diff --git a/policy/modules/admin/bootloader.te b/policy/modules/admin/bootloader.te
index 8326af278b..86a94ddd67 100644
--- a/policy/modules/admin/bootloader.te
+++ b/policy/modules/admin/bootloader.te
@@ -93,6 +93,7 @@ dev_rw_nvram(bootloader_t)
fs_list_auto_mountpoints(bootloader_t)
fs_getattr_xattr_fs(bootloader_t)
fs_getattr_dos_fs(bootloader_t)
+fs_create_dos_dirs(bootloader_t)
fs_getattr_tmpfs(bootloader_t)
fs_read_tmpfs_symlinks(bootloader_t)
#Needed for EFI
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 30f5498a7b..b380912fb6 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -2345,6 +2345,23 @@ interface(`fs_getattr_configfs_dirs',`
allow $1 configfs_t:dir getattr;
')
+######################################
+##
+## Search on a configfs filesystem.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`fs_search_configfs_dirs',`
+ gen_require(`
+ type configfs_t;
+ ')
+ allow $1 configfs_t:dir search_dir_perms;
+')
+
#######################################
##
## Create, read, write, and delete dirs
@@ -2553,6 +2570,23 @@ interface(`fs_list_dos',`
list_dirs_pattern($1, dosfs_t, dosfs_t)
')
+######################################
+##
+## Create dirs on a DOS filesystem.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`fs_create_dos_dirs',`
+ gen_require(`
+ type dosfs_t;
+ ')
+ create_dirs_pattern($1, dosfs_t, dosfs_t)
+')
+
########################################
##
## Create, read, write, and delete dirs
diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te
index afb4e42ec4..b0bd0a8d42 100644
--- a/policy/modules/services/virt.te
+++ b/policy/modules/services/virt.te
@@ -1201,6 +1201,8 @@ kernel_getattr_proc(virtlockd_t)
kernel_read_kernel_sysctls(virtlockd_t)
kernel_read_system_state(virtlockd_t)
+corecmd_search_bin(virtlockd_t)
+
dev_read_sysfs(virtlockd_t)
files_read_etc_files(virtlockd_t)
@@ -1208,6 +1210,7 @@ files_list_var_lib(virtlockd_t)
logging_send_syslog_msg(virtlockd_t)
+miscfiles_read_generic_certs(virtlockd_t)
miscfiles_read_localization(virtlockd_t)
virt_append_log(virtlockd_t)
diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index 38743181d6..712f8784ad 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -625,6 +625,23 @@ interface(`init_daemon_lock_file',`
allow initrc_t $1:file manage_file_perms;
')
+########################################
+##
+## Search initrc_t dir.
+##
+##
+##
+## Domain allowed to transition.
+##
+##
+#
+interface(`initrc_daemon_search_dir',`
+ gen_require(`
+ type initrc_t;
+ ')
+ allow $1 initrc_t:dir search_dir_perms;
+')
+
########################################
##
## Execute init (/sbin/init) with a domain transition.
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
index 1417bcb278..687c532e1e 100644
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@@ -115,6 +115,7 @@ fs_relabelfrom_all_fs(mount_t)
fs_rw_tmpfs_chr_files(mount_t)
fs_read_tmpfs_symlinks(mount_t)
fs_dontaudit_write_tmpfs_dirs(mount_t)
+fs_search_configfs_dirs(mount_t)
fs_read_all_image_files(mount_t)
fs_dontaudit_write_all_image_files(mount_t)
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 4188c9547a..c722274b22 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -1156,6 +1156,7 @@ init_stop_all_units(systemd_logind_t)
init_start_system(systemd_logind_t)
init_stop_system(systemd_logind_t)
init_stream_connect(systemd_logind_t)
+initrc_daemon_search_dir(systemd_logind_t)
miscfiles_read_localization(systemd_logind_t)