diff --git a/policy/modules/contrib b/policy/modules/contrib
index 9893ad3f6..bc4b34c56 160000
--- a/policy/modules/contrib
+++ b/policy/modules/contrib
@@ -1 +1 @@
-Subproject commit 9893ad3f676c2d389a8603db8eda07704c891991
+Subproject commit bc4b34c56d035238190b71a9892abdb7b2558fff
diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc
index a061af2fa..f79503f3d 100644
--- a/policy/modules/system/logging.fc
+++ b/policy/modules/system/logging.fc
@@ -20,6 +20,7 @@
 /usr/lib/systemd/system/auditd.* -- gen_context(system_u:object_r:auditd_unit_t,s0)
 /usr/lib/systemd/system/[^/]*systemd-journal.* -- gen_context(system_u:object_r:syslogd_unit_t,s0)
 /usr/lib/systemd/systemd-journald -- gen_context(system_u:object_r:syslogd_exec_t,s0)
+/usr/lib/systemd/system/rsyslog.*\.service -- gen_context(system_u:object_r:syslogd_unit_t,s0)
 
 /usr/sbin/klogd		--	gen_context(system_u:object_r:klogd_exec_t,s0)
 /usr/sbin/metalog	--	gen_context(system_u:object_r:syslogd_exec_t,s0)
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 2b90b78e5..c171c1269 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -1,4 +1,4 @@
-policy_module(logging, 1.23.2)
+policy_module(logging, 1.23.3)
 
 ########################################
 #
diff --git a/policy/modules/system/selinuxutil.fc b/policy/modules/system/selinuxutil.fc
index f41684feb..c3fa691fd 100644
--- a/policy/modules/system/selinuxutil.fc
+++ b/policy/modules/system/selinuxutil.fc
@@ -33,6 +33,7 @@
 /usr/bin/newrole		--	gen_context(system_u:object_r:newrole_exec_t,s0)
 
 /usr/lib/selinux(/.*)?			gen_context(system_u:object_r:policy_src_t,s0)
+/usr/lib/systemd/system/restorecond.*\.service -- gen_context(system_u:object_r:restorecond_unit_t,s0)
 
 /usr/sbin/load_policy		--	gen_context(system_u:object_r:load_policy_exec_t,s0)
 /usr/sbin/restorecond		--	gen_context(system_u:object_r:restorecond_exec_t,s0)
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index 4b7296e7b..f98e382f0 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -1,4 +1,4 @@
-policy_module(selinuxutil, 1.20.1)
+policy_module(selinuxutil, 1.20.2)
 
 gen_require(`
 	bool secure_mode;
@@ -85,6 +85,9 @@ init_daemon_domain(restorecond_t, restorecond_exec_t)
 domain_obj_id_change_exemption(restorecond_t)
 role system_r types restorecond_t;
 
+type restorecond_unit_t;
+init_unit_file(restorecond_unit_t)
+
 type restorecond_var_run_t;
 files_pid_file(restorecond_var_run_t)
 
diff --git a/policy/modules/system/setrans.fc b/policy/modules/system/setrans.fc
index bea462999..094ef2216 100644
--- a/policy/modules/system/setrans.fc
+++ b/policy/modules/system/setrans.fc
@@ -2,4 +2,6 @@
 
 /sbin/mcstransd		--	gen_context(system_u:object_r:setrans_exec_t,s0)
 
+/usr/lib/systemd/system/mcstrans.*\.service -- gen_context(system_u:object_r:setrans_unit_t,s0)
+
 /var/run/setrans(/.*)?		gen_context(system_u:object_r:setrans_var_run_t,mls_systemhigh)
diff --git a/policy/modules/system/setrans.te b/policy/modules/system/setrans.te
index 386df7432..216e871bc 100644
--- a/policy/modules/system/setrans.te
+++ b/policy/modules/system/setrans.te
@@ -1,4 +1,4 @@
-policy_module(setrans, 1.11.0)
+policy_module(setrans, 1.11.1)
 
 gen_require(`
 	class context contains;