diff --git a/.cvsignore b/.cvsignore
index ef4def8..23f8547 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -201,3 +201,4 @@ serefpolicy-3.7.7.tgz
 serefpolicy-3.7.8.tgz
 setroubleshoot-2.2.58.tar.gz
 serefpolicy-3.7.9.tgz
+serefpolicy-3.7.11.tgz
diff --git a/modules-mls.conf b/modules-mls.conf
index 45a9536..c966444 100644
--- a/modules-mls.conf
+++ b/modules-mls.conf
@@ -742,6 +742,13 @@ kdump = module
 kdumpgui = module
 
 # Layer: services
+# Module: ksmtuned
+#
+#  Kernel Samepage Merging (KSM) Tuning Daemon
+# 
+ksmtuned = module
+
+# Layer: services
 # Module: kerberos
 #
 # MIT Kerberos admin and KDC
diff --git a/policy-F13.patch b/policy-F13.patch
index cb381ef..36b088e 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -11000,6 +11000,13 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amav
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/amavis.te serefpolicy-3.7.11/policy/modules/services/amavis.te
 --- nsaserefpolicy/policy/modules/services/amavis.te	2010-03-04 11:17:25.000000000 -0500
 +++ serefpolicy-3.7.11/policy/modules/services/amavis.te	2010-03-03 23:48:01.000000000 -0500
+@@ -1,5 +1,5 @@
+ 
+-policy_module(amavis, 1.10.2)
++policy_module(amavis, 1.10.1)
+ 
+ ########################################
+ #
 @@ -138,11 +138,13 @@
  
  auth_dontaudit_read_shadow(amavis_t)
@@ -12738,9 +12745,168 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +typealias httpd_sys_script_t      alias httpd_fastcgi_script_t;
 +typealias httpd_var_run_t         alias httpd_fastcgi_var_run_t;
 +
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcupsd.if serefpolicy-3.7.11/policy/modules/services/apcupsd.if
+--- nsaserefpolicy/policy/modules/services/apcupsd.if	2010-03-04 11:17:25.000000000 -0500
++++ serefpolicy-3.7.11/policy/modules/services/apcupsd.if	2010-03-03 23:27:42.000000000 -0500
+@@ -15,30 +15,11 @@
+ 		type apcupsd_t, apcupsd_exec_t;
+ 	')
+ 
+-	corecmd_search_bin($1)
+ 	domtrans_pattern($1, apcupsd_exec_t, apcupsd_t)
+ ')
+ 
+ ########################################
+ ## <summary>
+-##	Execute apcupsd server in the apcupsd domain.
+-## </summary>
+-## <param name="domain">
+-##	<summary>
+-##	Domain allowed access.
+-##	</summary>
+-## </param>
+-#
+-interface(`apcupsd_initrc_domtrans',`
+-	gen_require(`
+-		type apcupsd_initrc_exec_t;
+-	')
+-
+-	init_labeled_script_domtrans($1, apcupsd_initrc_exec_t)
+-')
+-
+-########################################
+-## <summary>
+ ##	Read apcupsd PID files.
