diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index 04d36ac..3c32795 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -112,21 +112,20 @@ index a9e8893..0000000
 @@ -1 +0,0 @@
 -.so man1/audit2allow.1
 diff --git a/policycoreutils/gui/Makefile b/policycoreutils/gui/Makefile
-index b5abbb9..7218c3e 100644
+index b5abbb9..513f2c4 100644
 --- a/policycoreutils/gui/Makefile
 +++ b/policycoreutils/gui/Makefile
-@@ -1,7 +1,10 @@
+@@ -1,7 +1,9 @@
  # Installation directories.
  PREFIX ?= ${DESTDIR}/usr
 +SYSCONFDIR ?= ${DESTDIR}/etc
  BINDIR ?= $(PREFIX)/bin
  SHAREDIR ?= $(PREFIX)/share/system-config-selinux
 +DATADIR ?= $(PREFIX)/share
-+PAMDIR ?= $(SYSCONFDIR)/pam.d
  
  TARGETS= \
  booleansPage.py \
-@@ -16,6 +19,7 @@ portsPage.py \
+@@ -16,6 +18,7 @@ portsPage.py \
  semanagePage.py \
  statusPage.py \
  system-config-selinux.glade \
@@ -134,28 +133,56 @@ index b5abbb9..7218c3e 100644
  usersPage.py
  
  all: $(TARGETS) system-config-selinux.py polgengui.py
-@@ -23,10 +27,20 @@ all: $(TARGETS) system-config-selinux.py polgengui.py
+@@ -23,11 +26,19 @@ all: $(TARGETS) system-config-selinux.py polgengui.py
  install: all
  	-mkdir -p $(SHAREDIR)
  	-mkdir -p $(BINDIR)
 +	-mkdir -p $(DATADIR)/pixmaps
 +	-mkdir -p $(DATADIR)/icons/hicolor/24x24/apps
 +	-mkdir -p $(SYSCONFDIR)
-+	-mkdir -p $(PAMDIR)
-+	-mkdir -p $(SYSCONFDIR)/security/console.apps/system-config-selinux
++	-mkdir -p $(DATADIR)/polkit-1/actions/
  	install -m 755 system-config-selinux.py $(SHAREDIR)
++	install -m 755 system-config-selinux $(BINDIR)
  	install -m 755 polgengui.py $(SHAREDIR)
 -	install -m 755 sepolgen $(BINDIR)
  	install -m 644 $(TARGETS) $(SHAREDIR)
+-
 +	install -m 644 system-config-selinux.png $(DATADIR)/pixmaps
 +	install -m 644 system-config-selinux.png $(DATADIR)/icons/hicolor/24x24/apps
 +	install -m 644 system-config-selinux.png $(DATADIR)/system-config-selinux
 +	install -m 644 *.desktop $(DATADIR)/system-config-selinux
-+	install -m 644 system-config-selinux.pam $(PAMDIR)/system-config-selinux
-+	install -m 644 system-config-selinux.console $(SYSCONFDIR)/security/console.apps/system-config-selinux
- 
++	install -m 644 org.fedoraproject.config.selinux.policy $(DATADIR)/polkit-1/actions/
  clean:
  
