Add boolean allow_nfsd_anon_write to it can write to public_content_rw_t

Stop transition to consoletype from initrc_t.  Maybe we need an 
ifdef(targeted_policy)  But hostname and consoletype transitioning is a 
pain in the but.  Lots of init scripts do stuff like

consoletype >> MYLOG.log

prelink needs to be able to change the context even if the user part is 
different.

Added unconfined_execmem_exec_t so that I can change the global 
allow_execmem to off.  OpenOffice, valgrind and mplayer need it.  
Probably could eliminate java, and wine domain and change to this.

Additinional dontaudit for ioctl on terminals

Fixes for amavis domain

named needs access to ldap when running with nss_ldap  (Seems lots of 
domains need this if you set up nss_ldap.)

Allow bluetooth helper access to users homedir and tmp files.

cupsd_lpd_t wants to look at the routing table and communicate with the 
cupsd socket

Want to label cvs and rsync as being executables so sysadm_r can run 
them.  (No transition).

Hal wants to look at the kernel image file

nfs needs access to rand/urand probably caused by nss_ldap.

xfs wants to execute itself if it has greater than 10 displays.

xdm is creating .Xauthority file with wrong context.

auditadm_r which is running as SystemHigh wants to be able to restart 
auditd through init scripts.  So it needs to be able to 
mls_range_transition run_init down to SystemLow-SystemHigh

Major bug in that we were not running semanage and setsebool as 
semanage_t.  This is what is causing the mislabeled 
/etc/selinux/targeted/modules directory

semanage_t needed fixes so that setsebool and semanage could run.

More fixes for xen domain.

auditadm_ stuff, but I agree that this is still in flux so don't add it.