+ ## </summary>
+ ## <param name="domain">
+@@ -113,11 +94,6 @@
+ 		type httpd_apcupsd_cgi_script_t, httpd_apcupsd_cgi_script_exec_t;
+ 	')
+ 
+-	optional_policy(`
+-		apache_search_sys_content($1)
+-	')
+-
+-	files_search_var($1)
+ 	domtrans_pattern($1, httpd_apcupsd_cgi_script_exec_t, httpd_apcupsd_cgi_script_t)
+ ')
+ 
+@@ -142,14 +118,13 @@
+ 	gen_require(`
+ 		type apcupsd_t, apcupsd_tmp_t;
+ 		type apcupsd_log_t, apcupsd_lock_t;
+-		type apcupsd_var_run_t;
+-		type apcupsd_initrc_exec_t;
++		type apcupsd_var_run_t, apcupsd_initrc_exec_t;
+ 	')
+ 
+ 	allow $1 apcupsd_t:process { ptrace signal_perms };
+ 	ps_process_pattern($1, apcupsd_t)
+ 
+-	apcupsd_initrc_domtrans($1, apcupsd_initrc_exec_t)
++	init_labeled_script_domtrans($1, apcupsd_initrc_exec_t)
+ 	domain_system_change_exemption($1)
+ 	role_transition $2 apcupsd_initrc_exec_t system_r;
+ 	allow $2 system_r;
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apcupsd.te serefpolicy-3.7.11/policy/modules/services/apcupsd.te
+--- nsaserefpolicy/policy/modules/services/apcupsd.te	2010-03-04 11:17:25.000000000 -0500
++++ serefpolicy-3.7.11/policy/modules/services/apcupsd.te	2010-03-03 23:27:41.000000000 -0500
+@@ -1,5 +1,5 @@
+ 
+-policy_module(apcupsd, 1.6.1)
++policy_module(apcupsd, 1.6.0)
+ 
+ ########################################
+ #
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apm.te serefpolicy-3.7.11/policy/modules/services/apm.te
+--- nsaserefpolicy/policy/modules/services/apm.te	2010-03-04 11:17:25.000000000 -0500
++++ serefpolicy-3.7.11/policy/modules/services/apm.te	2010-03-03 23:48:01.000000000 -0500
+@@ -1,5 +1,5 @@
+ 
+-policy_module(apm, 1.10.2)
++policy_module(apm, 1.10.1)
+ 
+ ########################################
+ #
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpwatch.if serefpolicy-3.7.11/policy/modules/services/arpwatch.if
+--- nsaserefpolicy/policy/modules/services/arpwatch.if	2010-03-04 11:17:25.000000000 -0500
++++ serefpolicy-3.7.11/policy/modules/services/arpwatch.if	2010-03-03 23:27:40.000000000 -0500
+@@ -2,24 +2,6 @@
+ 
+ ########################################
+ ## <summary>
+-##	Execute arpwatch server in the arpwatch domain.
+-## </summary>
+-## <param name="domain">
+-##	<summary>
+-##	Domain allowed access.
+-##	</summary>
+-## </param>
+-#
+-interface(`arpwatch_initrc_domtrans',`
+-	gen_require(`
+-		type arpwatch_initrc_exec_t;
+-	')
+-
+-	init_labeled_script_domtrans($1, arpwatch_initrc_exec_t)
+-')
+-
+-########################################
+-## <summary>
+ ##	Search arpwatch's data file directories.
+ ## </summary>
+ ## <param name="domain">
+@@ -33,7 +15,6 @@
+ 		type arpwatch_data_t;
+ 	')
+ 
+-	files_search_var_lib($1)
+ 	allow $1 arpwatch_data_t:dir search_dir_perms;
+ ')
+ 
+@@ -52,7 +33,6 @@
+ 		type arpwatch_data_t;
+ 	')
+ 
+-	files_search_var_lib($1)
+ 	manage_files_pattern($1, arpwatch_data_t, arpwatch_data_t)
+ ')
+ 
+@@ -71,7 +51,6 @@
+ 		type arpwatch_tmp_t;
+ 	')
+ 
+-	files_search_tmp($1)
+ 	allow $1 arpwatch_tmp_t:file rw_file_perms;
+ ')
+ 
+@@ -90,7 +69,6 @@
+ 		type arpwatch_tmp_t;
+ 	')
+ 
+-	files_search_tmp($1)
+ 	allow $1 arpwatch_tmp_t:file manage_file_perms;
+ ')
+ 
+@@ -140,7 +118,7 @@
+ 	allow $1 arpwatch_t:process { ptrace signal_perms getattr };
+ 	ps_process_pattern($1, arpwatch_t)
+ 
+-	arpwatch_initrc_domtrans($1)
++	init_labeled_script_domtrans($1, arpwatch_initrc_exec_t)
+ 	domain_system_change_exemption($1)
+ 	role_transition $2 arpwatch_initrc_exec_t system_r;
+ 	allow $2 system_r;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/arpwatch.te serefpolicy-3.7.11/policy/modules/services/arpwatch.te
