diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index b2105d123..11b15dbbf 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -2931,6 +2931,28 @@ interface(`userdom_relabel_user_tmpfs_files',`
 	fs_search_tmpfs($1)
 ')
 
+########################################
+## <summary>
+##	Make the specified type usable in 
+##	the directory /run/user/%{USERID}/.
+## </summary>
+## <param name="type">
+##	<summary>
+##	Type to be used as a file in the
+##	user_runtime_content_dir_t.
+##	</summary>
+## </param>
+#
+interface(`userdom_user_runtime_content',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	typeattribute $1 user_runtime_content_type;
+	files_type($1)
+	ubac_constrained($1)
+')
+
 ########################################
 ## <summary>
 ##	Search users runtime directories.
@@ -3098,7 +3120,139 @@ interface(`userdom_delete_user_runtime_files',`
 	')
 
 	allow $1 user_runtime_t:dir list_dir_perms;
-	allow $1 user_runtime_t:file unlink;
+	allow $1 user_runtime_t:file delete_file_perms;
+')
+
+########################################
+## <summary>
+##	Search users runtime directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_search_all_user_runtime',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir search_dir_perms;
+	userdom_search_user_runtime_root($1)
+')
+
+########################################
+## <summary>
+##	List user runtime directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_list_all_user_runtime',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir list_dir_perms;
+	userdom_search_user_runtime($1)
+')
+
+########################################
+## <summary>
+##	delete user runtime directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_delete_all_user_runtime_dirs',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir { delete_dir_perms del_entry_dir_perms list_dir_perms };
+')
+
+########################################
+## <summary>
+##	delete user runtime files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_delete_all_user_runtime_files',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir list_dir_perms;
+	allow $1 user_runtime_content_type:file delete_file_perms;
+')
+
+########################################
+## <summary>
+##	delete user runtime symlink files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_delete_all_user_runtime_symlinks',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir list_dir_perms;
+	allow $1 user_runtime_content_type:fifo_file delete_lnk_file_perms;
+')
+
+########################################
+## <summary>
+##	delete user runtime fifo files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_delete_all_user_runtime_named_pipes',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir list_dir_perms;
+	allow $1 user_runtime_content_type:fifo_file delete_fifo_file_perms;
+')
+
+########################################
+## <summary>
+##	delete user runtime socket files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`userdom_delete_all_user_runtime_named_sockets',`
+	gen_require(`
+		attribute user_runtime_content_type;
+	')
+
+	allow $1 user_runtime_content_type:dir list_dir_perms;
+	allow $1 user_runtime_content_type:file delete_sock_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
index 8abd6dbe6..5dab993c8 100644
--- a/policy/modules/system/userdomain.te
+++ b/policy/modules/system/userdomain.te
@@ -75,6 +75,9 @@ attribute unpriv_userdomain;
 
 attribute user_home_content_type;
 
+# dirs/files/etc created in /run/user/%{USERID}/
+attribute user_runtime_content_type;
+
 type user_home_dir_t alias { staff_home_dir_t sysadm_home_dir_t secadm_home_dir_t auditadm_home_dir_t unconfined_home_dir_t };
 fs_associate_tmpfs(user_home_dir_t)
 files_type(user_home_dir_t)
@@ -128,3 +131,4 @@ files_poly(user_runtime_t)
 files_poly_member(user_runtime_t)
 files_poly_parent(user_runtime_t)
 ubac_constrained(user_runtime_t)
+userdom_user_runtime_content(user_runtime_t)