diff --git a/roles/distgit/files/http_policy.te b/roles/distgit/files/http_policy.te
index eae0190259..6dade130a2 100644
--- a/roles/distgit/files/http_policy.te
+++ b/roles/distgit/files/http_policy.te
@@ -1,4 +1,4 @@
-module http_policy 1.1;
+module http_policy 1.2;
 
 require {
 	type gitosis_var_lib_t;
@@ -25,7 +25,9 @@ allow httpd_sys_script_t shadow_t:file { getattr open read };
 #============= httpd_t ==============
 allow httpd_t git_content_t:dir { add_name remove_name write };
 allow httpd_t git_content_t:file { create rename setattr unlink write };
-allow httpd_t gitosis_var_lib_t:dir { add_name create remove_name rmdir write };
-allow httpd_t gitosis_var_lib_t:file { create link rename unlink write };
+allow httpd_t gitosis_var_lib_t:dir { create rmdir };
+allow httpd_t gitosis_var_lib_t:dir { add_name remove_name write };
+allow httpd_t gitosis_var_lib_t:file rename;
+allow httpd_t gitosis_var_lib_t:file { create link unlink write };
 allow httpd_t var_t:file { getattr open read };