diff --git a/policy/modules/services/dnsmasq.if b/policy/modules/services/dnsmasq.if
index 016d191..28c0734 100644
--- a/policy/modules/services/dnsmasq.if
+++ b/policy/modules/services/dnsmasq.if
@@ -22,6 +22,25 @@ interface(`dnsmasq_domtrans',`
########################################
##
+## Execute the dnsmasq init script in the init script domain.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+#
+interface(`dnsmasq_initrc_domtrans',`
+ gen_require(`
+ type dnsmasq_initrc_exec_t;
+ ')
+
+ init_labeled_script_domtrans($1, dnsmasq_initrc_exec_t)
+')
+
+########################################
+##
## Send dnsmasq a signal
##
##
diff --git a/policy/modules/services/dnsmasq.te b/policy/modules/services/dnsmasq.te
index 3c3e624..1329f4b 100644
--- a/policy/modules/services/dnsmasq.te
+++ b/policy/modules/services/dnsmasq.te
@@ -1,5 +1,5 @@
-policy_module(dnsmasq, 1.7.2)
+policy_module(dnsmasq, 1.7.3)
########################################
#
@@ -42,8 +42,7 @@ manage_files_pattern(dnsmasq_t, dnsmasq_var_run_t, dnsmasq_var_run_t)
files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, file)
kernel_read_kernel_sysctls(dnsmasq_t)
-kernel_list_proc(dnsmasq_t)
-kernel_read_proc_symlinks(dnsmasq_t)
+kernel_read_system_state(dnsmasq_t)
corenet_all_recvfrom_unlabeled(dnsmasq_t)
corenet_all_recvfrom_netlabel(dnsmasq_t)
@@ -88,6 +87,10 @@ optional_policy(`
')
optional_policy(`
+ tftp_read_content(dnsmasq_t)
+')
+
+optional_policy(`
udev_read_db(dnsmasq_t)
')