+ indent:
+diff --git a/policycoreutils/gui/org.fedoraproject.config.selinux.policy b/policycoreutils/gui/org.fedoraproject.config.selinux.policy
+new file mode 100644
+index 0000000..fcfa81d
+--- /dev/null
++++ b/policycoreutils/gui/org.fedoraproject.config.selinux.policy
+@@ -0,0 +1,22 @@
++<?xml version="1.0" encoding="UTF-8"?>
++<!DOCTYPE policyconfig PUBLIC
++"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
++"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
++<policyconfig>
++
++ <vendor>System Config SELinux</vendor>
++ <vendor_url>http://fedorahosted.org/system-config-selinux</vendor_url>
++
++ <action id="org.fedoraproject.config.selinux.pkexec.run">
++    <description>Run System Config SELinux</description>
++    <message>Authentication is required to run system-config-selinux</message>
++    <icon_name>system-selinux</icon_name>
++    <defaults>
++     <allow_any>no</allow_any>
++     <allow_inactive>no</allow_inactive>
++     <allow_active>auth_admin</allow_active>
++    </defaults>
++    <annotate key="org.freedesktop.policykit.exec.path">/usr/share/system-config-selinux/system-config-selinux.py</annotate>
++    <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
++ </action>
++</policyconfig>
 diff --git a/policycoreutils/gui/selinux-polgengui.desktop b/policycoreutils/gui/selinux-polgengui.desktop
 new file mode 100644
 index 0000000..0c2f399
@@ -237,15 +264,15 @@ index 2f0c1cc..0000000
 @@ -1,2 +0,0 @@
 -#!/bin/sh
 -sepolicy generate $*
-diff --git a/policycoreutils/gui/system-config-selinux.console b/policycoreutils/gui/system-config-selinux.console
-new file mode 100644
-index 0000000..42b48a3
+diff --git a/policycoreutils/gui/system-config-selinux b/policycoreutils/gui/system-config-selinux
+new file mode 100755
+index 0000000..5be5ccd
 --- /dev/null
-+++ b/policycoreutils/gui/system-config-selinux.console
++++ b/policycoreutils/gui/system-config-selinux
 @@ -0,0 +1,3 @@
-+USER=root
-+PROGRAM=/usr/share/system-config-selinux/system-config-selinux.py
-+SESSION=true
++#!/bin/sh
++
++exec /usr/bin/pkexec /usr/share/system-config-selinux/system-config-selinux.py
 diff --git a/policycoreutils/gui/system-config-selinux.desktop b/policycoreutils/gui/system-config-selinux.desktop
 new file mode 100644
 index 0000000..8822ce2
@@ -319,20 +346,6 @@ index 0000000..8822ce2
 +Categories=System;Security;
 +X-Desktop-File-Install-Version=0.2
 +Keywords=policy;security;selinux;avc;permission;mac;
-diff --git a/policycoreutils/gui/system-config-selinux.pam b/policycoreutils/gui/system-config-selinux.pam
-new file mode 100644
-index 0000000..6a8c230
---- /dev/null
-+++ b/policycoreutils/gui/system-config-selinux.pam
-@@ -0,0 +1,8 @@
-+#%PAM-1.0
-+auth       sufficient	pam_rootok.so
-+auth       sufficient   pam_timestamp.so
-+auth       include	system-auth
-+session	   required	pam_permit.so
-+session    optional	pam_xauth.so
-+session    optional     pam_timestamp.so
-+account    required	pam_permit.so
 diff --git a/policycoreutils/gui/system-config-selinux.png b/policycoreutils/gui/system-config-selinux.png
 new file mode 100644
 index 0000000..68ffcb7
@@ -428,6 +441,17 @@ index 8fbf2d0..3510f12 100644
  
  	}
  	/*
+diff --git a/policycoreutils/newrole/newrole.pamd b/policycoreutils/newrole/newrole.pamd
+index d1b435c..de3582f 100644
+--- a/policycoreutils/newrole/newrole.pamd
++++ b/policycoreutils/newrole/newrole.pamd
+@@ -1,4 +1,6 @@
+ #%PAM-1.0
++# Uncomment the next line if you do not want to enter your passwd everytime
++# auth       sufficient   pam_rootok.so
+ auth       include	system-auth
+ account    include	system-auth
+ password   include	system-auth
 diff --git a/policycoreutils/po/Makefile b/policycoreutils/po/Makefile
 index a377996..9c1486e 100644
 --- a/policycoreutils/po/Makefile
@@ -856,6 +880,17 @@ index 00a646f..2c28676 100644
      g_main_loop_unref (loop);
      return 0;
  }
+diff --git a/policycoreutils/run_init/run_init.pamd b/policycoreutils/run_init/run_init.pamd
+index d1b435c..1c323d2 100644
+--- a/policycoreutils/run_init/run_init.pamd
++++ b/policycoreutils/run_init/run_init.pamd
+@@ -1,4 +1,6 @@
+ #%PAM-1.0
++# Uncomment the next line if you do not want to enter your passwd everytime
++#auth       sufficient   pam_rootok.so
+ auth       include	system-auth
+ account    include	system-auth
+ password   include	system-auth
 diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
 index b629006..6631c2d 100644
 --- a/policycoreutils/sandbox/sandbox
@@ -1485,7 +1520,7 @@ index b25d3b2..7a15d88 100755
          sys.exit(0)
      except ValueError,e:
 diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py
-index 5e7415c..10abeec 100644
+index 5e7415c..b9cb9cc 100644
 --- a/policycoreutils/sepolicy/sepolicy/__init__.py
 +++ b/policycoreutils/sepolicy/sepolicy/__init__.py
 @@ -37,9 +37,30 @@ CLASS = 'class'
@@ -1521,7 +1556,15 @@ index 5e7415c..10abeec 100644
          policies = glob.glob ("%s.*" % path )
          policies.sort()
          return policies[-1]
-@@ -85,7 +106,7 @@ all_domains = None
+@@ -71,6 +92,7 @@ def get_all_role_allows():
+ 	return role_allows
+ 
+ def get_all_entrypoint_domains():
++    import re
+     all_domains = []
+     types=get_all_types()
+     types.sort()
+@@ -85,7 +107,7 @@ all_domains = None
  def get_all_domains():
  	global all_domains
  	if not all_domains:
@@ -1530,7 +1573,7 @@ index 5e7415c..10abeec 100644
  	return all_domains
  
  roles = None
-@@ -139,49 +160,43 @@ def get_all_attributes():
+@@ -139,49 +161,43 @@ def get_all_attributes():
  	return all_attributes
  
