diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 7dcf61a3a..1859de79f 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -1576,6 +1576,7 @@ files_read_etc_files(systemd_sysctl_t)
 
 fs_getattr_all_fs(systemd_sysctl_t)
 fs_search_cgroup_dirs(systemd_sysctl_t)
+fs_search_ramfs(systemd_sysctl_t)
 
 systemd_log_parse_environment(systemd_sysctl_t)
 
@@ -1865,7 +1866,7 @@ seutil_libselinux_linked(systemd_user_session_type)
 # systemd-userdbd local policy
 #
 
-allow systemd_userdbd_t self:capability dac_read_search;
+allow systemd_userdbd_t self:capability { dac_read_search sys_resource };
 allow systemd_userdbd_t self:process signal;
 allow systemd_userdbd_t self:unix_stream_socket create_stream_socket_perms;