diff --git a/Gemfile b/Gemfile
@@ -1,14 +1,30 @@
 source ENV['GEM_SOURCE'] || "https://rubygems.org"
 
+if RUBY_VERSION >= '1.8.7' && RUBY_VERSION < '1.9'
+  gem 'rspec', '~> 2.0'
+else
+  gem 'rspec', '~> 3.1.0'
+end
+
 group :unit_tests do
-  gem 'rake',                    :require => false
-  # https://github.com/rspec/rspec-core/issues/1864
-  gem 'rspec-puppet', '~> 2.1',  :require => false
-  gem 'puppetlabs_spec_helper',  :require => false
-  gem 'puppet-lint', '~> 1.0',    :require => false
-  gem 'puppet-syntax',           :require => false
-  gem 'metadata-json-lint',      :require => false
-  gem 'json',                    :require => false
+  gem 'rake',                                                      :require => false
+  gem 'rspec-puppet',                                              :require => false
+  gem 'puppetlabs_spec_helper',                                    :require => false
+  gem 'puppet-lint', '~> 1.0',                                     :require => false
+  gem 'puppet-syntax',                                             :require => false
+  gem 'metadata-json-lint',                                        :require => false
+  gem 'json',                                                      :require => false
+  gem 'puppet-lint-absolute_classname-check',                      :require => false
+  gem 'puppet-lint-leading_zero-check',                            :require => false
+  gem 'puppet-lint-trailing_comma-check',                          :require => false
+  gem 'puppet-lint-version_comparison-check',                      :require => false
+  gem 'puppet-lint-classes_and_types_beginning_with_digits-check', :require => false
+  gem 'puppet-lint-unquoted_string-check',                         :require => false
+  gem 'puppet-lint-appends-check',                                 :require => false
+  gem 'puppet-lint-empty_string-check',                            :require => false
+  gem 'puppet-lint-file_ensure-check',                             :require => false
+  gem 'puppet-lint-spaceship_operator_without_tag-check',          :require => false
+  gem 'puppet-lint-undef_in_function-check',                       :require => false
 end
 
 group :development do

diff --git a/README.markdown b/README.markdown
@@ -16,7 +16,7 @@ This class manages SELinux on RHEL based systems.
 
 ## Requirements
 
-* Puppet-2.7.0 or later
+* Puppet-3.x or later
 * Facter 1.7.0 or later
 * Ruby-1.9.3 or later (Support for Ruby-1.8.7 is not guaranteed. YMMV).
 

diff --git a/manifests/boolean.pp b/manifests/boolean.pp
@@ -31,7 +31,7 @@
   $persistent = true,
 ) {
 
-  include selinux
+  include ::selinux
 
   $ensure_real = $ensure ? {
     true    => 'true', # lint:ignore:quoted_booleans

diff --git a/manifests/config.pp b/manifests/config.pp
@@ -45,13 +45,13 @@
     }
 
     case $mode {
-      permissive, disabled: {
+      'permissive', 'disabled': {
         $sestatus = '0'
         if $mode == 'disabled' and defined('$::selinux_current_mode') and $::selinux_current_mode == 'permissive' {
           notice('A reboot is required to fully disable SELinux. SELinux will operate in Permissive mode until a reboot')
         }
       }
-      enforcing: {
+      'enforcing': {
         $sestatus = '1'
       }
       default : {

diff --git a/manifests/fcontext.pp b/manifests/fcontext.pp
@@ -30,6 +30,9 @@
 #         - s = socket
 #         - l = symbolic link
 #         - p = named pipe
+#    - $restorecond: Boolean Value - Run restorecon against the path name upon changes (default true)
+#    - $restorecond_path: Path name to use for restorecon, (default $pathname)
+#
 #
 # Actions:
 #  Runs "semanage fcontext" with options to persistently set the file context
@@ -64,20 +67,37 @@
 #
 define selinux::fcontext (
   $pathname,
-  $destination = undef,
-  $context     = '',
-  $filetype    = false,
-  $filemode    = undef,
-  $equals      = false,
+  $destination         = undef,
+  $context             = undef,
+  $filetype            = false,
+  $filemode            = undef,
+  $equals              = false,
+  $restorecond         = true,
+  $restorecond_path    = undef,
+  $restorecond_recurse = false,
 ) {
 
