diff --git a/policy/modules/admin/alsa.if b/policy/modules/admin/alsa.if
index 90d5203..1392679 100644
--- a/policy/modules/admin/alsa.if
+++ b/policy/modules/admin/alsa.if
@@ -21,6 +21,32 @@ interface(`alsa_domtrans',`
########################################
##
+## Execute a domain transition to run
+## Alsa, and allow the specified role
+## the Alsa domain.
+##
+##
+##
+## Domain allowed to transition.
+##
+##
+##
+##
+## Role allowed access.
+##
+##
+#
+interface(`alsa_run',`
+ gen_require(`
+ type alsa_t;
+ ')
+
+ alsa_domtrans($1)
+ role $2 types alsa_t;
+')
+
+########################################
+##
## Read and write Alsa semaphores.
##
##
diff --git a/policy/modules/admin/alsa.te b/policy/modules/admin/alsa.te
index a7c7971..d073f49 100644
--- a/policy/modules/admin/alsa.te
+++ b/policy/modules/admin/alsa.te
@@ -11,7 +11,10 @@ init_system_domain(alsa_t, alsa_exec_t)
role system_r types alsa_t;
type alsa_etc_rw_t;
-files_type(alsa_etc_rw_t)
+files_config_file(alsa_etc_rw_t)
+
+type alsa_tmp_t;
+files_tmp_file(alsa_tmp_t)
type alsa_var_lib_t;
files_type(alsa_var_lib_t)
@@ -39,6 +42,13 @@ files_etc_filetrans(alsa_t, alsa_etc_rw_t, file)
can_exec(alsa_t, alsa_exec_t)
+manage_dirs_pattern(alsa_t, alsa_tmp_t, alsa_tmp_t)
+manage_files_pattern(alsa_t, alsa_tmp_t, alsa_tmp_t)
+files_tmp_filetrans(alsa_t, alsa_tmp_t, { dir file })
+userdom_user_tmp_filetrans(alsa_t, alsa_tmp_t, { dir file })
+userdom_dontaudit_setattr_user_tmp(alsa_t)
+
+
manage_dirs_pattern(alsa_t, alsa_var_lib_t, alsa_var_lib_t)
manage_files_pattern(alsa_t, alsa_var_lib_t, alsa_var_lib_t)
files_search_var_lib(alsa_t)