diff --git a/policy/modules/apps/ptchown.if b/policy/modules/apps/ptchown.if
index cc8a359..f1c2698 100644
--- a/policy/modules/apps/ptchown.if
+++ b/policy/modules/apps/ptchown.if
@@ -18,3 +18,27 @@ interface(`ptchown_domtrans',`
domtrans_pattern($1, ptchown_exec_t, ptchown_t)
')
+########################################
+##
+## Execute ptchown in the ptchown domain, and
+## allow the specified role the ptchown domain.
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+##
+## The role to be allowed the ptchown domain.
+##
+##
+#
+interface(`ptchown_run',`
+ gen_require(`
+ type ptchown_t;
+ ')
+
+ ptchown_domtrans($1)
+ role $2 types ptchown_t;
+')
diff --git a/policy/modules/apps/ptchown.te b/policy/modules/apps/ptchown.te
index 7fbaec6..7f09e01 100644
--- a/policy/modules/apps/ptchown.te
+++ b/policy/modules/apps/ptchown.te
@@ -24,6 +24,7 @@ files_read_etc_files(ptchown_t)
fs_rw_anon_inodefs_files(ptchown_t)
term_setattr_generic_ptys(ptchown_t)
+term_getattr_all_ptys(ptchown_t)
term_setattr_all_ptys(ptchown_t)
term_use_generic_ptys(ptchown_t)
term_use_ptmx(ptchown_t)