diff --git a/sepolgen/src/sepolgen/audit.py b/sepolgen/src/sepolgen/audit.py
index 73c60f6..9ca35a7 100644
--- a/sepolgen/src/sepolgen/audit.py
+++ b/sepolgen/src/sepolgen/audit.py
@@ -38,8 +38,7 @@ def get_audit_boot_msgs():
     off=float(fd.read().split()[0])
     fd.close
     s = time.localtime(time.time() - off)
-    date = time.strftime("%D/%Y", s).split("/")
-    bootdate="%s/%s/%s" % (date[0], date[1], date[3])
+    bootdate = time.strftime("%x", s)
     boottime = time.strftime("%X", s)
     output = subprocess.Popen(["/sbin/ausearch", "-m", "AVC,USER_AVC,MAC_POLICY_LOAD,DAEMON_START,SELINUX_ERR", "-ts", bootdate, boottime],
                               stdout=subprocess.PIPE).communicate()[0]
@@ -260,7 +259,7 @@ class AVCMessage(AuditMessage):
                 raise ValueError("Error during access vector computation")
 
             if self.type == audit2why.CONSTRAINT:
-                self.data = []
+                self.data = [ self.data ]
                 if self.scontext.user != self.tcontext.user:
                     self.data.append("user")
                 if self.scontext.role != self.tcontext.role and self.tcontext.role != "object_r":
diff --git a/sepolgen/src/sepolgen/refparser.py b/sepolgen/src/sepolgen/refparser.py
index a4adbd8..7b76261 100644
--- a/sepolgen/src/sepolgen/refparser.py
+++ b/sepolgen/src/sepolgen/refparser.py
@@ -91,8 +91,10 @@ tokens = (
     'CLASS',
     #   types and attributes
     'TYPEATTRIBUTE',
+    'ROLEATTRIBUTE',
     'TYPE',
     'ATTRIBUTE',
+    'ATTRIBUTE_ROLE',
     'ALIAS',
     'TYPEALIAS',
     #   conditional policy
@@ -153,8 +155,10 @@ reserved = {
     'class' : 'CLASS',
     # types and attributes
     'typeattribute' : 'TYPEATTRIBUTE',
+    'roleattribute' : 'ROLEATTRIBUTE',
     'type' : 'TYPE',
     'attribute' : 'ATTRIBUTE',
+    'attribute_role' : 'ATTRIBUTE_ROLE',
     'alias' : 'ALIAS',
     'typealias' : 'TYPEALIAS',
     # conditional policy
@@ -489,6 +493,7 @@ def p_policy_stmt(p):
                    | avrule_def
                    | typerule_def
                    | typeattribute_def
+                   | roleattribute_def
                    | interface_call
                    | role_def
                    | role_allow
@@ -496,6 +501,7 @@ def p_policy_stmt(p):
                    | type_def
                    | typealias_def
                    | attribute_def
+                   | attribute_role_def
                    | range_transition_def
                    | role_transition_def
                    | bool
@@ -542,6 +548,7 @@ def p_require(p):
     '''require : TYPE comma_list SEMI
                | ROLE comma_list SEMI
                | ATTRIBUTE comma_list SEMI
+               | ATTRIBUTE_ROLE comma_list SEMI
                | CLASS comma_list SEMI
                | BOOL comma_list SEMI
     '''
@@ -727,6 +734,11 @@ def p_attribute_def(p):
     a = refpolicy.Attribute(p[2])
     p[0] = a
 
+def p_attribute_role_def(p):
+	'attribute_role_def : ATTRIBUTE_ROLE IDENTIFIER SEMI'
+	a = refpolicy.Attribute_Role(p[2])
+	p[0] = a
+
 def p_typealias_def(p):
     'typealias_def : TYPEALIAS IDENTIFIER ALIAS names SEMI'
     t = refpolicy.TypeAlias()
@@ -819,6 +831,13 @@ def p_typeattribute_def(p):
     t.attributes.update(p[3])
     p[0] = t
 
+def p_roleattribute_def(p):
+    '''roleattribute_def : ROLEATTRIBUTE IDENTIFIER comma_list SEMI'''
+    t = refpolicy.RoleAttribute()
+    t.role = p[2]
+    t.roleattributes.update(p[3])
+    p[0] = t
+
 def p_range_transition_def(p):
     '''range_transition_def : RANGE_TRANSITION names names COLON names mls_range_def SEMI
                             | RANGE_TRANSITION names names names SEMI'''
diff --git a/sepolgen/src/sepolgen/refpolicy.py b/sepolgen/src/sepolgen/refpolicy.py
index 1399225..b07550a 100644
--- a/sepolgen/src/sepolgen/refpolicy.py
+++ b/sepolgen/src/sepolgen/refpolicy.py
@@ -117,6 +117,10 @@ class Node(PolicyBase):
         """Iterate over all of the TypeAttribute children of this Interface."""
         return itertools.ifilter(lambda x: isinstance(x, TypeAttribute), walktree(self))
 
+    def roleattributes(self):
+        """Iterate over all of the RoleAttribute children of this Interface."""
+        return itertools.ifilter(lambda x: isinstance(x, RoleAttribute), walktree(self))
+
     def requires(self):
         return itertools.ifilter(lambda x: isinstance(x, Require), walktree(self))
 
@@ -356,6 +360,20 @@ class TypeAttribute(Leaf):
     def to_string(self):
         return "typeattribute %s %s;" % (self.type, self.attributes.to_comma_str())
 
+class RoleAttribute(Leaf):
+    """SElinux typeattribute statement.
+
+    This class represents a typeattribute statement.
+    """
+    def __init__(self, parent=None):
+        Leaf.__init__(self, parent)
+        self.role = ""
+        self.roleattributes = IdSet()
+
+    def to_string(self):
+        return "roleattribute %s %s;" % (self.role, self.roleattributes.to_comma_str())
+
+
 class Role(Leaf):
     def __init__(self, parent=None):
         Leaf.__init__(self, parent)
@@ -400,6 +418,15 @@ class Attribute(Leaf):
     def to_string(self):
         return "attribute %s;" % self.name
 
+class Attribute_Role(Leaf):
+    def __init__(self, name="", parent=None):
+        Leaf.__init__(self, parent)
+        self.name = name
+
+    def to_string(self):
+        return "attribute_role %s;" % self.name
+
+
 # Classes representing rules
 
 class AVRule(Leaf):