diff --git a/policy/modules/services/ricci.te b/policy/modules/services/ricci.te
index e5f980d0..2034e717 100644
--- a/policy/modules/services/ricci.te
+++ b/policy/modules/services/ricci.te
@@ -1,5 +1,5 @@
 
-policy_module(ricci, 1.5.2)
+policy_module(ricci, 1.5.3)
 
 ########################################
 #
@@ -133,6 +133,8 @@ corenet_tcp_connect_http_port(ricci_t)
 
 dev_read_urand(ricci_t)
 
+domain_read_all_domains_state(ricci_t)
+
 files_read_etc_files(ricci_t)
 files_read_etc_runtime_files(ricci_t)
 files_create_boot_flag(ricci_t)
@@ -140,7 +142,7 @@ files_create_boot_flag(ricci_t)
 auth_domtrans_chk_passwd(ricci_t)
 auth_append_login_records(ricci_t)
 
-init_dontaudit_stream_connect_script(ricci_t)
+init_stream_connect_script(ricci_t)
 
 locallogin_dontaudit_use_fds(ricci_t)
 
@@ -202,7 +204,7 @@ kernel_read_system_state(ricci_modcluster_t)
 corecmd_exec_shell(ricci_modcluster_t)
 corecmd_exec_bin(ricci_modcluster_t)
 
-domain_dontaudit_read_all_domains_state(ricci_modcluster_t)
+domain_read_all_domains_state(ricci_modcluster_t)
 
 files_search_locks(ricci_modcluster_t)
 files_read_etc_runtime_files(ricci_modcluster_t)
@@ -214,6 +216,8 @@ init_domtrans_script(ricci_modcluster_t)
 
 logging_send_syslog_msg(ricci_modcluster_t)
 
+consoletype_exec(ricci_modcluster_t)
+
 miscfiles_read_localization(ricci_modcluster_t)
 
 modutils_domtrans_insmod(ricci_modcluster_t)
@@ -228,10 +232,6 @@ optional_policy(`
 	ccs_manage_config(ricci_modcluster_t)
 ')
 
-optional_policy(`
-	consoletype_exec(ricci_modcluster_t)
-')
-
 optional_policy(`
 	lvm_domtrans(ricci_modcluster_t)
 ')
@@ -287,14 +287,14 @@ corenet_tcp_bind_generic_node(ricci_modclusterd_t)
 corenet_tcp_bind_ricci_modcluster_port(ricci_modclusterd_t)
 corenet_tcp_connect_ricci_modcluster_port(ricci_modclusterd_t)
 
-domain_dontaudit_read_all_domains_state(ricci_modclusterd_t)
+domain_read_all_domains_state(ricci_modclusterd_t)
 
 files_read_etc_files(ricci_modclusterd_t)
 files_read_etc_runtime_files(ricci_modclusterd_t)
 
 fs_getattr_xattr_fs(ricci_modclusterd_t)
 
-init_dontaudit_stream_connect_script(ricci_modclusterd_t)
+init_stream_connect_script(ricci_modclusterd_t)
 
 locallogin_dontaudit_use_fds(ricci_modclusterd_t)
 
@@ -328,7 +328,7 @@ kernel_read_system_state(ricci_modlog_t)
 
 corecmd_exec_bin(ricci_modlog_t)
 
-domain_dontaudit_read_all_domains_state(ricci_modlog_t)
+domain_read_all_domains_state(ricci_modlog_t)
 
 files_read_etc_files(ricci_modlog_t)
 files_search_usr(ricci_modlog_t)
@@ -432,7 +432,7 @@ dev_read_sysfs(ricci_modstorage_t)
 dev_read_urand(ricci_modstorage_t)
 dev_manage_generic_blk_files(ricci_modstorage_t)
 
-domain_dontaudit_read_all_domains_state(ricci_modstorage_t)
+domain_read_all_domains_state(ricci_modstorage_t)
 
 #Needed for editing /etc/fstab
 files_manage_etc_files(ricci_modstorage_t)
@@ -452,6 +452,10 @@ miscfiles_read_localization(ricci_modstorage_t)
 
 modutils_read_module_deps(ricci_modstorage_t)
 
+consoletype_exec(ricci_modstorage_t)
+
+mount_domtrans(ricci_modstorage_t)
+
 optional_policy(`
 	ccs_stream_connect(ricci_modstorage_t)
 	ccs_read_config(ricci_modstorage_t)