diff --git a/policy/modules/services/policykit.te b/policy/modules/services/policykit.te
index 82e9d5557e..78b8a92a39 100644
--- a/policy/modules/services/policykit.te
+++ b/policy/modules/services/policykit.te
@@ -76,6 +76,7 @@ allow policykit_t self:unix_stream_socket { accept connectto listen };
 
 rw_files_pattern(policykit_t, policykit_reload_t, policykit_reload_t)
 
+allow policykit_t policykit_var_lib_t:dir watch;
 manage_files_pattern(policykit_t, policykit_var_lib_t, policykit_var_lib_t)
 
 manage_dirs_pattern(policykit_t, policykit_runtime_t, policykit_runtime_t)