diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index a19739412..1339c011e 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -486,6 +486,26 @@ interface(`miscfiles_read_hwdata',`
 	read_lnk_files_pattern($1, hwdata_t, hwdata_t)
 ')
 
+########################################
+## <summary>
+##	Allow process to get the attributes of localization info
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`miscfiles_getattr_localization',`
+	gen_require(`
+		type locale_t;
+	')
+
+	files_search_usr($1)
+	allow $1 locale_t:dir list_dir_perms;
+	allow $1 locale_t:file getattr;
+')
+
 ########################################
 ## <summary>
 ##	Allow process to setattr localization info
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 0d55588ed..69f6d846c 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -438,11 +438,12 @@ allow systemd_generator_t self:capability dac_override;
 allow systemd_generator_t self:process setfscreate;
 
 corecmd_exec_shell(systemd_generator_t)
-corecmd_getattr_bin_files(systemd_generator_t)
+corecmd_exec_bin(systemd_generator_t)
 
 dev_read_sysfs(systemd_generator_t)
 dev_write_kmsg(systemd_generator_t)
 dev_write_sysfs_dirs(systemd_generator_t)
+dev_read_urand(systemd_generator_t)
 
 files_read_etc_files(systemd_generator_t)
 files_search_runtime(systemd_generator_t)
@@ -479,6 +480,8 @@ systemd_log_parse_environment(systemd_generator_t)
 
 term_use_unallocated_ttys(systemd_generator_t)
 
+udev_search_runtime(systemd_generator_t)
+
 ifdef(`distro_gentoo',`
 	corecmd_shell_entry_type(systemd_generator_t)
 ')