diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if
index 846518b..f824074 100644
--- a/policy/modules/services/postgresql.if
+++ b/policy/modules/services/postgresql.if
@@ -195,7 +195,7 @@ interface(`postgresql_search_db',`
 		type postgresql_db_t;
 	')
 
-	allow $1 postgresql_db_t:dir search;
+	allow $1 postgresql_db_t:dir search_dir_perms;
 ')
 
 ########################################
@@ -214,7 +214,7 @@ interface(`postgresql_manage_db',`
 
 	allow $1 postgresql_db_t:dir rw_dir_perms;
 	allow $1 postgresql_db_t:file rw_file_perms;
-	allow $1 postgresql_db_t:lnk_file { getattr read };
+	allow $1 postgresql_db_t:lnk_file read_lnk_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/razor.if b/policy/modules/services/razor.if
index 5850449..6be9012 100644
--- a/policy/modules/services/razor.if
+++ b/policy/modules/services/razor.if
@@ -47,7 +47,7 @@ template(`razor_common_domain_template',`
 	# Read system config file
 	allow $1_t razor_etc_t:dir list_dir_perms;
 	allow $1_t razor_etc_t:file read_file_perms;
-	allow $1_t razor_etc_t:lnk_file { getattr read };
+	allow $1_t razor_etc_t:lnk_file read_lnk_file_perms;
 
 	manage_dirs_pattern($1_t, razor_log_t, razor_log_t)
 	manage_files_pattern($1_t, razor_log_t, razor_log_t)
diff --git a/policy/modules/services/rgmanager.if b/policy/modules/services/rgmanager.if
index c8b7eec..9c2c963 100644
--- a/policy/modules/services/rgmanager.if
+++ b/policy/modules/services/rgmanager.if
@@ -91,7 +91,7 @@ interface(`rgmanager_rw_semaphores',`
 		type rgmanager_t;
 	')
 
-	allow $1 rgmanager_t:sem { unix_read unix_write associate read write };
+	allow $1 rgmanager_t:sem rw_sem_perms;
 ')
 
 ######################################
diff --git a/policy/modules/services/ricci.if b/policy/modules/services/ricci.if
index 53e3ac1..3128dd8 100644
--- a/policy/modules/services/ricci.if
+++ b/policy/modules/services/ricci.if
@@ -89,7 +89,7 @@ interface(`ricci_dontaudit_rw_modcluster_pipes',`
 		type ricci_modcluster_t;
 	')
 
-	dontaudit $1 ricci_modcluster_t:fifo_file { read write };
+	dontaudit $1 ricci_modcluster_t:fifo_file rw_inherited_fifo_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/rpc.if b/policy/modules/services/rpc.if
index a324444..28e7576 100644
--- a/policy/modules/services/rpc.if
+++ b/policy/modules/services/rpc.if
@@ -156,7 +156,7 @@ interface(`rpc_dontaudit_getattr_exports',`
 		type exports_t;
 	')
 
-	dontaudit $1 exports_t:file getattr;
+	dontaudit $1 exports_t:file getattr_file_perms;
 ')
 
 ########################################
@@ -192,7 +192,7 @@ interface(`rpc_write_exports',`
 		type exports_t;
 	')
 
-	allow $1 exports_t:file write;
+	allow $1 exports_t:file write_file_perms;
 ')
 
 ########################################
@@ -306,7 +306,7 @@ interface(`rpc_read_nfs_content',`
 
 	allow $1 { nfsd_ro_t nfsd_rw_t }:dir list_dir_perms;
 	allow $1 { nfsd_ro_t nfsd_rw_t }:file read_file_perms;
-	allow $1 { nfsd_ro_t nfsd_rw_t }:lnk_file { getattr read };
+	allow $1 { nfsd_ro_t nfsd_rw_t }:lnk_file read_lnk_file_perms;
 ')
 
 ########################################
@@ -399,7 +399,7 @@ interface(`rpc_search_nfs_state_data',`
 	')
 
 	files_search_var_lib($1)
-	allow $1 var_lib_nfs_t:dir search;
+	allow $1 var_lib_nfs_t:dir search_dir_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if
index cd2798a..1cc3a1e 100644
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@@ -47,7 +47,7 @@ interface(`xserver_restricted_role',`
 	manage_files_pattern($2, user_fonts_cache_t, user_fonts_cache_t)
 
 	stream_connect_pattern($2, xserver_tmp_t, xserver_tmp_t, xserver_t)
-	allow $2 xserver_tmp_t:sock_file unlink;
+	allow $2 xserver_tmp_t:sock_file delete_sock_file_perms;
 	files_search_tmp($2)
 
 	# Communicate via System V shared memory.
@@ -271,7 +271,7 @@ interface(`xserver_non_drawing_client',`
 
 	allow $1 self:x_gc { create setattr };
 
-	allow $1 xdm_var_run_t:dir search;
+	allow $1 xdm_var_run_t:dir search_dir_perms;
 	allow $1 xserver_t:unix_stream_socket connectto;
 
 	allow $1 xextension_t:x_extension { query use };
@@ -313,7 +313,7 @@ interface(`xserver_user_client',`
 	# for when /tmp/.X11-unix is created by the system
 	allow $1 xdm_t:fd use;
 	allow $1 xdm_t:fifo_file rw_inherited_fifo_file_perms;
-	allow $1 xdm_tmp_t:dir search;
+	allow $1 xdm_tmp_t:dir search_dir_perms;
 	allow $1 xdm_tmp_t:sock_file { read write };
 	dontaudit $1 xdm_t:tcp_socket { read write };