++##
++## Allow tor daemon to bind
++## tcp sockets to all unreserved ports.
++##
++##
++gen_tunable(tor_bind_all_unreserved_ports, false)
++
+ type tor_t;
+ type tor_exec_t;
+ init_daemon_domain(tor_t, tor_exec_t)
+@@ -89,6 +97,7 @@
files_read_etc_files(tor_t)
files_read_etc_runtime_files(tor_t)
@@ -24452,6 +24668,14 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
auth_use_nsswitch(tor_t)
+@@ -97,3 +106,7 @@
+ optional_policy(`
+ seutil_sigchld_newrole(tor_t)
+ ')
++
++tunable_policy(`tor_bind_all_unreserved_ports', `
++ corenet_tcp_bind_all_unreserved_ports(tor_t)
++')
diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/tuned.fc serefpolicy-3.6.32/policy/modules/services/tuned.fc
--- nsaserefpolicy/policy/modules/services/tuned.fc 1969-12-31 19:00:00.000000000 -0500
+++ serefpolicy-3.6.32/policy/modules/services/tuned.fc 2009-12-03 13:45:11.000000000 -0500
@@ -24706,6 +24930,294 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
')
optional_policy(`
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vhostmd.fc serefpolicy-3.6.32/policy/modules/services/vhostmd.fc
+--- nsaserefpolicy/policy/modules/services/vhostmd.fc 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy-3.6.32/policy/modules/services/vhostmd.fc 2009-12-06 11:17:52.000000000 -0500
+@@ -0,0 +1,6 @@
++
++/usr/sbin/vhostmd -- gen_context(system_u:object_r:vhostmd_exec_t,s0)
++
++/etc/rc.d/init.d/vhostmd -- gen_context(system_u:object_r:vhostmd_initrc_exec_t,s0)
++/var/run/vhostmd.pid -- gen_context(system_u:object_r:vhostmd_var_run_t,s0)
++
+diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vhostmd.if serefpolicy-3.6.32/policy/modules/services/vhostmd.if
+--- nsaserefpolicy/policy/modules/services/vhostmd.if 1969-12-31 19:00:00.000000000 -0500
++++ serefpolicy-3.6.32/policy/modules/services/vhostmd.if 2009-12-06 11:17:52.000000000 -0500
+@@ -0,0 +1,191 @@
++
++##