diff --git a/SOURCES/0001-Allow-logrotate-to-manage-virt_cache.patch b/SOURCES/0001-Allow-logrotate-to-manage-virt_cache.patch
new file mode 100644
index 0000000..179b606
--- /dev/null
+++ b/SOURCES/0001-Allow-logrotate-to-manage-virt_cache.patch
@@ -0,0 +1,27 @@
+From 07307749228489a630c126d953ff701de15c7e77 Mon Sep 17 00:00:00 2001
+From: Dan Walsh <dwalsh@redhat.com>
+Date: Mon, 14 Jul 2014 08:50:01 -0400
+Subject: [PATCH] Allow logrotate to manage virt_cache
+
+---
+ logrotate.te | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/logrotate.te b/logrotate.te
+index 17ea89c..7908e77 100644
+--- a/logrotate.te
++++ b/logrotate.te
+@@ -292,6 +292,10 @@ optional_policy(`
+ 	varnishd_manage_log(logrotate_t)
+ ')
+ 
++optional_policy(`
++	virt_manage_cache(logrotate_t)
++')
++
+ #######################################
+ #
+ # logrotate_mail local policy
+-- 
+2.1.0
+
diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec
index c8452a0..0dc7050 100644
--- a/SPECS/selinux-policy.spec
+++ b/SPECS/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.12.1
-Release: 153%{?dist}.11
+Release: 153%{?dist}.12
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -27,6 +27,7 @@ patch: policy-f20-base.patch
 patch1: policy-f20-contrib.patch
 patch2: policy-rhel-7.0.z-base.patch
 patch3: policy-rhel-7.0.z-contrib.patch
+patch4: 0001-Allow-logrotate-to-manage-virt_cache.patch
 Source1: modules-targeted-base.conf 
 Source31: modules-targeted-contrib.conf
 Source2: booleans-targeted.conf
@@ -319,6 +320,7 @@ Based off of reference policy: Checked out revision  2.20091117
 %setup -n serefpolicy-contrib-%{version} -q -b 29
 %patch1 -p1
 %patch3 -p1
+%patch4 -p1
 contrib_path=`pwd`
 %setup -n serefpolicy-%{version} -q
 %patch -p1
@@ -583,6 +585,10 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Tue Nov 4 2014 Miroslav Grepl <mgrepl@redhat.com> 3.12.1-153.el7_0.12
+- Allow logrotate to manage virt_cache_t type
+Resolves:#1159834
+
 * Fri Aug 22 2014 Miroslav Grepl <mgrepl@redhat.com> 3.12.1-153.el7_0.11
 - Back port OpenStack fixes
 - Allow mdadm to connect to own socket created by mdadm running as kernel_t