/policy/modules/system/userdomain.if
 @@ -30,8 +30,9 @@ template(`userdom_base_user_template',`
@@ -62334,7 +63123,14 @@ index 28b88de..73fd082 100644
  
  	auth_relabel_all_files_except_shadow($1)
  	auth_relabel_shadow($1)
-@@ -1237,6 +1514,7 @@ template(`userdom_security_admin_template',`
+@@ -1234,9 +1511,14 @@ template(`userdom_security_admin_template',`
+ 	logging_read_audit_config($1)
+ 
+ 	seutil_manage_bin_policy($1)
++	seutil_manage_default_contexts($1)
++	seutil_manage_file_contexts($1)
++	seutil_manage_module_store($1)
++	seutil_manage_config($1)
  	seutil_run_checkpolicy($1,$2)
  	seutil_run_loadpolicy($1,$2)
  	seutil_run_semanage($1,$2)
@@ -62342,7 +63138,7 @@ index 28b88de..73fd082 100644
  	seutil_run_setfiles($1, $2)
  
  	optional_policy(`
-@@ -1279,11 +1557,37 @@ template(`userdom_security_admin_template',`
+@@ -1279,11 +1561,37 @@ template(`userdom_security_admin_template',`
  interface(`userdom_user_home_content',`
  	gen_require(`
  		type user_home_t;
@@ -62380,7 +63176,7 @@ index 28b88de..73fd082 100644
  	ubac_constrained($1)
  ')
  
-@@ -1395,6 +1699,7 @@ interface(`userdom_search_user_home_dirs',`
+@@ -1395,6 +1703,7 @@ interface(`userdom_search_user_home_dirs',`
  	')
  
  	allow $1 user_home_dir_t:dir search_dir_perms;
@@ -62388,7 +63184,7 @@ index 28b88de..73fd082 100644
  	files_search_home($1)
  ')
  
-@@ -1441,6 +1746,14 @@ interface(`userdom_list_user_home_dirs',`
+@@ -1441,6 +1750,14 @@ interface(`userdom_list_user_home_dirs',`
  
  	allow $1 user_home_dir_t:dir list_dir_perms;
  	files_search_home($1)
@@ -62403,7 +63199,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -1456,9 +1769,11 @@ interface(`userdom_list_user_home_dirs',`
+@@ -1456,9 +1773,11 @@ interface(`userdom_list_user_home_dirs',`
  interface(`userdom_dontaudit_list_user_home_dirs',`
  	gen_require(`
  		type user_home_dir_t;
@@ -62415,7 +63211,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -1515,10 +1830,10 @@ interface(`userdom_relabelto_user_home_dirs',`
+@@ -1515,10 +1834,10 @@ interface(`userdom_relabelto_user_home_dirs',`
  	allow $1 user_home_dir_t:dir relabelto;
  ')
  
@@ -62428,7 +63224,7 @@ index 28b88de..73fd082 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -1526,19 +1841,55 @@ interface(`userdom_relabelto_user_home_dirs',`
+@@ -1526,19 +1845,55 @@ interface(`userdom_relabelto_user_home_dirs',`
  ##	</summary>
  ## </param>
  #
@@ -62491,7 +63287,7 @@ index 28b88de..73fd082 100644
  ## </summary>
  ## <desc>
  ##	<p>
-@@ -1589,6 +1940,8 @@ interface(`userdom_dontaudit_search_user_home_content',`
+@@ -1589,6 +1944,8 @@ interface(`userdom_dontaudit_search_user_home_content',`
  	')
  
  	dontaudit $1 user_home_t:dir search_dir_perms;
@@ -62500,7 +63296,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -1603,10 +1956,12 @@ interface(`userdom_dontaudit_search_user_home_content',`
+@@ -1603,10 +1960,12 @@ interface(`userdom_dontaudit_search_user_home_content',`
  #
  interface(`userdom_list_user_home_content',`
  	gen_require(`
@@ -62515,7 +63311,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -1649,6 +2004,25 @@ interface(`userdom_delete_user_home_content_dirs',`
+@@ -1649,6 +2008,25 @@ interface(`userdom_delete_user_home_content_dirs',`
  
  ########################################
  ## <summary>
@@ -62541,7 +63337,7 @@ index 28b88de..73fd082 100644
  ##	Do not audit attempts to set the
  ##	attributes of user home files.
  ## </summary>
-@@ -1700,12 +2074,32 @@ interface(`userdom_read_user_home_content_files',`
+@@ -1700,12 +2078,32 @@ interface(`userdom_read_user_home_content_files',`
  		type user_home_dir_t, user_home_t;
  	')
  
