diff --git a/policy/modules/services/dovecot.fc b/policy/modules/services/dovecot.fc
index 48ba580..0145445 100644
--- a/policy/modules/services/dovecot.fc
+++ b/policy/modules/services/dovecot.fc
@@ -27,6 +27,8 @@ ifdef(`distro_redhat', `
# /var
#
/var/run/dovecot(-login)?(/.*)? gen_context(system_u:object_r:dovecot_var_run_t,s0)
+# this is a hard link to /var/lib/dovecot/ssl-parameters.dat
+/var/run/dovecot/login/ssl-parameters.dat gen_context(system_u:object_r:dovecot_var_lib_t,s0)
/var/lib/dovecot(/.*)? gen_context(system_u:object_r:dovecot_var_lib_t,s0)
diff --git a/policy/modules/services/dovecot.if b/policy/modules/services/dovecot.if
index 57d55ad..25c188f 100644
--- a/policy/modules/services/dovecot.if
+++ b/policy/modules/services/dovecot.if
@@ -18,3 +18,21 @@ interface(`dovecot_manage_spool',`
manage_files_pattern($1,dovecot_spool_t,dovecot_spool_t)
manage_lnk_files_pattern($1,dovecot_spool_t,dovecot_spool_t)
')
+
+########################################
+##
+## Do not audit attempts to delete dovecot lib files.
+##
+##
+##
+## Domain to not audit.
+##
+##
+#
+interface(`dovecot_dontaudit_unlink_lib_files',`
+ gen_require(`
+ type dovecot_var_lib_t;
+ ')
+
+ dontaudit $1 dovecot_var_lib_t:file unlink;
+')
diff --git a/policy/modules/services/dovecot.te b/policy/modules/services/dovecot.te
index b30af9b..882b8a3 100644
--- a/policy/modules/services/dovecot.te
+++ b/policy/modules/services/dovecot.te
@@ -1,5 +1,5 @@
-policy_module(dovecot,1.7.0)
+policy_module(dovecot,1.7.1)
########################################
#
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index e46e0b9..7e4936c 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -1,5 +1,5 @@
-policy_module(init,1.9.0)
+policy_module(init,1.9.1)
gen_require(`
class passwd rootok;
@@ -559,6 +559,14 @@ optional_policy(`
')
optional_policy(`
+ # /var/run/dovecot/login/ssl-parameters.dat is a hard link to
+ # /var/lib/dovecot/ssl-parameters.dat and init tries to clean up
+ # the directory. But we do not want to allow this.
+ # The master process of dovecot will manage this file.
+ dovecot_dontaudit_unlink_lib_files(initrc_t)
+')
+
+optional_policy(`
ftp_read_config(initrc_t)
')