diff --git a/unconfined.te b/unconfined.te
index 8eda0979feaf7ea94611beb1f9d9f36e88ba803c..5a23c3f8285891ac91cc0f5dc61225b6fc6aaf72 100644
--- a/unconfined.te
+++ b/unconfined.te
@@ -16,7 +16,7 @@
 # The use of this template is discouraged.
 ######################################################
 
-allow unconfineddomain self:capability ~{ sys_ptrace sys_rawio mknod sys_module audit_write audit_control };
+allow unconfineddomain self:capability ~{ sys_ptrace sys_rawio mknod sys_module audit_write audit_control linux_immutable };
 allow unconfineddomain self:capability2 ~{ mac_override mac_admin };
 allow unconfineddomain kernel:security ~{ load_policy setenforce setcheckreqprot setbool setsecparam };
 allow unconfineddomain kernel:system *;