diff --git a/policy-20090105.patch b/policy-20090105.patch
index be66cd6d..d88174ac 100644
--- a/policy-20090105.patch
+++ b/policy-20090105.patch
@@ -9979,7 +9979,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cron.te serefpolicy-3.6.8/policy/modules/services/cron.te
 --- nsaserefpolicy/policy/modules/services/cron.te	2009-01-19 11:06:49.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/services/cron.te	2009-03-10 15:56:54.000000000 -0400
++++ serefpolicy-3.6.8/policy/modules/services/cron.te	2009-03-11 16:24:13.000000000 -0400
 @@ -38,6 +38,10 @@
  type cron_var_lib_t;
  files_type(cron_var_lib_t)
@@ -10005,12 +10005,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  
  type crond_var_run_t;
  files_pid_file(crond_var_run_t)
-@@ -70,10 +79,11 @@
- typealias admin_crontab_tmp_t alias sysadm_crontab_tmp_t;
- 
- cron_common_crontab_template(crontab)
--typealias crontab_t alias { user_crontab_t staff_crontab_t };
-+typealias crontab_t alias { user_crontab_t staff_crontab_t unconfined_crontab_t };
+@@ -74,6 +83,7 @@
  typealias crontab_t alias { auditadm_crontab_t secadm_crontab_t };
  typealias crontab_tmp_t alias { user_crontab_tmp_t staff_crontab_tmp_t };
  typealias crontab_tmp_t alias { auditadm_crontab_tmp_t secadm_crontab_tmp_t };
@@ -28112,7 +28107,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/unconfined.te serefpolicy-3.6.8/policy/modules/system/unconfined.te
 --- nsaserefpolicy/policy/modules/system/unconfined.te	2008-11-11 16:13:48.000000000 -0500
-+++ serefpolicy-3.6.8/policy/modules/system/unconfined.te	2009-03-11 15:44:23.000000000 -0400
++++ serefpolicy-3.6.8/policy/modules/system/unconfined.te	2009-03-11 16:24:23.000000000 -0400
 @@ -5,6 +5,35 @@
  #
  # Declarations
diff --git a/selinux-policy.spec b/selinux-policy.spec
index f872b20e..0243b94e 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.6.8
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -368,9 +368,6 @@ SELinux Reference policy minimum base module.
 if [ $1 -eq 1 ]; then
 %loadminpolicy minimum
 semanage -S minimum -i - << __eof
-user -a -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u 
-__eof
-semanage -S minimum -i - << __eof
 login -m  -s unconfined_u -r s0-s0:c0.c1023 __default__
 login -m  -s unconfined_u -r s0-s0:c0.c1023 root
 __eof
@@ -447,6 +444,10 @@ exit 0
 %endif
 
 %changelog
+* Tue Mar 10 2009 Dan Walsh <dwalsh@redhat.com> 3.6.8-4
+- Fixes for iscsid and sssd
+- More cleanups for upgrade from F10 to Rawhide.
+
 * Mon Mar 9 2009 Dan Walsh <dwalsh@redhat.com> 3.6.8-3
 - Add pulseaudio, sssd policy
 - Allow networkmanager to exec udevadm