 --- nsaserefpolicy/policy/modules/services/arpwatch.te	2010-03-04 11:17:25.000000000 -0500
 +++ serefpolicy-3.7.11/policy/modules/services/arpwatch.te	2010-03-03 23:48:01.000000000 -0500
+@@ -1,5 +1,5 @@
+ 
+-policy_module(arpwatch, 1.8.1)
++policy_module(arpwatch, 1.8.0)
+ 
+ ########################################
+ #
 @@ -34,6 +34,7 @@
  allow arpwatch_t self:tcp_socket { connect create_stream_socket_perms };
  allow arpwatch_t self:udp_socket create_socket_perms;
@@ -16248,6 +16414,26 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/dove
  	fs_manage_cifs_files(dovecot_t)
  	fs_manage_cifs_symlinks(dovecot_t)
  ')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/exim.te serefpolicy-3.7.11/policy/modules/services/exim.te
+--- nsaserefpolicy/policy/modules/services/exim.te	2010-03-04 11:17:25.000000000 -0500
++++ serefpolicy-3.7.11/policy/modules/services/exim.te	2010-03-03 23:48:01.000000000 -0500
+@@ -1,5 +1,5 @@
+ 
+-policy_module(exim, 1.4.2)
++policy_module(exim, 1.4.1)
+ 
+ ########################################
+ #
+@@ -192,9 +192,6 @@
+ ')
+ 
+ optional_policy(`
+-	# https://bugzilla.redhat.com/show_bug.cgi?id=512710
+-	# uses sendmail for outgoing mail and exim
+-	# for incoming mail
+ 	sendmail_manage_tmp_files(exim_t)
+ ')
+ 
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/fail2ban.if serefpolicy-3.7.11/policy/modules/services/fail2ban.if
 --- nsaserefpolicy/policy/modules/services/fail2ban.if	2009-07-14 14:19:57.000000000 -0400
 +++ serefpolicy-3.7.11/policy/modules/services/fail2ban.if	2010-03-03 23:48:01.000000000 -0500
@@ -18004,33 +18190,20 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ksmt
 +miscfiles_read_localization(ksmtuned_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap.fc serefpolicy-3.7.11/policy/modules/services/ldap.fc
 --- nsaserefpolicy/policy/modules/services/ldap.fc	2009-07-14 14:19:57.000000000 -0400
-+++ serefpolicy-3.7.11/policy/modules/services/ldap.fc	2010-03-03 23:48:01.000000000 -0500
-@@ -1,8 +1,12 @@
++++ serefpolicy-3.7.11/policy/modules/services/ldap.fc	2010-03-04 13:06:45.000000000 -0500
+@@ -1,5 +1,7 @@
  
  /etc/ldap/slapd\.conf	--	gen_context(system_u:object_r:slapd_etc_t,s0)
 +/etc/openldap/slapd\.d(/.*)?	gen_context(system_u:object_r:slapd_db_t,s0)
 +
  /etc/rc\.d/init\.d/ldap	--	gen_context(system_u:object_r:slapd_initrc_exec_t,s0)
-+/etc/rc\.d/init\.d/dirsrv.* --	gen_context(system_u:object_r:slapd_initrc_exec_t,s0)
  
  /usr/sbin/slapd		--	gen_context(system_u:object_r:slapd_exec_t,s0)
-+/usr/sbin/ns-slapd	--	gen_context(system_u:object_r:slapd_exec_t,s0)
- 
- ifdef(`distro_debian',`
- /usr/lib/slapd		--	gen_context(system_u:object_r:slapd_exec_t,s0)
-@@ -10,8 +14,12 @@
- 
- /var/lib/ldap(/.*)?		gen_context(system_u:object_r:slapd_db_t,s0)
- /var/lib/ldap/replog(/.*)?	gen_context(system_u:object_r:slapd_replog_t,s0)
-+/var/lib/dirsrv(/.*)?		gen_context(system_u:object_r:slapd_db_t,s0)
-+
-+/var/log/dirsrv(/.*)?		gen_context(system_u:object_r:slapd_log_t,s0)
- 
- /var/run/ldapi		-s	gen_context(system_u:object_r:slapd_var_run_t,s0)
+@@ -15,3 +17,4 @@
  /var/run/openldap(/.*)?		gen_context(system_u:object_r:slapd_var_run_t,s0)
  /var/run/slapd\.args	--	gen_context(system_u:object_r:slapd_var_run_t,s0)
  /var/run/slapd\.pid	--	gen_context(system_u:object_r:slapd_var_run_t,s0)
-+/var/run/slapd.*	-s	gen_context(system_u:object_r:slapd_var_run_t,s0)
++#/var/run/slapd.*	-s	gen_context(system_u:object_r:slapd_var_run_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/ldap.if serefpolicy-3.7.11/policy/modules/services/ldap.if
 --- nsaserefpolicy/policy/modules/services/ldap.if	2009-07-14 14:19:57.000000000 -0400
