diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 953c829..f78f65c 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,5 +1,5 @@
 
-policy_module(files, 1.12.5)
+policy_module(files, 1.12.6)
 
 ########################################
 #
diff --git a/policy/modules/system/modutils.te b/policy/modules/system/modutils.te
index 2e1cdf1..022f174 100644
--- a/policy/modules/system/modutils.te
+++ b/policy/modules/system/modutils.te
@@ -1,5 +1,5 @@
 
-policy_module(modutils, 1.9.3)
+policy_module(modutils, 1.9.4)
 
 gen_require(`
 	bool secure_mode_insmod;
@@ -303,6 +303,11 @@ ifdef(`distro_gentoo',`
 	files_search_pids(update_modules_t)
 	files_getattr_usr_src_files(update_modules_t)
 	files_list_isid_type_dirs(update_modules_t) # /var
+
+	# update-modules on Gentoo throws errors when run because it
+	# sources /etc/init.d/functions.sh, which always scans
+	# /var/lib/init.d to set SOFTLEVEL environment var.
+	# This is never used by update-modules.
 	files_dontaudit_search_var_lib(update_modules_t)
 	init_dontaudit_read_script_status_files(update_modules_t)