Includes Collin's new cups patch.

I turned on every service in an everything install and came up with many 
fixes for all the AVC messages.

Added arpwatch policy.

Changed allow_ypbind to a boolean, so policy can be turned on/off by 
sysadmin.

Working with ipsec team to get program cleaned up so we can write better 
policy.

Temporarily added a rule to allow apache to talk to tmp_t:sock_file in 
targeted policy.  This allows
it to work with postgresql.  Not sure of a good way to fix this.  One we 
could add postgresql policy to targeted
but I am afraid this is a slipperly slope,  Colin suggested that we add 
a new policy postgresql_unconfined.te for
targeted that basically runs postgres unconfined but creates /tmp files 
with an appropriate security context. 
What do you guys think?  Lastly we could tell any users who want to use 
apache with postgres to turn off the
transition of apache to context.

Dan