diff --git a/roles/base/files/selinux/rsyslog-audit.pp b/roles/base/files/selinux/rsyslog-audit.pp
index 41d0b6acd7..24cdec2c00 100644
Binary files a/roles/base/files/selinux/rsyslog-audit.pp and b/roles/base/files/selinux/rsyslog-audit.pp differ
diff --git a/roles/base/files/selinux/rsyslog-audit.te b/roles/base/files/selinux/rsyslog-audit.te
index cf8e03b337..76121d42f0 100644
--- a/roles/base/files/selinux/rsyslog-audit.te
+++ b/roles/base/files/selinux/rsyslog-audit.te
@@ -4,9 +4,9 @@ require {
 	type auditd_log_t;
 	type syslogd_t;
 	class file { getattr ioctl open read };
-	class dir { getattr read search };
+	class dir { getattr open read search };
 }
 
 #============= syslogd_t ==============
-allow syslogd_t auditd_log_t:dir { getattr read search };
+allow syslogd_t auditd_log_t:dir { getattr open read search };
 allow syslogd_t auditd_log_t:file { getattr ioctl open read };