Index: selinux/build/zephyr.te
===================================================================
--- selinux/build/zephyr.te	(revision 84)
+++ selinux/build/zephyr.te	(revision 91)
@@ -1,2 +1,6 @@
+# Joe Presbrey
+# presbrey@mit.edu
+# 2006/1/15
+
 policy_module(zephyr,1.0.0)
 
@@ -10,9 +14,10 @@
 type zephyr_exec_t;
 domain_type(zephyr_t)
+corecmd_executable_file(zephyr_bin_t)
 init_daemon_domain(zephyr_t, zephyr_exec_t)
 
 ########################################
 #
-# AFS local policy
+# zephyr local policy
 
 files_read_etc_files(zephyr_t)
@@ -22,13 +27,10 @@
 miscfiles_read_localization(zephyr_t)
 
-# Init script handling
 init_use_fds(zephyr_t)
 init_use_script_ptys(zephyr_t)
 domain_use_interactive_fds(zephyr_t)
 term_use_console(zephyr_t)
-
-allow zephyr_t self:process setsched;
-allow zephyr_t self:capability { sys_admin sys_nice sys_tty_config};
-
+corenet_udp_bind_generic_port(zephyr_t)
+dev_read_urand(zephyr_t)
 sysnet_dns_name_resolve(zephyr_t)
 corenet_tcp_sendrecv_all_nodes(zephyr_t)
@@ -36,4 +38,6 @@
 corenet_tcp_sendrecv_all_ports(zephyr_t)
 corenet_udp_sendrecv_all_ports(zephyr_t)
+kerberos_use(zephyr_t)
 
-#allow zephyr_bin_t fs_t:filesystem associate;
+allow zephyr_t self:process setsched;
+allow zephyr_t self:capability { sys_admin sys_nice sys_tty_config };