diff --git a/policy/modules/services/consolekit.te b/policy/modules/services/consolekit.te
index 1ead55d..ca6cd03 100644
--- a/policy/modules/services/consolekit.te
+++ b/policy/modules/services/consolekit.te
@@ -1,5 +1,5 @@
 
-policy_module(consolekit, 1.5.0)
+policy_module(consolekit, 1.5.1)
 
 ########################################
 #
@@ -108,6 +108,7 @@ optional_policy(`
 optional_policy(`
 	xserver_read_xdm_pid(consolekit_t)
 	xserver_read_user_xauth(consolekit_t)
+	xserver_non_drawing_client(consolekit_t)
 	corenet_tcp_connect_xserver_port(consolekit_t)
 ')
 
diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if
index e34a892..8633a6a 100644
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@@ -234,6 +234,37 @@ interface(`xserver_rw_session',`
 
 #######################################
 ## <summary>
+##	Create non-drawing client sessions on an X server.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xserver_non_drawing_client',`
+	gen_require(`
+		class x_drawable { getattr get_property };
+		class x_extension { query use };
+		class x_gc { create setattr };
+		class x_property read;
+
+		type xserver_t, xdm_var_run_t;
+		type xextension_t, xproperty_t, root_xdrawable_t;
+	')
+
+	allow $1 self:x_gc { create setattr };
+
+	allow $1 xdm_var_run_t:dir search;
+	allow $1 xserver_t:unix_stream_socket connectto;
+
+	allow $1 xextension_t:x_extension { query use };
+	allow $1 root_xdrawable_t:x_drawable { getattr get_property };
+	allow $1 xproperty_t:x_property read;
+')
+
+#######################################
+## <summary>
 ##	Create full client sessions
 ##	on a user X server.
 ## </summary>
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index 89ba2dd..bf0f131 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -1,5 +1,5 @@
 
-policy_module(xserver, 3.3.1)
+policy_module(xserver, 3.3.2)
 
 gen_require(`
 	class x_drawable all_x_drawable_perms;