-  include selinux
+  include ::selinux
 
   validate_absolute_path($pathname)
   validate_bool($filetype, $equals)
 
   if $equals {
     validate_absolute_path($destination)
+  } else {
+    validate_string($context)
+  }
+
+  $restorecond_path_private = $restorecond_path ? {
+    undef   => $pathname,
+    default => $restorecond_path
+  }
+
+  validate_absolute_path($restorecond_path_private)
+
+  $restorecond_resurse_private = $restorecond_recurse ? {
+    true  => '-R ',
+    false => ''
   }
 
   if $equals and $filetype {
@@ -95,11 +115,11 @@
   } elsif $filetype {
     $resource_name = "add_${context}_${pathname}_type_${filemode}"
     $command       = "semanage fcontext -a -f ${filemode} -t ${context} \"${pathname}\""
-    $unless        = "semanage fcontext -l | grep -E \"^${pathname}.*:${context}:\""
+    $unless        = "semanage fcontext -l | grep \"^${pathname}[[:space:]].*:${context}:\""
   } else {
     $resource_name = "add_${context}_${pathname}"
     $command       = "semanage fcontext -a -t ${context} \"${pathname}\""
-    $unless        = "semanage fcontext -l | grep -E \"^${pathname}.*:${context}:\""
+    $unless        = "semanage fcontext -l | grep \"^${pathname}[[:space:]].*:${context}:\""
   }
 
   exec { $resource_name:
@@ -108,4 +128,14 @@
     path    => '/bin:/sbin:/usr/bin:/usr/sbin',
     require => Class['selinux::package'],
   }
+
+  if $restorecond {
+    exec { "restorecond ${resource_name}":
+      path        => '/bin:/sbin:/usr/bin:/usr/sbin',
+      command     => "restorecon ${restorecond_resurse_private}${restorecond_path_private}",
+      refreshonly => true,
+      subscribe   => Exec[$resource_name],
+    }
+  }
+
 }
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -8,7 +8,6 @@
 #  - $type (enforcing|permissive|disabled) - sets the operating state for SELinux.
 #  - $sx_mod_dir (absolute_path) - sets the operating state for SELinux.
 #  - $makefile (string) - the default makefile to use for module compilation
-#  - $module_prefix (string) - sets the prefix for any installed modules
 #  - $manage_package (boolean) - manage the package for selinux tools
 #  - $package_name (string) - sets the name for the selinux tools package
 #
@@ -27,7 +26,6 @@
   $type           = $::selinux::params::type,
   $sx_mod_dir     = $::selinux::params::sx_mod_dir,
   $makefile       = $::selinux::params::makefile,
-  $module_prefix  = $::selinux::params::module_prefix,
   $manage_package = $::selinux::params::manage_package,
   $package_name   = $::selinux::params::package_name,
 
@@ -52,16 +50,15 @@
   validate_absolute_path($sx_mod_dir)
   validate_re($mode_real, ['^enforcing$', '^permissive$', '^disabled$', '^undef$'], "Valid modes are enforcing, permissive, and disabled.  Received: ${mode}")
   validate_re($type_real, ['^targeted$', '^minimum$', '^mls$', '^undef$'], "Valid types are targeted, minimum, and mls.  Received: ${type}")
-  validate_string($module_prefix)
   validate_string($makefile)
   validate_bool($manage_package)
   validate_string($package_name)
 
-  class { 'selinux::package':
+  class { '::selinux::package':
     manage_package => $manage_package,
     package_name   => $package_name,
   } ->
-  class { 'selinux::config': }
+  class { '::selinux::config': }
 
   create_resources('selinux::boolean', $selinux_booleans)
   create_resources('selinux::module', $selinux_modules)

diff --git a/manifests/module.pp b/manifests/module.pp
@@ -28,7 +28,8 @@
 #  }
 #
 define selinux::module(
-  $source,
+  $source       = undef,
+  $content      = undef,
   $ensure       = 'present',
   $makefile     = '/usr/share/selinux/devel/Makefile',
   $prefix       = 'local_',
@@ -37,9 +38,17 @@
 ) {
 
   require selinux
-  
+
   validate_re($ensure, [ '^present$', '^absent$' ], '$ensure must be "present" or "absent"')
-  validate_string($source)
+  if $ensure == 'present' and $source == undef and $content == undef {
+    fail("You must provide 'source' or 'content' field for selinux module")
+  }
+  if $source != undef {
+    validate_string($source)
+  }
+  if $content != undef {
+    validate_string($content)
+  }
   validate_string($prefix)
   validate_absolute_path($sx_mod_dir)
   validate_absolute_path($makefile)
@@ -52,11 +61,12 @@
 
