diff --git a/init.te b/init.te
index a92e56a3b03542be86101e3fba3fa845df1a39b3..d3f513246394c01f5a878ab6f8b981f3be322e92 100644
--- a/init.te
+++ b/init.te
@@ -20,6 +20,9 @@ allow init properties_serial:file { write relabelto };
 allow init property_type:file { create_file_perms relabelto };
 # /dev/socket
 allow init { device socket_device }:dir relabelto;
+# /dev/random, /dev/urandom
+allow init random_device:chr_file relabelto;
+allow init urandom_device:chr_file relabelto;
 # /dev/device-mapper, /dev/block(/.*)?
 allow init tmpfs:{ chr_file blk_file } relabelfrom;
 allow init tmpfs:blk_file getattr;