diff --git a/roles/collectd/base/files/selinux/fi-collectd.te b/roles/collectd/base/files/selinux/fi-collectd.te
index d00778c309..e1fb78da80 100644
--- a/roles/collectd/base/files/selinux/fi-collectd.te
+++ b/roles/collectd/base/files/selinux/fi-collectd.te
@@ -1,24 +1,36 @@
 
-module fi-collectd 1.9.1;
+module fi-collectd 1.9.4;
 
 require {
     type shell_exec_t;
-	type var_run_t;
-	type bin_t;
-	type configfs_t;
-	type init_t;
-	type collectd_t;
-	class sock_file { read write getattr };
-	class unix_stream_socket connectto;
-	class capability { setuid dac_read_search sys_ptrace setgid dac_override };
-	class file { read getattr open execute execute_no_trans };
-	class dir getattr;
+        type bin_t;
+        type collectd_t;
+        type configfs_t;
+        type hostname_exec_t;
+        type init_t;
+        type postfix_postqueue_exec_t;
+        type postfix_public_t;
+        type sendmail_exec_t;
+        type tmp_t;
+        type var_run_t;
+        class capability { kill setuid dac_read_search sys_ptrace setgid dac_override };
+        class dir { getattr read };
+        class file { execute read getattr execute_no_trans ioctl open };
+        class lnk_file read;
+        class sock_file { read write getattr };
+        class unix_stream_socket connectto;
 }
 
 #============= collectd_t ==============
-allow collectd_t bin_t:file { read getattr open execute execute_no_trans };
+allow collectd_t bin_t:file { read getattr open execute execute_no_trans ioctl };
+allow collectd_t bin_t:lnk_file read;
 allow collectd_t configfs_t:dir getattr;
+allow collectd_t hostname_exec_t:file {getattr execute read open ioctl execute_no_trans};
 allow collectd_t init_t:unix_stream_socket connectto;
-allow collectd_t self:capability { setuid dac_read_search sys_ptrace setgid dac_override };
-allow collectd_t var_run_t:sock_file { read write getattr };
+allow collectd_t postfix_postqueue_exec_t:file { read execute open execute_no_trans };
+allow collectd_t postfix_public_t:sock_file write;
+allow collectd_t self:capability { kill setuid dac_read_search sys_ptrace setgid dac_override };
+allow collectd_t sendmail_exec_t:file { read getattr open execute execute_no_trans };
 allow collectd_t shell_exec_t:file { read open execute };
+allow collectd_t tmp_t:dir read;
+allow collectd_t var_run_t:sock_file { read write getattr };