Unlinking the /etc/prelink.cache file requires ability
allow $1 etc_t:dir rw_dir_perms;

slocate needs to getattr on rpc_pipefs

mdadm does a getattr on everything in /dev.  Need to dontaudit 
device_t:file getattr;

Adding a cron_var_lib_t and cron_log_t so that sysadm_cron_t can write 
to these directories.
Policy explains which scripts need these privs

Additional lpr_exec_t applications

Corrected oddjob policy


Sendmail needs to read netlink_route_socket

Switch fsdaemon to mls_read_up

Doesn't ssh need
+       userdom_search_all_users_home_dirs(sshd_t)


Cups init script wants to clear the error_log

auditd_log_t is supposed to be able to have a device mounted on it for 
compliance reasons.

mdadm wants to getattr_core_if