 +++ serefpolicy-3.7.11/policy/modules/services/ldap.if	2010-03-03 23:48:01.000000000 -0500
@@ -29351,6 +29524,16 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hostna
  fs_dontaudit_use_tmpfs_chr_dev(hostname_t)
  
  term_dontaudit_use_console(hostname_t)
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/hotplug.te serefpolicy-3.7.11/policy/modules/system/hotplug.te
+--- nsaserefpolicy/policy/modules/system/hotplug.te	2010-03-04 11:17:25.000000000 -0500
++++ serefpolicy-3.7.11/policy/modules/system/hotplug.te	2010-03-03 23:48:01.000000000 -0500
+@@ -1,5 +1,5 @@
+ 
+-policy_module(hotplug, 1.12.1)
++policy_module(hotplug, 1.12.0)
+ 
+ ########################################
+ #
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/init.fc serefpolicy-3.7.11/policy/modules/system/init.fc
 --- nsaserefpolicy/policy/modules/system/init.fc	2009-07-14 14:19:57.000000000 -0400
 +++ serefpolicy-3.7.11/policy/modules/system/init.fc	2010-03-03 23:48:01.000000000 -0500
@@ -37228,7 +37411,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/misc_patterns
  ')
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets.spt serefpolicy-3.7.11/policy/support/obj_perm_sets.spt
---- nsaserefpolicy/policy/support/obj_perm_sets.spt	2009-11-25 11:47:19.000000000 -0500
+--- nsaserefpolicy/policy/support/obj_perm_sets.spt	2010-03-04 11:44:07.000000000 -0500
 +++ serefpolicy-3.7.11/policy/support/obj_perm_sets.spt	2010-03-03 23:48:01.000000000 -0500
 @@ -28,7 +28,7 @@
  #
@@ -37260,7 +37443,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/support/obj_perm_sets
  define(`create_lnk_file_perms',`{ create getattr }')
  define(`rename_lnk_file_perms',`{ getattr rename }')
  define(`delete_lnk_file_perms',`{ getattr unlink }')
--define(`manage_lnk_file_perms',`{ create read getattr setattr link unlink rename }')
+-define(`manage_lnk_file_perms',`{ create read write getattr setattr link unlink rename }')
 +define(`manage_lnk_file_perms',`{ create getattr setattr read write append rename link unlink ioctl lock }')
  define(`relabelfrom_lnk_file_perms',`{ getattr relabelfrom }')
  define(`relabelto_lnk_file_perms',`{ getattr relabelto }')
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 4f06646..8ad573b 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,8 +19,8 @@
 %define CHECKPOLICYVER 2.0.21-1
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 3.7.10
-Release: 5%{?dist}
+Version: 3.7.11
+Release: 1%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -466,7 +466,20 @@ exit 0
 %endif
 
 %changelog
-* Fri Feb 26 2010 Dan Walsh <dwalsh@redhat.com> 3.7.10-5
+* Tue Mar 2 2010 Dan Walsh <dwalsh@redhat.com> 3.7.11-1
+- Update to upstream - These are merges of my patches
+- Remove 389 labeling conflicts
+- Add MLS fixes found in RHEL6 testing
+- Allow pulseaudio to run as a service
+- Add label for mssql and allow apache to connect to this database port if boolean set
+- Dontaudit searches of debugfs mount point
+- Allow policykit_auth to send signals to itself
+- Allow modcluster to call getpwnam
+- Allow swat to signal winbind
+- Allow usbmux to run as a system role
+- Allow svirt to create and use devpts
+
+* Mon Mar 1 2010 Dan Walsh <dwalsh@redhat.com> 3.7.10-5
 - Add MLS fixes found in RHEL6 testing
 - Allow domains to append to rpm_tmp_t
 - Add cachefilesfd policy
diff --git a/sources b/sources
index 3094b84..64a46df 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 4c7d323036f1662a06a7a4f2a7da57a5  config.tgz
-08d83373515696cd385e10fba5294890  serefpolicy-3.7.10.tgz
+316c182558e4f2c4b6955d06a943d64e  serefpolicy-3.7.11.tgz