diff --git a/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.mod b/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.mod
new file mode 100644
index 0000000000..c95ef0cd5b
Binary files /dev/null and b/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.mod differ
diff --git a/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.pp b/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.pp
new file mode 100644
index 0000000000..c22da3b0e1
Binary files /dev/null and b/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.pp differ
diff --git a/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.te b/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.te
new file mode 100644
index 0000000000..bb7c6ec5d0
--- /dev/null
+++ b/roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.te
@@ -0,0 +1,17 @@
+
+module fi-collectd-fcomm 1.0;
+
+require {
+	type bin_t;
+	type collectd_t;
+	type ldconfig_exec_t;
+    type shell_exec_t;
+	class file { read getattr open ioctl execute execute_no_trans };
+    class lnk_file { read };
+}
+
+allow collectd_t bin_t:file ioctl;
+allow collectd_t bin_t:lnk_file read;
+allow collectd_t ldconfig_exec_t:file { read execute open execute_no_trans };
+
+allow collectd_t shell_exec_t:file { getattr execute_no_trans };
diff --git a/roles/collectd/fcomm-queue/tasks/main.yml b/roles/collectd/fcomm-queue/tasks/main.yml
index a7d7c5675a..b23df4e291 100644
--- a/roles/collectd/fcomm-queue/tasks/main.yml
+++ b/roles/collectd/fcomm-queue/tasks/main.yml
@@ -21,3 +21,42 @@
   tags:
   - collectd
   notify: restart collectd
+
+# Three tasks for handling our custom selinux module.
+- name: ensure a directory exists for our custom selinux module
+  file: dest=/usr/share/collectd state=directory
+  tags:
+  - collectd
+  - selinux
+
+- name: copy over our fcomm collectd selinux module
+  copy: src=selinux/fi-collect-fcomm.pp dest=/usr/share/collectd/fi-collect-fcomm.pp
+  register: selinux_module
+  tags:
+  - collectd
+  - selinux
+
+- name: check to see if its even installed yet
+  shell: semodule -l | grep fi-collect-fcomm
+  register: selinux_grep
+  always_run: true
+  changed_when: "1 != 1"
+  tags:
+  - collectd
+  - selinux
+  ignore_errors: True
+
+- name: install our fcomm collectd selinux module
+  command: semodule -i /usr/share/collectd/fi-collect-fcomm.pp
+  when: selinux_module|changed or selinux_grep|failed
+  tags:
+  - collectd
+  - selinux
+
+- name: lastly, set some selinux booleans
+  seboolean: name={{item}} persistent=yes state=yes
+  with_items:
+  - collectd_tcp_network_connect
+  tags:
+  - collectd
+  - selinux