diff --git a/policy-20070703.patch b/policy-20070703.patch
index acc03bf..3d87e34 100644
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@@ -3546,7 +3546,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mono.te 
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/mozilla.if serefpolicy-3.0.8/policy/modules/apps/mozilla.if
 --- nsaserefpolicy/policy/modules/apps/mozilla.if	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/apps/mozilla.if	2008-05-13 09:40:42.560450000 -0400
++++ serefpolicy-3.0.8/policy/modules/apps/mozilla.if	2008-05-13 09:40:42.000000000 -0400
 @@ -36,6 +36,8 @@
  	gen_require(`
  		type mozilla_conf_t, mozilla_exec_t;
@@ -8506,7 +8506,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cons
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/consolekit.te serefpolicy-3.0.8/policy/modules/services/consolekit.te
 --- nsaserefpolicy/policy/modules/services/consolekit.te	2007-10-22 13:21:39.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/consolekit.te	2008-04-04 16:11:03.000000000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/consolekit.te	2008-05-19 13:51:36.771603000 -0400
 @@ -10,7 +10,6 @@
  type consolekit_exec_t;
  init_daemon_domain(consolekit_t, consolekit_exec_t)
@@ -8550,7 +8550,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cons
  optional_policy(`
  	dbus_system_bus_client_template(consolekit, consolekit_t)
  	dbus_send_system_bus(consolekit_t)
-@@ -62,9 +71,23 @@
+@@ -62,9 +71,31 @@
  	optional_policy(`
  		unconfined_dbus_chat(consolekit_t)
  	')
@@ -8571,9 +8571,17 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cons
 +
 +optional_policy(`
 +	userdom_read_user_tmp_files(user,consolekit_t)
- ')
++')
 +
++tunable_policy(`use_nfs_home_dirs',`
++	fs_dontaudit_list_nfs(consolekit_t)
++	fs_dontaudit_rw_nfs_files(consolekit_t)
++')
 +
++tunable_policy(`use_samba_home_dirs',`
++	fs_dontaudit_list_cifs(consolekit_t)
++	fs_dontaudit_rw_cifs_files(consolekit_t)
+ ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/courier.te serefpolicy-3.0.8/policy/modules/services/courier.te
 --- nsaserefpolicy/policy/modules/services/courier.te	2007-10-22 13:21:39.000000000 -0400
 +++ serefpolicy-3.0.8/policy/modules/services/courier.te	2008-04-04 16:11:03.000000000 -0400
@@ -11215,7 +11223,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inet
  ')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/inn.if serefpolicy-3.0.8/policy/modules/services/inn.if
 --- nsaserefpolicy/policy/modules/services/inn.if	2007-10-22 13:21:36.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/services/inn.if	2008-05-13 11:43:47.632772000 -0400
++++ serefpolicy-3.0.8/policy/modules/services/inn.if	2008-05-13 11:43:47.000000000 -0400
 @@ -54,8 +54,7 @@
  	')
  
@@ -18992,7 +19000,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlo
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/authlogin.te serefpolicy-3.0.8/policy/modules/system/authlogin.te
 --- nsaserefpolicy/policy/modules/system/authlogin.te	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/authlogin.te	2008-05-13 14:26:59.442650000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/authlogin.te	2008-05-13 14:26:59.000000000 -0400
 @@ -9,6 +9,13 @@
  attribute can_read_shadow_passwords;
  attribute can_write_shadow_passwords;
@@ -19315,7 +19323,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/fuserm
 +
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/getty.fc serefpolicy-3.0.8/policy/modules/system/getty.fc
 --- nsaserefpolicy/policy/modules/system/getty.fc	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/getty.fc	2008-05-13 11:24:02.635908000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/getty.fc	2008-05-13 11:24:02.000000000 -0400
 @@ -8,5 +8,5 @@
  
  /var/run/mgetty\.pid.*	--	gen_context(system_u:object_r:getty_var_run_t,s0)
@@ -19387,7 +19395,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hotplu
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.if serefpolicy-3.0.8/policy/modules/system/init.if
 --- nsaserefpolicy/policy/modules/system/init.if	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/init.if	2008-05-13 14:35:09.563203000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/init.if	2008-05-13 14:35:09.000000000 -0400
 @@ -211,6 +211,21 @@
  			kernel_dontaudit_use_fds($1)
  		')
@@ -20016,7 +20024,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/ipsec.
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/iptables.te serefpolicy-3.0.8/policy/modules/system/iptables.te
 --- nsaserefpolicy/policy/modules/system/iptables.te	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/iptables.te	2008-05-13 13:29:53.001644000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/iptables.te	2008-05-13 13:29:53.000000000 -0400
 @@ -64,13 +64,14 @@
  init_use_script_ptys(iptables_t)
  # to allow rules to be saved on reboot:
@@ -23197,7 +23205,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo
  /tmp/gconfd-USER -d	gen_context(system_u:object_r:ROLE_tmp_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.0.8/policy/modules/system/userdomain.if
 --- nsaserefpolicy/policy/modules/system/userdomain.if	2007-10-22 13:21:40.000000000 -0400
-+++ serefpolicy-3.0.8/policy/modules/system/userdomain.if	2008-05-13 11:36:47.155727000 -0400
++++ serefpolicy-3.0.8/policy/modules/system/userdomain.if	2008-05-13 11:36:47.000000000 -0400
 @@ -29,8 +29,9 @@
  	')
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index cc55659..1542ebf 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.8
-Release: 103%{?dist}
+Release: 104%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -380,9 +380,12 @@ exit 0
 
 %endif
 
-%changelog
+%changelog-
+* Mon May 19 2008 Dan Walsh <dwalsh@redhat.com> 3.0.8-104
+- Dontaudit reading of nfs by consolekit
+
 * Tue May 13 2008 Dan Walsh <dwalsh@redhat.com> 3.0.8-103
--Fix labeling on /var/spool/fax and /var/spool/voice
+Fix labeling on /var/spool/fax and /var/spool/voice
 
 * Mon May 7 2008 Dan Walsh <dwalsh@redhat.com> 3.0.8-102
 - Allow pam_console to setattr on cpu_device_t