diff --git a/policy/modules/admin/usermanage.te b/policy/modules/admin/usermanage.te
index 14423eb15c..0d84c0c44c 100644
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@@ -303,7 +303,7 @@ optional_policy(`
 # Passwd local policy
 #
 
-allow passwd_t self:capability { chown dac_override fsetid setgid setuid sys_nice sys_resource };
+allow passwd_t self:capability { chown dac_override dac_read_search fsetid setgid setuid sys_nice sys_resource };
 dontaudit passwd_t self:capability sys_tty_config;
 allow passwd_t self:process { dyntransition getattr getcap getpgid getrlimit getsched getsession noatsecure rlimitinh setcap setfscreate setkeycreate setpgid setrlimit setsched setsockcreate share siginh signal_perms transition };
 allow passwd_t self:fd use;
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index a75a669b93..6a79e57804 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -109,7 +109,7 @@ optional_policy(`
 # Check password local policy
 #
 
-allow chkpwd_t self:capability { dac_override setuid };
+allow chkpwd_t self:capability { dac_override dac_read_search setuid };
 dontaudit chkpwd_t self:capability sys_tty_config;
 allow chkpwd_t self:process { getattr signal };
 dontaudit chkpwd_t self:process getcap;
diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
index 48b629c302..ddd991dcd4 100644
--- a/policy/modules/system/lvm.te
+++ b/policy/modules/system/lvm.te
@@ -49,7 +49,7 @@ files_type(lvm_var_lib_t)
 # DAC overrides and mknod for modifying /dev entries (vgmknodes)
 # rawio needed for dmraid
 # net_admin for multipath
-allow lvm_t self:capability { chown dac_override fowner ipc_lock mknod net_admin sys_admin sys_nice sys_rawio sys_resource };
+allow lvm_t self:capability { chown dac_override dac_read_search fowner ipc_lock mknod net_admin sys_admin sys_nice sys_rawio sys_resource };
 dontaudit lvm_t self:capability sys_tty_config;
 allow lvm_t self:process { setfscreate setrlimit sigchld sigkill signal signull sigstop };
 # LVM will complain a lot if it cannot set its priority.
@@ -65,6 +65,7 @@ allow lvm_t self:socket create_stream_socket_perms;
 allow lvm_t self:key { search write };
 
 allow lvm_t self:unix_stream_socket { connectto create_stream_socket_perms };
+allow lvm_t self:alg_socket create_socket_perms;
 
 manage_dirs_pattern(lvm_t, lvm_tmp_t, lvm_tmp_t)
 manage_files_pattern(lvm_t, lvm_tmp_t, lvm_tmp_t)
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
index d9e431a843..c5727585c0 100644
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@@ -51,6 +51,7 @@ dontaudit mount_t self:process setrlimit;
 
 allow mount_t mount_tmp_t:file manage_file_perms;
 allow mount_t mount_tmp_t:dir manage_dir_perms;
+allow mount_t self:fifo_file rw_fifo_file_perms;
 
 can_exec(mount_t, mount_exec_t)