   ## Begin Configuration
   file { "${sx_mod_dir}/${prefix}${name}.te":
-    ensure => $ensure,
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0644',
-    source => $source,
+    ensure  => $ensure,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0644',
+    source  => $source,
+    content => $content,
   }
   ~>
   exec { "${sx_mod_dir}/${prefix}${name}.pp":
@@ -67,11 +77,11 @@
     command     => "make -f ${makefile} ${prefix}${name}.pp",
   }
   ->
-  selmodule { "${prefix}${name}":
+  selmodule { $name:
     # Load the module if it has changed or was not loaded
     # Warning: change the .te version!
-    ensure       => $ensure,
-    selmoduledir => $sx_mod_dir,
-    syncversion  => $syncversion,
+    ensure        => $ensure,
+    selmodulepath => "${sx_mod_dir}/${prefix}${name}.pp",
+    syncversion   => $syncversion,
   }
 }
diff --git a/manifests/package.pp b/manifests/package.pp
@@ -21,8 +21,6 @@
     fail("Use of private class ${name} by ${caller_module_name}")
   }
   if $manage_package {
-    package { $package_name:
-      ensure => installed,
-    }
+    ensure_packages ($package_name)
   }
 }
diff --git a/manifests/params.pp b/manifests/params.pp
@@ -8,24 +8,40 @@
 #
 class selinux::params {
   $makefile       = '/usr/share/selinux/devel/Makefile'
-  $module_prefix  = ''
   $sx_mod_dir     = '/usr/share/selinux'
   $mode           = undef
   $type           = undef
   $manage_package = true
 
+  if $::operatingsystemmajrelease {
+    $os_maj_release = $::operatingsystemmajrelease
+  } else {
+    $os_versions    = split($::operatingsystemrelease, '[.]')
+    $os_maj_release = $os_versions[0]
+  }
+
   case $::osfamily {
     'RedHat': {
       case $::operatingsystem {
         'Fedora': {
           $sx_fs_mount = '/sys/fs/selinux'
-          $package_name = 'policycoreutils-python'
+          case $os_maj_release {
+            '19','20' : {
+              $package_name = 'policycoreutils-python'
+            }
+            '21','22','23','24' : {
+              $package_name = 'policycoreutils-devel'
+            }
+            default: {
+              fail("${::operatingsystem}-${::os_maj_release} is not supported")
+            }
+          }
         }
         default: {
-          case $::operatingsystemmajrelease {
+          case $os_maj_release {
             '7': {
               $sx_fs_mount = '/sys/fs/selinux'
-              $package_name = 'policycoreutils-python'
+              $package_name = 'policycoreutils-devel'
             }
             '6': {
               $sx_fs_mount = '/selinux'
@@ -37,13 +53,13 @@
             }
             '': {
               # Fallback to lsbmajdistrelease, if puppet version is < 3.0
-              if($::lsbmajdistrelease == 5) {
+              if($::lsbmajdistrelease == '5') {
                 $sx_fs_mount = '/selinux'
                 $package_name = 'policycoreutils'
               }
             }
             default: {
-              fail("${::operatingsystem}-${::operatingsystemmajrelease} is not supported")
+              fail("${::operatingsystem}-${::os_maj_release} is not supported")
             }
           }
         }

diff --git a/manifests/permissive.pp b/manifests/permissive.pp
@@ -30,12 +30,12 @@
   $context,
 ) {
 
-  include selinux
+  include ::selinux
 
   exec { "add_${context}":
     command => "semanage permissive -a ${context}",
     unless  => "semanage permissive -l|grep ${context}",
     path    => '/bin:/sbin:/usr/bin:/usr/sbin',
-    require => Class['selinux::package']
+    require => Class['selinux::package'],
   }
 }
diff --git a/manifests/port.pp b/manifests/port.pp
@@ -41,21 +41,21 @@
   $protocol = undef,
 ) {
 
-  include selinux
+  include ::selinux
 
   if $protocol {
     validate_re($protocol, ['^tcp6?$', '^udp6?$'])
-    $protocol_switch="-p ${protocol} "
+    $protocol_switch = "-p ${protocol} "
     $port_exec_command = "add_${context}_${port}_${protocol}"
   } else {
-    $protocol_switch=''
+    $protocol_switch = undef
     $port_exec_command = "add_${context}_${port}"
   }
 
   exec { $port_exec_command:
     command => "semanage port -a -t ${context} ${protocol_switch}${port}",
     unless  => "semanage port -l|grep \"^${context}.*${protocol}.*${port}\"|grep -w ${port}",
     path    => '/bin:/sbin:/usr/bin:/usr/sbin',
-    require => Class['selinux::package']
+    require => Class['selinux::package'],
   }
 }
diff --git a/manifests/restorecond.pp b/manifests/restorecond.pp
@@ -8,8 +8,8 @@
   $config_file_group = $selinux::params::restorecond_config_file_group,
 ) inherits selinux::params {
 
-  include selinux
+  include ::selinux
   Class['selinux'] ->
-  class{'selinux::restorecond::config':} ~>
-  class{'selinux::restorecond::service':}
+  class{'::selinux::restorecond::config':} ~>
+  class{'::selinux::restorecond::service':}
 }
diff --git a/manifests/restorecond/config.pp b/manifests/restorecond/config.pp
@@ -14,6 +14,6 @@
   concat::fragment {'restorecond_config_default':
     target => $selinux::restorecond::config_file,
     source => 'puppet:///modules/selinux/restorecond.conf',
-    order  => '01'
+    order  => '01',
   }
 }