diff --git a/policy/support/obj_perm_sets.spt b/policy/support/obj_perm_sets.spt
index e3939d6..caa8121 100644
--- a/policy/support/obj_perm_sets.spt
+++ b/policy/support/obj_perm_sets.spt
@@ -201,7 +201,7 @@ define(`getattr_file_perms',`{ getattr }')
 define(`setattr_file_perms',`{ setattr }')
 define(`read_file_perms',`{ getattr open read lock ioctl }')
 define(`mmap_file_perms',`{ getattr open read execute ioctl }')
-define(`exec_file_perms',`{ getattr open read execute execute_no_trans }')
+define(`exec_file_perms',`{ getattr open read execute ioctl execute_no_trans }')
 define(`append_file_perms',`{ getattr open append lock ioctl }')
 define(`write_file_perms',`{ getattr open write append lock ioctl }')
 define(`rw_file_perms',`{ getattr open read write append ioctl lock }')
@@ -225,7 +225,7 @@ define(`rw_lnk_file_perms',`{ getattr read write lock ioctl }')
 define(`create_lnk_file_perms',`{ create getattr }')
 define(`rename_lnk_file_perms',`{ getattr rename }')
 define(`delete_lnk_file_perms',`{ getattr unlink }')
-define(`manage_lnk_file_perms',`{ create read getattr setattr unlink rename }')
+define(`manage_lnk_file_perms',`{ create read getattr setattr link unlink rename }')
 define(`relabelfrom_lnk_file_perms',`{ getattr relabelfrom }')
 define(`relabelto_lnk_file_perms',`{ getattr relabelto }')
 define(`relabel_lnk_file_perms',`{ getattr relabelfrom relabelto }')
@@ -312,3 +312,8 @@ define(`rw_term_perms', `{ getattr open read write ioctl }')
 #
 define(`client_stream_socket_perms', `{ create ioctl read getattr write setattr append bind getopt setopt shutdown }')
 define(`server_stream_socket_perms', `{ client_stream_socket_perms listen accept }')
+
+#
+# Keys
+#
+define(`manage_key_perms', `{ create link read search setattr view write } ')