diff -ru /usr/src/se/policy/Makefile ./Makefile
--- /usr/src/se/policy/Makefile	2004-08-02 16:59:45.000000000 +1000
+++ ./Makefile	2004-08-19 21:22:13.000000000 +1000
@@ -140,7 +140,7 @@
 
 $(FC): $(FCFILES) $(ALL_TUNABLES) domains/program domains/misc file_contexts/program file_contexts/misc users /etc/passwd
 	@echo "Building file_contexts ..."
-	@m4 $(ALL_TUNABLES) $(FCFILES) > $@.tmp
+	@m4 $(M4PARAM) $(ALL_TUNABLES) $(FCFILES) > $@.tmp
 	@grep -v "^/root" $@.tmp > $@.root
 	@/usr/sbin/genhomedircon . $@.root  > $@
 	@grep "^/root" $@.tmp >> $@
diff -ru /usr/src/se/policy/domains/program/fsadm.te ./domains/program/fsadm.te
--- /usr/src/se/policy/domains/program/fsadm.te	2004-06-17 15:10:38.000000000 +1000
+++ ./domains/program/fsadm.te	2004-07-04 18:18:07.000000000 +1000
@@ -84,7 +84,8 @@
 
 # Access lost+found.
 allow fsadm_t lost_found_t:dir create_dir_perms;
-allow fsadm_t lost_found_t:notdevfile_class_set create_file_perms;
+allow fsadm_t lost_found_t:{ file sock_file fifo_file } create_file_perms;
+allow fsadm_t lost_found_t:lnk_file create_lnk_perms;
 
 allow fsadm_t file_t:dir { search read getattr rmdir create };
 
diff -ru /usr/src/se/policy/domains/program/getty.te ./domains/program/getty.te
--- /usr/src/se/policy/domains/program/getty.te	2004-08-04 20:26:43.000000000 +1000
+++ ./domains/program/getty.te	2004-08-15 15:53:57.000000000 +1000
@@ -52,8 +52,6 @@
 # Chown, chmod, read and write ttys.
 allow getty_t tty_device_t:chr_file { setattr rw_file_perms };
 allow getty_t ttyfile:chr_file { setattr rw_file_perms };
-allow getty_t initrc_devpts_t:chr_file { setattr rw_file_perms };
-dontaudit getty_t { user_devpts_t sysadm_devpts_t }:chr_file { read write };
 
 # for error condition handling
 allow getty_t fs_t:filesystem getattr;
diff -ru /usr/src/se/policy/domains/program/initrc.te ./domains/program/initrc.te
--- /usr/src/se/policy/domains/program/initrc.te	2004-08-02 16:59:47.000000000 +1000
+++ ./domains/program/initrc.te	2004-08-11 16:58:56.000000000 +1000
@@ -164,7 +164,10 @@
 allow initrc_t pidfile:file { getattr read unlink };
 
 # Write to /dev/urandom.
-allow initrc_t urandom_device_t:chr_file rw_file_perms;
+allow initrc_t { random_device_t urandom_device_t }:chr_file rw_file_perms;
+
+# for cryptsetup
+allow initrc_t fixed_disk_device_t:blk_file getattr;
 
 # Set device ownerships/modes.
 allow initrc_t framebuf_device_t:lnk_file read;
diff -ru /usr/src/se/policy/domains/program/klogd.te ./domains/program/klogd.te
--- /usr/src/se/policy/domains/program/klogd.te	2004-07-08 13:09:33.000000000 +1000
+++ ./domains/program/klogd.te	2004-06-17 03:07:45.000000000 +1000
@@ -43,5 +43,3 @@
 # Read /boot/System.map*
 allow klogd_t system_map_t:file r_file_perms;
 allow klogd_t boot_t:dir r_dir_perms;
-allow klogd_t boot_t:lnk_file { read };
-