diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 899171aa2..62e0e0585 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -845,6 +845,24 @@ interface(`auth_rw_shadow_lock',`
rw_files_pattern($1, shadow_lock_t, shadow_lock_t)
')
+########################################
+##
+## Search faillock directory (/run/faillock).
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`auth_search_faillog',`
+ gen_require(`
+ type faillog_t;
+ ')
+
+ allow $1 faillog_t:dir search_dir_perms;
+')
+
#######################################
##
## Append to the login failure log.
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index fb4dddc29..ebc1abc10 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -294,6 +294,7 @@ auth_use_nsswitch(newrole_t)
auth_run_chk_passwd(newrole_t, newrole_roles)
auth_run_upd_passwd(newrole_t, newrole_roles)
auth_rw_faillog(newrole_t)
+auth_search_faillog(newrole_t)
# Write to utmp.
init_rw_utmp(newrole_t)
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index 6af242108..b5607a2da 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -73,6 +73,7 @@ allow dhcpc_t self:tcp_socket create_stream_socket_perms;
allow dhcpc_t self:udp_socket create_socket_perms;
allow dhcpc_t self:packet_socket create_socket_perms;
allow dhcpc_t self:netlink_generic_socket create_socket_perms;
+allow dhcpc_t self:netlink_kobject_uevent_socket create_socket_perms;
allow dhcpc_t self:netlink_route_socket create_netlink_socket_perms;
allow dhcpc_t self:rawip_socket create_socket_perms;
allow dhcpc_t self:unix_dgram_socket { create_socket_perms sendto };
@@ -266,6 +267,10 @@ optional_policy(`
seutil_dontaudit_search_config(dhcpc_t)
')
+optional_policy(`
+ udev_read_runtime_files(dhcpc_t)
+')
+
optional_policy(`
userdom_use_all_users_fds(dhcpc_t)
')