diff --git a/policy/modules/services/djbdns.if b/policy/modules/services/djbdns.if
index 00f84bb6..ade3079b 100644
--- a/policy/modules/services/djbdns.if
+++ b/policy/modules/services/djbdns.if
@@ -2,7 +2,7 @@
 
 ########################################
 ## <summary>
-##	Create a set of derived types for djbdns 
+##	Create a set of derived types for djbdns
 ##	components that are directly supervised by daemontools.
 ## </summary>
 ## <param name="prefix">
@@ -26,6 +26,8 @@ template(`djbdns_daemontools_domain_template',`
 	daemontools_read_svc(djbdns_$1_t)
 
 	allow djbdns_$1_t self:capability { net_bind_service setgid setuid sys_chroot };
+	allow djbdns_$1_t self:process signal;
+	allow djbdns_$1_t self:fifo_file rw_fifo_file_perms;
 	allow djbdns_$1_t self:tcp_socket create_stream_socket_perms;
 	allow djbdns_$1_t self:udp_socket create_socket_perms;
 
@@ -50,3 +52,39 @@ template(`djbdns_daemontools_domain_template',`
 
 	files_search_var(djbdns_$1_t)
 ')
+
+#####################################
+## <summary>
+##	Allow search the djbdns-tinydns key ring.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`djbdns_search_tinydns_keys',`
+	gen_require(`
+		type djbdns_tinydns_t;
+	')
+
+	allow $1 djbdns_tinydns_t:key search;
+')
+
+#####################################
+## <summary>
+##	Allow link to the djbdns-tinydns key ring.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`djbdns_link_tinydns_keys',`
+	gen_require(`
+		type djbdns_tinydn_t;
+	')
+
+	allow $1 djbdns_tinydn_t:key link;
+')
diff --git a/policy/modules/services/djbdns.te b/policy/modules/services/djbdns.te
index 89ab808c..25006e96 100644
--- a/policy/modules/services/djbdns.te
+++ b/policy/modules/services/djbdns.te
@@ -1,5 +1,5 @@
 
-policy_module(djbdns, 1.3.0)
+policy_module(djbdns, 1.3.1)
 
 ########################################
 #
@@ -42,3 +42,10 @@ allow djbdns_axfrdns_t djbdns_tinydns_conf_t:file read_file_perms;
 files_search_var(djbdns_axfrdns_t)
 
 ucspitcp_service_domain(djbdns_axfrdns_t, djbdns_axfrdns_exec_t)
+
+########################################
+#
+# Local policy for tinydns
+#
+
+init_dontaudit_use_script_fds(djbdns_tinydns_t)