Rpcbind patch from Dan Walsh.

policy/modules/services/rpcbind.if

@@ -18,6 +18,26 @@ interface(`rpcbind_domtrans',`
 	domtrans_pattern($1, rpcbind_exec_t, rpcbind_t)
 ')
 
+########################################
+## <summary>
+##	Connect to rpcbindd over an unix stream socket.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`rpcbind_stream_connect',`
+	gen_require(`
+		type rpcbind_t, rpcbind_var_run_t;
+	')
+
+	files_search_pids($1)
+	allow $1 rpcbind_var_run_t:sock_file write;
+	allow $1 rpcbind_t:unix_stream_socket connectto;
+')
+
 ########################################
 ## <summary>
 ##	Read rpcbind PID files.
@@ -97,7 +117,7 @@ interface(`rpcbind_manage_lib_files',`
 
 ########################################
 ## <summary>
-##	All of the rules required to administrate 
+##	All of the rules required to administrate
 ##	an rpcbind environment
 ## </summary>
 ## <param name="domain">

policy/modules/services/rpcbind.te

@@ -1,5 +1,5 @@
 
-policy_module(rpcbind, 1.4.0)
+policy_module(rpcbind, 1.4.1)
 
 ########################################
 #
@@ -42,6 +42,7 @@ files_var_lib_filetrans(rpcbind_t, rpcbind_var_lib_t, { file dir sock_file })
 
 kernel_read_system_state(rpcbind_t)
 kernel_read_network_state(rpcbind_t)
+kernel_request_load_module(rpcbind_t)
 
 corenet_all_recvfrom_unlabeled(rpcbind_t)
 corenet_all_recvfrom_netlabel(rpcbind_t)