diff --git a/policy/modules/services/smokeping.if b/policy/modules/services/smokeping.if
index 824d206e2..82652781b 100644
--- a/policy/modules/services/smokeping.if
+++ b/policy/modules/services/smokeping.if
@@ -5,9 +5,9 @@
## Execute a domain transition to run smokeping.
##
##
-##
+##
## Domain allowed to transition.
-##
+##
##
#
interface(`smokeping_domtrans',`
diff --git a/policy/modules/services/smokeping.te b/policy/modules/services/smokeping.te
index 4ca544913..c1add55c5 100644
--- a/policy/modules/services/smokeping.te
+++ b/policy/modules/services/smokeping.te
@@ -23,6 +23,7 @@ files_type(smokeping_var_lib_t)
# smokeping local policy
#
+dontaudit smokeping_t self:capability { dac_read_search dac_override };
allow smokeping_t self:fifo_file rw_fifo_file_perms;
allow smokeping_t self:udp_socket create_socket_perms;
allow smokeping_t self:unix_stream_socket create_stream_socket_perms;
@@ -44,6 +45,7 @@ files_read_usr_files(smokeping_t)
files_search_tmp(smokeping_t)
auth_use_nsswitch(smokeping_t)
+auth_dontaudit_read_shadow(smokeping_t)
logging_send_syslog_msg(smokeping_t)
@@ -63,6 +65,7 @@ optional_policy(`
allow httpd_smokeping_cgi_script_t self:udp_socket create_socket_perms;
+ manage_dirs_pattern(httpd_smokeping_cgi_script_t, smokeping_var_lib_t, smokeping_var_lib_t)
manage_files_pattern(httpd_smokeping_cgi_script_t, smokeping_var_lib_t, smokeping_var_lib_t)
getattr_files_pattern(httpd_smokeping_cgi_script_t, smokeping_var_run_t, smokeping_var_run_t)