diff --git a/roles/collectd/base/files/selinux/fi-collectd.mod b/roles/collectd/base/files/selinux/fi-collectd.mod
new file mode 100644
index 0000000000..a5bf03c638
Binary files /dev/null and b/roles/collectd/base/files/selinux/fi-collectd.mod differ
diff --git a/roles/collectd/base/files/selinux/fi-collectd.pp b/roles/collectd/base/files/selinux/fi-collectd.pp
new file mode 100644
index 0000000000..559d78dc9a
Binary files /dev/null and b/roles/collectd/base/files/selinux/fi-collectd.pp differ
diff --git a/roles/collectd/base/files/selinux/fi-collectd.te b/roles/collectd/base/files/selinux/fi-collectd.te
new file mode 100644
index 0000000000..5c01df0df8
--- /dev/null
+++ b/roles/collectd/base/files/selinux/fi-collectd.te
@@ -0,0 +1,16 @@
+
+module fi-collectd 1.0;
+
+require {
+	type configfs_t;
+	type pstorefs_t;
+	type collectd_t;
+	class capability { dac_read_search sys_ptrace setgid dac_override };
+	class file read;
+	class dir getattr;
+}
+
+#============= collectd_t ==============
+allow collectd_t configfs_t:dir getattr;
+allow collectd_t pstorefs_t:dir getattr;
+allow collectd_t self:capability { dac_read_search sys_ptrace setgid dac_override };
diff --git a/roles/collectd/base/tasks/main.yml b/roles/collectd/base/tasks/main.yml
index 4029ec352c..476d701992 100644
--- a/roles/collectd/base/tasks/main.yml
+++ b/roles/collectd/base/tasks/main.yml
@@ -42,6 +42,20 @@
   - restart collectd
   when: collectd_apache is defined
 
+
+# Three tasks for handling our custom selinux module
+- name: ensure a directory exists for our custom selinux module
+  file: dest=/usr/share/collectd state=directory
+
+- name: copy over our custom selinux module
+  copy: src=selinux/fi-collectd.pp dest=/usr/share/collectd/fi-collectd.pp
+  register: selinux_module
+
+- name: install our custom selinux module
+  command: semodule -i /usr/share/collectd/fi-collectd.pp
+  when: selinux_module|changed
+
+
   
 # each of the below should move to a separate task list
 # since they are odd-balls and one-offs