  def policy(policy_file):
@@ -1562,8 +1605,8 @@ index 5e7415c..10abeec 100644
 -if not policy_file:
 -    policy_file = __get_installed_policy()
 -
-+policy_file = get_installed_policy()
  try:
++    policy_file = get_installed_policy()
      policy(policy_file)
  except ValueError, e:
      if selinux.is_selinux_enabled() == 1:
@@ -1599,6 +1642,20 @@ index 5e7415c..10abeec 100644
  booleans_dict = None
  def gen_bool_dict(path="/usr/share/selinux/devel/policy.xml"):
          global booleans_dict
+diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py
+index 26f8390..19f6056 100644
+--- a/policycoreutils/sepolicy/sepolicy/generate.py
++++ b/policycoreutils/sepolicy/sepolicy/generate.py
+@@ -1037,7 +1037,8 @@ allow %s_t %s_t:%s_socket name_%s;
+ ########################################
+ #
+ # %s local policy
+-#""" % self.name
++#
++""" % self.name
+                 newte += self.generate_capabilities()
+                 newte += self.generate_process()
+ 		newte += self.generate_network_types()
 diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py
 index 25062da..da17c48 100755
 --- a/policycoreutils/sepolicy/sepolicy/manpage.py
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 726d2aa..c20b273 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -7,7 +7,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.1.14
-Release: 7%{?dist}
+Release: 8%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -87,12 +87,7 @@ rm -f %{buildroot}/usr/share/man/ru/man8/genhomedircon.8.gz
 rm -f %{buildroot}/usr/share/man/ru/man8/open_init_pty.8.gz
 rm -f %{buildroot}/usr/share/man/man8/open_init_pty.8
 rm -f %{buildroot}/usr/sbin/open_init_pty
-rm -f %{buildroot}/usr/sbin/run_init
-rm -f %{buildroot}/usr/share/man/ru/man8/run_init.8*
-rm -f %{buildroot}/usr/share/man/man8/run_init.8*
-rm -f %{buildroot}/etc/pam.d/run_init*
 
-ln -sf consolehelper %{buildroot}%{_bindir}/system-config-selinux
 ln -sf /usr/share/system-config-selinux/polgengui.py %{buildroot}%{_bindir}/selinux-polgengui
 
 desktop-file-install	--vendor fedora \
@@ -234,12 +229,11 @@ system-config-selinux is a utility for managing the SELinux environment
 %{_datadir}/applications/fedora-selinux-polgengui.desktop
 %{_datadir}/icons/hicolor/24x24/apps/system-config-selinux.png
 %{_datadir}/pixmaps/system-config-selinux.png
+%{_datadir}/polkit-1/actions/org.fedoraproject.config.selinux.policy
 %dir %{_datadir}/system-config-selinux
 %{_datadir}/system-config-selinux/system-config-selinux.png
 %{_datadir}/system-config-selinux/*.py*
 %{_datadir}/system-config-selinux/*.glade
-%config(noreplace) %{_sysconfdir}/pam.d/system-config-selinux
-%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-selinux
 
 %clean
 rm -rf %{buildroot}
@@ -249,6 +243,7 @@ rm -rf %{buildroot}
 %{_sbindir}/restorecon
 %{_sbindir}/fixfiles
 %{_sbindir}/setfiles
+%{_sbindir}/run_init
 %{_sbindir}/load_policy
 %{_sbindir}/genhomedircon
 %{_sbindir}/setsebool
@@ -266,6 +261,8 @@ rm -rf %{buildroot}
 %{_mandir}/man5/sestatus.conf.5.gz
 %{_mandir}/man8/fixfiles.8*
 %{_mandir}/ru/man8/fixfiles.8*
+%{_mandir}/man8/run_init.8*
+%{_mandir}/ru/man8/run_init.8*
 %{_mandir}/man8/load_policy.8*
 %{_mandir}/ru/man8/load_policy.8*
 %{_mandir}/man8/restorecon.8*
@@ -326,11 +323,18 @@ The policycoreutils-restorecond package contains the restorecond service.
 %{_bindir}/systemctl try-restart restorecond.service >/dev/null 2>&1 || :
 
 %changelog
+* Thu Feb 21 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-8
+- Sepolixy should not throw an exception on an SELinux disabled machine
+- Switch from using console app to using pkexec, so we will work better
+with policykit.
+- Add missing import to fix system-config-selinux startup
+- Add comment to pamd files about pam_rootok.so
+- Fix sepolicy generate to not comment out the first line
+
 * Wed Feb 20 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-7
 - Add --root/-r flag to sepolicy manpage,
 - This allows us to generate man pages on the fly in the selinux-policy build
 
-
 * Mon Feb 18 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.14-6
 - Fix newrole to retain cap_audit_write when compiled with namespace, also
 do not drop capabilities when run as root.