diff --git a/policy-F14.patch b/policy-F14.patch
index 29d1734..40834ab 100644
--- a/policy-F14.patch
+++ b/policy-F14.patch
@@ -1,3 +1,25 @@
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/Changelog serefpolicy-3.8.1/Changelog
+--- nsaserefpolicy/Changelog	2010-05-27 12:03:30.000000000 -0400
++++ serefpolicy-3.8.1/Changelog	2010-05-26 15:48:20.000000000 -0400
+@@ -13,18 +13,14 @@
+ - SE-Postgresql updates from KaiGai Kohei.
+ - X object manager revisions from Eamon Walsh.
+ - Added modules:
+-	aisexec (Dan Walsh)
+ 	chronyd (Miroslav Grepl)
+ 	cobbler (Dominick Grift)
+-	corosync (Dan Walsh)
+ 	dbadm (KaiGai Kohei)
+ 	denyhosts (Dan Walsh)
+ 	nut (Stefan Schulze Frielinghaus, Miroslav Grepl)
+ 	likewise (Scott Salley)
+ 	plymouthd (Dan Walsh)
+ 	pyicqt (Stefan Schulze Frielinghaus)
+-	rhcs (Dan Walsh)
+-	rgmanager (Dan Walsh)
+ 	sectoolm (Miroslav Grepl)
+ 	usbmuxd (Dan Walsh)
+ 	vhostmd (Dan Walsh)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/Makefile serefpolicy-3.8.1/Makefile
 --- nsaserefpolicy/Makefile	2009-08-18 11:41:14.000000000 -0400
 +++ serefpolicy-3.8.1/Makefile	2010-05-26 16:28:29.000000000 -0400
@@ -404,6 +426,31 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kismet.
  userdom_user_home_dir_filetrans(kismet_t, kismet_home_t, { file dir })
  
  manage_files_pattern(kismet_t, kismet_log_t, kismet_log_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/kudzu.te serefpolicy-3.8.1/policy/modules/admin/kudzu.te
+--- nsaserefpolicy/policy/modules/admin/kudzu.te	2010-05-27 12:03:30.000000000 -0400
++++ serefpolicy-3.8.1/policy/modules/admin/kudzu.te	2010-05-26 15:48:20.000000000 -0400
+@@ -65,6 +65,11 @@
+ mls_file_read_all_levels(kudzu_t)
+ mls_file_write_all_levels(kudzu_t)
+ 
++modutils_read_module_deps(kudzu_t)
++modutils_read_module_config(kudzu_t)
++modutils_rename_module_config(kudzu_t)
++modutils_delete_module_config(kudzu_t)
++
+ storage_read_scsi_generic(kudzu_t)
+ storage_read_tape(kudzu_t)
+ storage_raw_write_fixed_disk(kudzu_t)
+@@ -113,9 +118,6 @@
+ miscfiles_read_localization(kudzu_t)
+ 
+ modutils_read_module_config(kudzu_t)
+-modutils_read_module_deps(kudzu_t)
+-modutils_rename_module_config(kudzu_t)
+-modutils_delete_module_config(kudzu_t)
+ modutils_domtrans_insmod(kudzu_t)
+ 
+ sysnet_read_config(kudzu_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/admin/logrotate.te serefpolicy-3.8.1/policy/modules/admin/logrotate.te
 --- nsaserefpolicy/policy/modules/admin/logrotate.te	2010-05-25 16:28:22.000000000 -0400
 +++ serefpolicy-3.8.1/policy/modules/admin/logrotate.te	2010-05-26 16:28:29.000000000 -0400
@@ -9302,7 +9349,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/staff.t
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/sysadm.te serefpolicy-3.8.1/policy/modules/roles/sysadm.te
 --- nsaserefpolicy/policy/modules/roles/sysadm.te	2010-02-17 10:37:39.000000000 -0500
-+++ serefpolicy-3.8.1/policy/modules/roles/sysadm.te	2010-05-26 16:28:29.000000000 -0400
++++ serefpolicy-3.8.1/policy/modules/roles/sysadm.te	2010-05-27 15:58:50.000000000 -0400
 @@ -28,17 +28,29 @@
  
