From Debian package 0.0.20080702-4

Allow portslave to run filters
Let it talk UDP and read localization
Let portslave run ppp scripts
Adds ppp_script_exec interface

Index: policy/modules/services/portslave.te
===================================================================
--- policy/modules/services/portslave.te.orig
+++ policy/modules/services/portslave.te
@@ -13,6 +13,9 @@
 type portslave_etc_t;
 files_config_file(portslave_etc_t)
 
+# for filters
+can_exec(portslave_t, { portslave_etc_t portslave_exec_t })
+
 type portslave_lock_t;
 files_lock_file(portslave_lock_t)
 
@@ -62,8 +65,10 @@
 corenet_udp_sendrecv_generic_node(portslave_t)
 corenet_tcp_sendrecv_all_ports(portslave_t)
 corenet_udp_sendrecv_all_ports(portslave_t)
+corenet_udp_bind_all_nodes(portslave_t)
 corenet_rw_ppp_dev(portslave_t)
 
+miscfiles_read_localization(portslave_t)
 dev_read_sysfs(portslave_t)
 # for ssh
 dev_read_urand(portslave_t)
@@ -102,6 +107,7 @@
 # instead of exec.
 ppp_read_rw_config(portslave_t)
 ppp_exec(portslave_t)
+ppp_script_exec(portslave_t)
 ppp_read_secrets(portslave_t)
 ppp_manage_pid_files(portslave_t)
 ppp_pid_filetrans(portslave_t)
Index: policy/modules/services/ppp.if
===================================================================
--- policy/modules/services/ppp.if.orig
+++ policy/modules/services/ppp.if
@@ -228,6 +228,24 @@
 
 ########################################
 ## <summary>
+##	 Execute domain in the ppp caller.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	 Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`ppp_script_exec',`
+	gen_require(`
+		type pppd_script_exec_t;
+	')
+
+	can_exec($1, pppd_script_exec_t)
+')
+
+########################################
+## <summary>
 ##	Read PPP-writable configuration files.
 ## </summary>
 ## <param name="domain">