diff --git a/policy/modules/admin/sudo.if b/policy/modules/admin/sudo.if
index 1c1fbe7b2..3a27291e8 100644
--- a/policy/modules/admin/sudo.if
+++ b/policy/modules/admin/sudo.if
@@ -131,10 +131,12 @@ template(`sudo_role_template',`
 
 	userdom_spec_domtrans_all_users($1_sudo_t)
 	userdom_create_all_users_keys($1_sudo_t)
+	userdom_create_user_pty($1_sudo_t)
 	userdom_manage_user_home_content_files($1_sudo_t)
 	userdom_manage_user_home_content_symlinks($1_sudo_t)
 	userdom_manage_user_tmp_files($1_sudo_t)
 	userdom_manage_user_tmp_symlinks($1_sudo_t)
+	userdom_setattr_user_ptys($1_sudo_t)
 	userdom_use_user_terminals($1_sudo_t)
 	# for some PAM modules and for cwd
 	userdom_dontaudit_search_user_home_content($1_sudo_t)