container: call podman access in container access

Signed-off-by: Kenton Groombridge <me@concord.sh>

policy/modules/services/container.if

@@ -283,6 +283,10 @@ template(`container_user_role',`
 
 		systemd_user_app_status($1, container_user_domain)
 	')
+
+	optional_policy(`
+		podman_user_role($1, $2, $3, $4)
+	')
 ')
 
 ########################################
@@ -797,4 +801,8 @@ interface(`container_admin',`
 
 	fs_search_tmpfs($1)
 	admin_pattern($1, container_engine_tmpfs_t)
+
+	optional_policy(`
+		podman_admin($1, $2)
+	')
 ')