diff --git a/FedoraBook.te b/FedoraBook.te
index 417589a..a720247 100644
--- a/FedoraBook.te
+++ b/FedoraBook.te
@@ -1,11 +1,15 @@
 module FedoraBook 1.0;
 
 require {
+	type policykit_auth_t;
+	type policykit_t;
+	type sssd_t;
 	type system_dbusd_var_run_t;
 	type iscsi_unit_file_t;
 	type etc_t;
 	type systemd_timedated_t;
 	type var_t;
+	type usr_t;
 	type NetworkManager_t;
 	type systemd_networkd_var_run_t;
 	type default_t;
@@ -28,13 +32,16 @@ require {
 	type init_var_run_t;
 	type svirt_t;
 	type user_home_dir_t;
+        type chkpwd_t;
+	type xdm_var_lib_t;
+	class sock_file { create write };
 	class file { create getattr map open read relabelfrom relabelto rename setattr unlink write };
 	class process { dyntransition setcurrent };
-	class dir { add_name create getattr read write search mounton };
+	class dir { add_name create getattr read write search mounton map };
 	class process2 nnp_transition;
 	class service { reload status stop };
 	class dbus send_msg;
-	class sock_file read;
+	class sock_file { read write };
 	class lnk_file { getattr read };
 }
 
@@ -87,6 +94,24 @@ allow useradd_t var_t:file { getattr open read write };
 allow xdm_t avahi_t:dbus send_msg;
 allow xdm_t getty_var_run_t:file getattr;
 allow xdm_t lib_t:service stop;
+allow xdm_t xdm_var_lib_t:dir map;
 
 #============= svirt_t ==============
 allow svirt_t user_home_dir_t:dir read;
+
+#============= chkpwd_t ==============
+allow chkpwd_t usr_t:file map;
+
+
+#============= policykit_auth_t ==============
+allow policykit_auth_t var_lib_t:file read;
+allow policykit_auth_t var_lib_t:sock_file write;
+
+#============= policykit_t ==============
+allow policykit_t var_lib_t:file read;
+allow policykit_t var_lib_t:sock_file write;
+
+#============= sssd_t ==============
+allow sssd_t var_lib_t:file read;
+allow sssd_t var_lib_t:sock_file { create write };
+
diff --git a/logo.bmp b/logo.bmp
index e16865a..5e10b8c 100644
Binary files a/logo.bmp and b/logo.bmp differ
diff --git a/pkglist.txt b/pkglist.txt
index 83becfd..59536bf 100644
--- a/pkglist.txt
+++ b/pkglist.txt
@@ -1,3 +1,5 @@
+toolbox
+sssd-kcm
 podman
 ImageMagick
 exa
diff --git a/prepare-root.sh b/prepare-root.sh
index e7d4bd3..5462d0d 100755
--- a/prepare-root.sh
+++ b/prepare-root.sh
@@ -310,7 +310,6 @@ fi
 
 (( $RET == 0 ))
 
-
 chroot "$sysroot" /usr/bin/systemd-sysusers
 
 for i in passwd shadow group gshadow subuid subgid; do
@@ -480,6 +479,8 @@ sed -i -e 's#/etc/passwd#/cfg/passwd#g;s#/etc/shadow#/cfg/shadow#g;s#/etc/gshado
     "$sysroot"/usr/bin/newuidmap \
     "$sysroot"/usr/sbin/newusers
 
+chmod u+s "$sysroot"/usr/bin/newgidmap "$sysroot"/usr/bin/newuidmap
+
 sed -i -e 's#/etc/.pwd.lock#/cfg/.pwd.lock#g' \
     "$sysroot"/lib*/libc.so.* \
     "$sysroot"/usr/lib/systemd/libsystemd-shared*.so