@@ -62574,7 +63370,7 @@ index 28b88de..73fd082 100644
  ##	Do not audit attempts to read user home files.
  ## </summary>
  ## <param name="domain">
-@@ -1716,11 +2110,14 @@ interface(`userdom_read_user_home_content_files',`
+@@ -1716,11 +2114,14 @@ interface(`userdom_read_user_home_content_files',`
  #
  interface(`userdom_dontaudit_read_user_home_content_files',`
  	gen_require(`
@@ -62592,7 +63388,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -1779,6 +2176,24 @@ interface(`userdom_delete_user_home_content_files',`
+@@ -1779,6 +2180,24 @@ interface(`userdom_delete_user_home_content_files',`
  
  ########################################
  ## <summary>
@@ -62617,7 +63413,7 @@ index 28b88de..73fd082 100644
  ##	Do not audit attempts to write user home files.
  ## </summary>
  ## <param name="domain">
-@@ -1810,8 +2225,7 @@ interface(`userdom_read_user_home_content_symlinks',`
+@@ -1810,8 +2229,7 @@ interface(`userdom_read_user_home_content_symlinks',`
  		type user_home_dir_t, user_home_t;
  	')
  
@@ -62627,7 +63423,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -1827,20 +2241,14 @@ interface(`userdom_read_user_home_content_symlinks',`
+@@ -1827,20 +2245,14 @@ interface(`userdom_read_user_home_content_symlinks',`
  #
  interface(`userdom_exec_user_home_content_files',`
  	gen_require(`
@@ -62652,7 +63448,7 @@ index 28b88de..73fd082 100644
  
  ########################################
  ## <summary>
-@@ -2008,7 +2416,7 @@ interface(`userdom_user_home_dir_filetrans',`
+@@ -2008,7 +2420,7 @@ interface(`userdom_user_home_dir_filetrans',`
  		type user_home_dir_t;
  	')
  
@@ -62661,7 +63457,7 @@ index 28b88de..73fd082 100644
  	files_search_home($1)
  ')
  
-@@ -2182,7 +2590,7 @@ interface(`userdom_dontaudit_read_user_tmp_files',`
+@@ -2182,7 +2594,7 @@ interface(`userdom_dontaudit_read_user_tmp_files',`
  		type user_tmp_t;
  	')
  
@@ -62670,7 +63466,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -2435,13 +2843,14 @@ interface(`userdom_read_user_tmpfs_files',`
+@@ -2435,13 +2847,14 @@ interface(`userdom_read_user_tmpfs_files',`
  	')
  
  	read_files_pattern($1, user_tmpfs_t, user_tmpfs_t)
@@ -62686,7 +63482,7 @@ index 28b88de..73fd082 100644
  ## </summary>
  ## <param name="domain">
  ##	<summary>
-@@ -2462,26 +2871,6 @@ interface(`userdom_rw_user_tmpfs_files',`
+@@ -2462,26 +2875,6 @@ interface(`userdom_rw_user_tmpfs_files',`
  
  ########################################
  ## <summary>
@@ -62713,7 +63509,7 @@ index 28b88de..73fd082 100644
  ##	Get the attributes of a user domain tty.
  ## </summary>
  ## <param name="domain">
-@@ -2572,6 +2961,24 @@ interface(`userdom_use_user_ttys',`
+@@ -2572,6 +2965,24 @@ interface(`userdom_use_user_ttys',`
  
  ########################################
  ## <summary>
@@ -62738,7 +63534,7 @@ index 28b88de..73fd082 100644
  ##	Read and write a user domain pty.
  ## </summary>
  ## <param name="domain">
-@@ -2590,22 +2997,34 @@ interface(`userdom_use_user_ptys',`
+@@ -2590,22 +3001,34 @@ interface(`userdom_use_user_ptys',`
  
  ########################################
  ## <summary>
@@ -62781,7 +63577,7 @@ index 28b88de..73fd082 100644
  ## </desc>
  ## <param name="domain">
  ##	<summary>
-@@ -2614,14 +3033,33 @@ interface(`userdom_use_user_ptys',`
+@@ -2614,14 +3037,33 @@ interface(`userdom_use_user_ptys',`
  ## </param>
  ## <infoflow type="both" weight="10"/>
  #
@@ -62819,7 +63615,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -2815,7 +3253,7 @@ interface(`userdom_entry_spec_domtrans_unpriv_users',`
+@@ -2815,7 +3257,7 @@ interface(`userdom_entry_spec_domtrans_unpriv_users',`
  
  	domain_entry_file_spec_domtrans($1, unpriv_userdomain)
  	allow unpriv_userdomain $1:fd use;
@@ -62828,7 +63624,7 @@ index 28b88de..73fd082 100644
  	allow unpriv_userdomain $1:process sigchld;
  ')
  
