diff --git a/policy/modules/services/amavis.if b/policy/modules/services/amavis.if
index adb3d5f01..ceb214243 100644
--- a/policy/modules/services/amavis.if
+++ b/policy/modules/services/amavis.if
@@ -56,7 +56,7 @@ interface(`amavis_read_spool_files',`
')
files_search_spool($1)
- allow $1 amavis_spool_t:file read_file_perms;
+ read_files_pattern($1, amavis_spool_t, amavis_spool_t)
')
########################################
@@ -208,7 +208,7 @@ interface(`amavis_create_pid_files',`
########################################
##
-## All of the rules required to administrate
+## All of the rules required to administrate
## an amavis environment
##
##
diff --git a/policy/modules/services/amavis.te b/policy/modules/services/amavis.te
index 3e8002ac4..c3a1903a3 100644
--- a/policy/modules/services/amavis.te
+++ b/policy/modules/services/amavis.te
@@ -92,9 +92,10 @@ manage_sock_files_pattern(amavis_t, amavis_var_log_t, amavis_var_log_t)
logging_log_filetrans(amavis_t, amavis_var_log_t, { sock_file file dir })
# pid file
+manage_dirs_pattern(amavis_t, amavis_var_run_t, amavis_var_run_t)
manage_files_pattern(amavis_t, amavis_var_run_t, amavis_var_run_t)
manage_sock_files_pattern(amavis_t, amavis_var_run_t, amavis_var_run_t)
-files_pid_filetrans(amavis_t, amavis_var_run_t, { file sock_file })
+files_pid_filetrans(amavis_t, amavis_var_run_t, { dir file sock_file })
kernel_read_kernel_sysctls(amavis_t)
# amavis tries to access /proc/self/stat, /etc/shadow and /root - perl...