diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index 21547ab27..66c339849 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -186,6 +186,10 @@ files_type(xdm_var_lib_t)
 type xdm_var_run_t;
 files_pid_file(xdm_var_run_t)
 
+# type for /run/user/%{USERID}/*
+type xdm_runtime_t;
+userdom_user_runtime_content(xdm_runtime_t)
+
 type xdm_tmp_t;
 files_tmp_file(xdm_tmp_t)
 typealias xdm_tmp_t alias ice_tmp_t;
@@ -345,6 +349,10 @@ files_lock_filetrans(xdm_t, xdm_lock_t, file)
 # this is ugly, daemons should not create files under /etc!
 manage_files_pattern(xdm_t, xdm_rw_etc_t, xdm_rw_etc_t)
 
+# files in /run/user/%{USERID}/*
+manage_dirs_pattern(xdm_t, xdm_runtime_t, xdm_runtime_t)
+manage_files_pattern(xdm_t, xdm_runtime_t, xdm_runtime_t)
+
 manage_dirs_pattern(xdm_t, xdm_tmp_t, xdm_tmp_t)
 manage_files_pattern(xdm_t, xdm_tmp_t, xdm_tmp_t)
 manage_sock_files_pattern(xdm_t, xdm_tmp_t, xdm_tmp_t)
@@ -493,6 +501,7 @@ userdom_create_all_users_keys(xdm_t)
 # Search /proc for any user domain processes.
 userdom_read_all_users_state(xdm_t)
 userdom_signal_all_users(xdm_t)
+userdom_user_runtime_filetrans(xdm_t, xdm_runtime_t, dir)
 
 # for .dmrc: this was used by the Gnome Display Manager (gdm)
 # and it is now obsolete in Gnome3