diff --git a/policy/modules/apps/wireshark.if b/policy/modules/apps/wireshark.if
index 9cad4afe6..e02aa734f 100644
--- a/policy/modules/apps/wireshark.if
+++ b/policy/modules/apps/wireshark.if
@@ -4,30 +4,41 @@
 ## <summary>
 ##	Role access for wireshark.
 ## </summary>
-## <param name="role">
+## <param name="role_prefix">
 ##	<summary>
-##	Role allowed access.
+##	The prefix of the user role (e.g., user
+##	is the prefix for user_r).
 ##	</summary>
 ## </param>
-## <param name="domain">
+## <param name="user_domain">
 ##	<summary>
 ##	User domain for the role.
 ##	</summary>
 ## </param>
+## <param name="user_exec_domain">
+##	<summary>
+##	User exec domain for execute and transition access.
+##	</summary>
+## </param>
+## <param name="role">
+##	<summary>
+##	Role allowed access
+##	</summary>
+## </param>
 #
-interface(`wireshark_role',`
+template(`wireshark_role',`
 	gen_require(`
 		attribute_role wireshark_roles;
 		type wireshark_t, wireshark_exec_t, wireshark_home_t;
 		type wireshark_tmp_t, wireshark_tmpfs_t;
 	')
 
-	roleattribute $1 wireshark_roles;
+	roleattribute $4 wireshark_roles;
 
-	domtrans_pattern($2, wireshark_exec_t, wireshark_t)
+	domtrans_pattern($3, wireshark_exec_t, wireshark_t)
 
-	allow $2 wireshark_t:process { ptrace signal_perms };
-	ps_process_pattern($2, wireshark_t)
+	allow $3 wireshark_t:process { ptrace signal_perms };
+	ps_process_pattern($3, wireshark_t)
 
 	allow $2 { wireshark_tmp_t wireshark_home_t wireshark_tmpfs_t }:dir { manage_dir_perms relabel_dir_perms };
 	allow $2 { wireshark_tmp_t wireshark_home_t wireshark_tmpfs_t }:file { manage_file_perms relabel_file_perms };
@@ -35,6 +46,10 @@ interface(`wireshark_role',`
 	allow $2 wireshark_tmpfs_t:sock_file { manage_sock_file_perms relabel_sock_file_perms };
 	allow $2 wireshark_tmpfs_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms };
 	userdom_user_home_dir_filetrans($2, wireshark_home_t, dir, ".wireshark")
+
+	optional_policy(`
+		systemd_user_app_status($1, wireshark_t)
+	')
 ')
 
 ########################################
diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
index bb5325e31..4f17f9cd6 100644
--- a/policy/modules/roles/staff.te
+++ b/policy/modules/roles/staff.te
@@ -203,7 +203,7 @@ ifndef(`distro_redhat',`
 	')
 
 	optional_policy(`
-		wireshark_role(staff_r, staff_t)
+		wireshark_role(staff, staff_t, staff_application_exec_domain, staff_r)
 	')
 
 	optional_policy(`
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index d81c87956..3c4f5b14c 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -1172,7 +1172,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	wireshark_role(sysadm_r, sysadm_t)
+	wireshark_role(sysadm, sysadm_t, sysadm_application_exec_domain, sysadm_r)
 ')
 
 optional_policy(`
diff --git a/policy/modules/roles/unprivuser.te b/policy/modules/roles/unprivuser.te
index fb0b94637..dcd5bb413 100644
--- a/policy/modules/roles/unprivuser.te
+++ b/policy/modules/roles/unprivuser.te
@@ -187,7 +187,7 @@ ifndef(`distro_redhat',`
 	')
 
 	optional_policy(`
-		wireshark_role(user_r, user_t)
+		wireshark_role(user, user_t, user_application_exec_domain, user_r)
 	')
 
 	optional_policy(`