  corecmd_exec_shell(sysadm_t)
@@ -10333,8 +10380,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfi
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfineduser.te serefpolicy-3.8.1/policy/modules/roles/unconfineduser.te
 --- nsaserefpolicy/policy/modules/roles/unconfineduser.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.8.1/policy/modules/roles/unconfineduser.te	2010-05-26 16:28:29.000000000 -0400
-@@ -0,0 +1,435 @@
++++ serefpolicy-3.8.1/policy/modules/roles/unconfineduser.te	2010-05-27 16:00:32.000000000 -0400
+@@ -0,0 +1,439 @@
 +policy_module(unconfineduser, 1.0.0)
 +
 +########################################
@@ -10476,6 +10523,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/unconfi
 +	')
 +
 +	optional_policy(`
++		certmonger_dbus_chat(unconfined_usertype)
++	')
++
++	optional_policy(`
 +		devicekit_dbus_chat(unconfined_usertype)
 +		devicekit_dbus_chat_disk(unconfined_usertype)
 +		devicekit_dbus_chat_power(unconfined_usertype)
@@ -13076,6 +13127,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ccs.
 +optional_policy(`
  	unconfined_use_fds(ccs_t)
  ')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/certmonger.te serefpolicy-3.8.1/policy/modules/services/certmonger.te
+--- nsaserefpolicy/policy/modules/services/certmonger.te	2010-05-25 16:28:22.000000000 -0400
++++ serefpolicy-3.8.1/policy/modules/services/certmonger.te	2010-05-27 15:59:41.000000000 -0400
+@@ -69,5 +69,5 @@
+ ')
+ 
+ optional_policy(`
+-	unconfined_dbus_send(certmonger_t)
++	pcscd_stream_connect(certmonger_t)
+ ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cgroup.fc serefpolicy-3.8.1/policy/modules/services/cgroup.fc
 --- nsaserefpolicy/policy/modules/services/cgroup.fc	1969-12-31 19:00:00.000000000 -0500
 +++ serefpolicy-3.8.1/policy/modules/services/cgroup.fc	2010-05-26 16:28:29.000000000 -0400
@@ -15773,6 +15834,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hal.
  ########################################
  #
  # Local hald dccm policy
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/hddtemp.te serefpolicy-3.8.1/policy/modules/services/hddtemp.te
+--- nsaserefpolicy/policy/modules/services/hddtemp.te	2009-09-09 09:23:16.000000000 -0400
++++ serefpolicy-3.8.1/policy/modules/services/hddtemp.te	2010-05-27 14:54:40.000000000 -0400
+@@ -27,6 +27,7 @@
+ corenet_tcp_bind_all_nodes(hddtemp_t)
+ corenet_tcp_bind_hddtemp_port(hddtemp_t)
+ 
++files_read_etc_files(hddtemp_t)
+ # read hddtemp db file
+ files_read_usr_files(hddtemp_t)
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.te serefpolicy-3.8.1/policy/modules/services/inn.te
 --- nsaserefpolicy/policy/modules/services/inn.te	2009-08-14 16:14:31.000000000 -0400
 +++ serefpolicy-3.8.1/policy/modules/services/inn.te	2010-05-26 16:28:29.000000000 -0400
@@ -18921,8 +18993,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rgma
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rgmanager.te serefpolicy-3.8.1/policy/modules/services/rgmanager.te
 --- nsaserefpolicy/policy/modules/services/rgmanager.te	2010-05-25 16:28:22.000000000 -0400
-+++ serefpolicy-3.8.1/policy/modules/services/rgmanager.te	2010-05-26 16:28:29.000000000 -0400
-@@ -60,7 +60,9 @@
++++ serefpolicy-3.8.1/policy/modules/services/rgmanager.te	2010-05-27 15:25:30.000000000 -0400
+@@ -18,6 +18,9 @@
+ domain_type(rgmanager_t)
+ init_daemon_domain(rgmanager_t, rgmanager_exec_t)
+ 
++type rgmanager_initrc_exec_t;
++init_script_file(rgmanager_initrc_exec_t)
++
+ type rgmanager_tmp_t;
+ files_tmp_file(rgmanager_tmp_t)
+ 
+@@ -60,7 +63,9 @@
  manage_sock_files_pattern(rgmanager_t, rgmanager_var_run_t, rgmanager_var_run_t)
  files_pid_filetrans(rgmanager_t, rgmanager_var_run_t, { file sock_file })
  
@@ -18932,7 +19014,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rgma
  kernel_read_system_state(rgmanager_t)
  kernel_rw_rpc_sysctls(rgmanager_t)
  kernel_search_debugfs(rgmanager_t)
-@@ -79,14 +81,19 @@
+@@ -79,14 +84,19 @@
  domain_getattr_all_domains(rgmanager_t)
  domain_dontaudit_ptrace_all_domains(rgmanager_t)
  
@@ -18953,7 +19035,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/rgma
  storage_getattr_fixed_disk_dev(rgmanager_t)
  
  term_getattr_pty_fs(rgmanager_t)
-@@ -141,6 +148,11 @@
+@@ -141,6 +151,11 @@
  ')
  
  optional_policy(`
@@ -21416,7 +21498,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xserver.if serefpolicy-3.8.1/policy/modules/services/xserver.if
 --- nsaserefpolicy/policy/modules/services/xserver.if	2010-02-12 10:33:09.000000000 -0500
-+++ serefpolicy-3.8.1/policy/modules/services/xserver.if	2010-05-26 16:28:29.000000000 -0400
++++ serefpolicy-3.8.1/policy/modules/services/xserver.if	2010-05-27 15:12:11.000000000 -0400
 @@ -19,9 +19,10 @@
  interface(`xserver_restricted_role',`
  	gen_require(`
@@ -21545,7 +21627,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/xser
  	# dont audit send failures
  	dontaudit $2 input_xevent_type:x_event send;
 +
-+	allow $2 xdm_t:x_drawable { read add_child };
++	allow $2 xdm_t:x_drawable { hide read add_child manage };
 +	allow $2 xdm_t:x_client destroy;
 +
 +	allow $2 root_xdrawable_t:x_drawable write;