diff --git a/policy/modules/services/amavis.if b/policy/modules/services/amavis.if
index ceb2142..e31d92a 100644
--- a/policy/modules/services/amavis.if
+++ b/policy/modules/services/amavis.if
@@ -183,7 +183,7 @@ interface(`amavis_setattr_pid_files',`
 		type amavis_var_run_t;
 	')
 
-	allow $1 amavis_var_run_t:file setattr;
+	allow $1 amavis_var_run_t:file setattr_file_perms;
 	files_search_pids($1)
 ')
 
diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if
index 0ec0fb0..8846b96 100644
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@@ -209,7 +209,7 @@ interface(`apache_role',`
 
 	allow $2 httpd_user_content_t:{ dir file lnk_file } { relabelto relabelfrom };
 
-	allow $2 httpd_user_htaccess_t:file { manage_file_perms relabelto relabelfrom };
+	allow $2 httpd_user_htaccess_t:file { manage_file_perms relabel_file_perms };
 
 	manage_dirs_pattern($2, httpd_user_ra_content_t, httpd_user_ra_content_t)
 	manage_files_pattern($2, httpd_user_ra_content_t, httpd_user_ra_content_t)
@@ -499,7 +499,7 @@ interface(`apache_setattr_cache_dirs',`
 		type httpd_cache_t;
 	')
 
-	allow $1 httpd_cache_t:dir setattr;
+	allow $1 httpd_cache_t:dir setattr_dir_perms;
 ')
 
 ########################################
@@ -730,7 +730,7 @@ interface(`apache_dontaudit_append_log',`
 		type httpd_log_t;
 	')
 
-	dontaudit $1 httpd_log_t:file { getattr append };
+	dontaudit $1 httpd_log_t:file append_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/apm.if b/policy/modules/services/apm.if
index 8c1c60c..49e6c74 100644
--- a/policy/modules/services/apm.if
+++ b/policy/modules/services/apm.if
@@ -52,7 +52,7 @@ interface(`apm_write_pipes',`
 		type apmd_t;
 	')
 
-	allow $1 apmd_t:fifo_file write; 
+	allow $1 apmd_t:fifo_file write_fifo_file_perms; 
 ')
 
 ########################################
@@ -89,7 +89,7 @@ interface(`apm_append_log',`
 	')
 
 	logging_search_logs($1)
-	allow $1 apmd_log_t:file append;
+	allow $1 apmd_log_t:file append_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/automount.if b/policy/modules/services/automount.if
index 617eead..a43e006 100644
--- a/policy/modules/services/automount.if
+++ b/policy/modules/services/automount.if
@@ -123,7 +123,7 @@ interface(`automount_dontaudit_getattr_tmp_dirs',`
 		type automount_tmp_t;
 	')
 
-	dontaudit $1 automount_tmp_t:dir getattr;
+	dontaudit $1 automount_tmp_t:dir getattr_dir_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/bind.if b/policy/modules/services/bind.if
index b09ef44..7e9d2fb 100644
--- a/policy/modules/services/bind.if
+++ b/policy/modules/services/bind.if
@@ -186,7 +186,7 @@ interface(`bind_write_config',`
 	')
 
 	write_files_pattern($1, named_conf_t, named_conf_t)
-	allow $1 named_conf_t:file setattr;
+	allow $1 named_conf_t:file setattr_file_perms;
 ')
 
 ########################################
@@ -266,7 +266,7 @@ interface(`bind_setattr_pid_dirs',`
 		type named_var_run_t;
 	')
 
-	allow $1 named_var_run_t:dir setattr;
+	allow $1 named_var_run_t:dir setattr_dir_perms;
 ')
 
 ########################################
@@ -284,7 +284,7 @@ interface(`bind_setattr_zone_dirs',`
 		type named_zone_t;
 	')
 
-	allow $1 named_zone_t:dir setattr;
+	allow $1 named_zone_t:dir setattr_dir_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/bluetooth.if b/policy/modules/services/bluetooth.if
index a01ce9f..fa57a6f 100644
--- a/policy/modules/services/bluetooth.if
+++ b/policy/modules/services/bluetooth.if
@@ -92,7 +92,7 @@ interface(`bluetooth_read_config',`
 		type bluetooth_conf_t;
 	')
 
-	allow $1 bluetooth_conf_t:file { getattr read ioctl };
+	allow $1 bluetooth_conf_t:file read_file_perms;
 ')
 
 ########################################
@@ -192,8 +192,8 @@ interface(`bluetooth_dontaudit_read_helper_state',`
 		type bluetooth_helper_t;
 	')
 
-	dontaudit $1 bluetooth_helper_t:dir search;
-	dontaudit $1 bluetooth_helper_t:file { read getattr };
+	dontaudit $1 bluetooth_helper_t:dir search_dir_perms;
+	dontaudit $1 bluetooth_helper_t:file read_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if
index ffd5436..b6402c9 100644
--- a/policy/modules/services/cron.if
+++ b/policy/modules/services/cron.if
@@ -52,7 +52,7 @@ template(`cron_common_crontab_template',`
 	files_list_spool($1_t)
 
 	# crontab signals crond by updating the mtime on the spooldir
-	allow $1_t cron_spool_t:dir setattr;
+	allow $1_t cron_spool_t:dir setattr_dir_perms;
 
 	kernel_read_system_state($1_t)
 
diff --git a/policy/modules/services/dhcp.if b/policy/modules/services/dhcp.if
index aa4da1d..7e129ff 100644
--- a/policy/modules/services/dhcp.if
+++ b/policy/modules/services/dhcp.if
@@ -36,7 +36,7 @@ interface(`dhcpd_setattr_state_files',`
 	')
 
 	sysnet_search_dhcp_state($1)
-	allow $1 dhcpd_state_t:file setattr;
+	allow $1 dhcpd_state_t:file setattr_file_perms;
 ')
 
 ########################################