diff --git a/domain.te b/domain.te
index 0bd9ad08e1cb3c7ad18f48ff3aa623ffedc00e51..029d20a530d61ee6731b7b64f7ae95d6dd523aa8 100644
--- a/domain.te
+++ b/domain.te
@@ -150,9 +150,11 @@ allow domain { asec_public_file asec_apk_file }:dir r_dir_perms;
 #
 allow domain unlabeled:notdevfile_class_set { create_file_perms relabelfrom };
 allow domain unlabeled:dir { create_dir_perms relabelfrom };
-auditallow { domain -init } unlabeled:notdevfile_class_set { create_file_perms relabelfrom };
-auditallow { domain -init -kernel } unlabeled:dir { create_dir_perms relabelfrom };
+auditallow { domain -init -installd } unlabeled:notdevfile_class_set { create_file_perms relabelfrom };
+auditallow { domain -init -kernel -installd } unlabeled:dir { create_dir_perms relabelfrom };
 auditallow kernel unlabeled:dir ~search;
+auditallow installd unlabeled:dir ~{ getattr search relabelfrom };
+auditallow installd unlabeled:notdevfile_class_set ~{ getattr relabelfrom };
 
 ###
 ### neverallow rules