-@@ -2831,11 +3269,13 @@ interface(`userdom_entry_spec_domtrans_unpriv_users',`
+@@ -2831,11 +3273,13 @@ interface(`userdom_entry_spec_domtrans_unpriv_users',`
  #
  interface(`userdom_search_user_home_content',`
  	gen_require(`
@@ -62844,7 +63640,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -2917,7 +3357,7 @@ interface(`userdom_dontaudit_use_user_ptys',`
+@@ -2917,7 +3361,7 @@ interface(`userdom_dontaudit_use_user_ptys',`
  		type user_devpts_t;
  	')
  
@@ -62853,7 +63649,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -2972,7 +3412,45 @@ interface(`userdom_write_user_tmp_files',`
+@@ -2972,7 +3416,45 @@ interface(`userdom_write_user_tmp_files',`
  		type user_tmp_t;
  	')
  
@@ -62900,7 +63696,7 @@ index 28b88de..73fd082 100644
  ')
  
  ########################################
-@@ -3009,6 +3487,7 @@ interface(`userdom_read_all_users_state',`
+@@ -3009,6 +3491,7 @@ interface(`userdom_read_all_users_state',`
  	')
  
  	read_files_pattern($1, userdomain, userdomain)
@@ -62908,7 +63704,7 @@ index 28b88de..73fd082 100644
  	kernel_search_proc($1)
  ')
  
-@@ -3087,6 +3566,24 @@ interface(`userdom_signal_all_users',`
+@@ -3087,6 +3570,24 @@ interface(`userdom_signal_all_users',`
  
  ########################################
  ## <summary>
@@ -62933,7 +63729,7 @@ index 28b88de..73fd082 100644
  ##	Send a SIGCHLD signal to all user domains.
  ## </summary>
  ## <param name="domain">
-@@ -3139,3 +3636,1058 @@ interface(`userdom_dbus_send_all_users',`
+@@ -3139,3 +3640,1058 @@ interface(`userdom_dbus_send_all_users',`
  
  	allow $1 userdomain:dbus send_msg;
  ')
@@ -64193,7 +64989,7 @@ index 77d41b6..4aa96c6 100644
  
  	files_search_pids($1)
 diff --git a/policy/modules/system/xen.te b/policy/modules/system/xen.te
-index 4350ba0..c8b1d3b 100644
+index 4350ba0..e50a784 100644
 --- a/policy/modules/system/xen.te
 +++ b/policy/modules/system/xen.te
 @@ -4,6 +4,7 @@ policy_module(xen, 1.10.1)
@@ -64224,6 +65020,15 @@ index 4350ba0..c8b1d3b 100644
  ########################################
  #
  # blktap local policy
+@@ -208,7 +205,7 @@ tunable_policy(`xend_run_qemu',`
+ # xend local policy
+ #
+ 
+-allow xend_t self:capability { dac_override ipc_lock net_admin setuid sys_nice sys_tty_config net_raw };
++allow xend_t self:capability { dac_override ipc_lock net_admin setuid sys_admin sys_nice sys_tty_config net_raw };
+ dontaudit xend_t self:capability { sys_ptrace };
+ allow xend_t self:process { signal sigkill };
+ dontaudit xend_t self:process ptrace;
 @@ -320,12 +317,9 @@ locallogin_dontaudit_use_fds(xend_t)
  
  logging_send_syslog_msg(xend_t)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 842c69e7..5843030a 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -21,7 +21,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.9.16
-Release: 22%{?dist}
+Release: 23%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -472,6 +472,10 @@ exit 0
 %endif
 
 %changelog
+* Tue May 24 2011 Miroslav Grepl <mgrepl@redhat.com> 3.9.16-23
+- Lot of fixes
+	* http://git.fedorahosted.org/git/?p=selinux-policy.git;a=log
+
 * Thu May 17 2011 Miroslav Grepl <mgrepl@redhat.com> 3.9.16-22
 - Allow logrotate to execute systemctl
 - Allow nsplugin_t to getattr on gpmctl