diff --git a/policy/modules/admin/bootloader.fc b/policy/modules/admin/bootloader.fc

index 7a6f06f..e117271 100644

--- a/policy/modules/admin/bootloader.fc

+++ b/policy/modules/admin/bootloader.fc

@@ -1,9 +1,11 @@

-

+/etc/default/grub	--	gen_context(system_u:object_r:bootloader_etc_t,s0)

 /etc/lilo\.conf.*	--	gen_context(system_u:object_r:bootloader_etc_t,s0)

 /etc/yaboot\.conf.*	--	gen_context(system_u:object_r:bootloader_etc_t,s0)

-/sbin/grub		--	gen_context(system_u:object_r:bootloader_exec_t,s0)

+/sbin/grub.*	--	gen_context(system_u:object_r:bootloader_exec_t,s0)

+/sbin/installkernel	--	gen_context(system_u:object_r:bootloader_exec_t,s0)

 /sbin/lilo.*		--	gen_context(system_u:object_r:bootloader_exec_t,s0)

+/sbin/new-kernel-pkg	--	gen_context(system_u:object_r:bootloader_exec_t,s0)

 /sbin/ybin.*		--	gen_context(system_u:object_r:bootloader_exec_t,s0)

 /usr/sbin/grub		--	gen_context(system_u:object_r:bootloader_exec_t,s0)

diff --git a/policy/modules/admin/permissivedomains.te b/policy/modules/admin/permissivedomains.te

index f95087c..e7d705e 100644

--- a/policy/modules/admin/permissivedomains.te

+++ b/policy/modules/admin/permissivedomains.te

@@ -2,6 +2,14 @@

 optional_policy(`

       gen_require(`

+             type bootloader_t;

+      ')

+

+      permissive bootloader_t;

+')

+

+optional_policy(`

+      gen_require(`

              type systemd_logger_t;

       ')