diff --git a/policy/modules/apps/gitosis.if b/policy/modules/apps/gitosis.if
index d9d222d..a4f3491 100644
--- a/policy/modules/apps/gitosis.if
+++ b/policy/modules/apps/gitosis.if
@@ -43,3 +43,44 @@ interface(`gitosis_run',`
 	role $2 types gitosis_t;
 ')
 
+#######################################
+## <summary>
+##	Allow the specified domain to read
+##	gitosis lib files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`gitosis_read_lib_files',`
+	gen_require(`
+		type gitosis_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	read_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+	read_lnk_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+	list_dirs_pattern(%1, gitosis_var_lib_t, gitosis_var_lib_t)
+')
+
+######################################
+## <summary>
+##	Allow the specified domain to manage
+##	gitosis lib files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`gitosis_manage_lib_files',`
+	gen_require(`
+		type gitosis_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	manage_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
+')