diff --git a/refpolicy/policy/modules/system/logging.fc b/refpolicy/policy/modules/system/logging.fc
index aee2380..c7d5734 100644
--- a/refpolicy/policy/modules/system/logging.fc
+++ b/refpolicy/policy/modules/system/logging.fc
@@ -16,7 +16,9 @@ ifdef(`distro_suse', `
 ')
 
 /var/log(/.*)?			context_template(system_u:object_r:var_log_t,s0)
-/var/log/audit.log		context_template(system_u:object_r:auditd_log_t,s0)
+/var/log/audit.log	--	context_template(system_u:object_r:auditd_log_t,s0)
+
+/var/log/audit(/.*)?		context_template(system_u:object_r:auditd_log_t,s0)
 
 /var/run/klogd\.pid	--	context_template(system_u:object_r:klogd_var_run_t,s0)
 /var/run/log		-s	context_template(system_u:object_r:devlog_t,s0)
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index 269e7e7..72b4fe5 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -9,7 +9,7 @@ policy_module(logging,1.0)
 attribute logfile;
 
 type auditd_log_t;
-logging_log_file(auditd_log_t)
+files_type(auditd_log_t)
 
 type auditd_t;
 type auditd_exec_t;
@@ -49,10 +49,12 @@ files_type(var_log_t)
 # Auditd local policy
 #
 
-allow auditd_t self:capability { audit_write audit_control };
+allow auditd_t self:capability { audit_write audit_control sys_nice sys_resource };
 dontaudit auditd_t self:capability sys_tty_config;
+allow auditd_t self:process setsched;
 allow auditd_t self:netlink_audit_socket { bind create getattr nlmsg_read nlmsg_write read write };
 
+allow auditd_t auditd_log_t:dir rw_dir_perms;
 allow auditd_t auditd_log_t:file create_file_perms;
 
 allow auditd_t auditd_var_run_t:file create_file_perms;