diff --git a/policy/modules/services/rpcbind.fc b/policy/modules/services/rpcbind.fc
index 104df47ff..7bcfe6f6b 100644
--- a/policy/modules/services/rpcbind.fc
+++ b/policy/modules/services/rpcbind.fc
@@ -1,3 +1,5 @@
+/etc/rc.d/init.d/rpcbind --	gen_context(system_u:object_r:rpcbind_initrc_exec_t,s0)
+
 /sbin/rpcbind		--	gen_context(system_u:object_r:rpcbind_exec_t,s0)
 
 /var/lib/rpcbind(/.*)?		gen_context(system_u:object_r:rpcbind_var_lib_t,s0)
diff --git a/policy/modules/services/rpcbind.if b/policy/modules/services/rpcbind.if
index 7a74f11e4..567177ee9 100644
--- a/policy/modules/services/rpcbind.if
+++ b/policy/modules/services/rpcbind.if
@@ -95,3 +95,35 @@ interface(`rpcbind_manage_lib_files',`
 	manage_files_pattern($1, rpcbind_var_lib_t, rpcbind_var_lib_t)
 	files_search_var_lib($1)
 ')
+
+########################################
+## <summary>
+##	All of the rules required to administrate 
+##	an rpcbind environment
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="role">
+##	<summary>
+##	The role to be allowed to manage the rpcbind domain.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`rpcbind_admin',`
+	gen_require(`
+		type rpcbind_t, rpcbind_var_lib_t, rpcbind_var_run_t;
+		type rpcbind_initrc_exec_t;
+	')
+
+	allow $1 rpcbind_t:process { ptrace signal_perms };
+	ps_process_pattern($1, rpcbind_t)
+	        
+	init_labeled_script_somtrans($1, rbcbind_initrc_exec_t)
+	domain_system_change_exemption($1)
+	role_transition $2 rpcbind_initrc_exec_t system_r;
+	allow $2 system_r;
+')
diff --git a/policy/modules/services/rpcbind.te b/policy/modules/services/rpcbind.te
index c2a2ae1e4..a330aa335 100644
--- a/policy/modules/services/rpcbind.te
+++ b/policy/modules/services/rpcbind.te
@@ -1,5 +1,5 @@
 
-policy_module(rpcbind, 1.1.0)
+policy_module(rpcbind, 1.1.1)
 
 ########################################
 #
@@ -10,6 +10,9 @@ type rpcbind_t;
 type rpcbind_exec_t;
 init_daemon_domain(rpcbind_t, rpcbind_exec_t)
 
+type rpcbind_initrc_exec_t;
+init_script_file(rpcbind_initrc_exec_t)
+
 type rpcbind_var_run_t;
 files_pid_file(rpcbind_var_run_t)
 
@@ -21,7 +24,7 @@ files_type(rpcbind_var_lib_t)
 # rpcbind local policy
 #
 
-allow rpcbind_t self:capability setuid;
+allow rpcbind_t self:capability { dac_override setgid setuid sys_tty_config };
 allow rpcbind_t self:fifo_file rw_file_perms;
 allow rpcbind_t self:unix_stream_socket create_stream_socket_perms;
 allow rpcbind_t self:netlink_route_socket r_netlink_socket_perms;
@@ -37,6 +40,7 @@ manage_files_pattern(rpcbind_t, rpcbind_var_lib_t, rpcbind_var_lib_t)
 manage_sock_files_pattern(rpcbind_t, rpcbind_var_lib_t, rpcbind_var_lib_t)
 files_var_lib_filetrans(rpcbind_t, rpcbind_var_lib_t, { file dir sock_file })
 
+kernel_read_system_state(rpcbind_t)
 kernel_read_network_state(rpcbind_t)
 
 corenet_all_recvfrom_unlabeled(rpcbind_t)
@@ -65,3 +69,7 @@ logging_send_syslog_msg(rpcbind_t)
 miscfiles_read_localization(rpcbind_t)
 
 sysnet_dns_name_resolve(rpcbind_t)
+
+ifdef(`hide_broken_symptoms',`
+	dontaudit rpcbind_t self:udp_socket listen;
+')