diff --git a/policy/modules/admin/logwatch.te b/policy/modules/admin/logwatch.te
index 9c77bcdb8..ae02e39b0 100644
--- a/policy/modules/admin/logwatch.te
+++ b/policy/modules/admin/logwatch.te
@@ -38,14 +38,14 @@ role system_r types logwatch_mail_t;
 #
 
 allow logwatch_t self:capability { dac_override dac_read_search setgid };
-allow logwatch_t self:process signal;
+allow logwatch_t self:process { signal getsched };
 allow logwatch_t self:fifo_file rw_fifo_file_perms;
 allow logwatch_t self:unix_stream_socket { accept listen };
 
 manage_dirs_pattern(logwatch_t, logwatch_cache_t, logwatch_cache_t)
 manage_files_pattern(logwatch_t, logwatch_cache_t, logwatch_cache_t)
 
-allow logwatch_t logwatch_lock_t:file manage_file_perms;
+manage_files_pattern(logwatch_t, logwatch_lock_t, logwatch_lock_t)
 files_lock_filetrans(logwatch_t, logwatch_lock_t, file)
 
 manage_dirs_pattern(logwatch_t, logwatch_tmp_t, logwatch_tmp_t)
@@ -191,4 +191,5 @@ logging_read_all_logs(logwatch_mail_t)
 optional_policy(`
 	cron_use_system_job_fds(logwatch_mail_t)
 	cron_rw_system_job_pipes(logwatch_mail_t)
+	cron_rw_pipes(logwatch_mail_t)
 ')