diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
index 0a9a9212..7243acc0 100644
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@@ -304,6 +304,7 @@ allow mozilla_plugin_t self:fifo_file manage_fifo_file_perms;
 allow mozilla_plugin_t self:unix_stream_socket { connectto create_stream_socket_perms };
 
 read_files_pattern(mozilla_plugin_t, mozilla_home_t, mozilla_home_t)
+can_exec(mozilla_plugin_t, mozilla_home_t)
 
 manage_dirs_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
 manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
diff --git a/policy/modules/services/rpc.te b/policy/modules/services/rpc.te
index 9ae080e2..ea2c0f09 100644
--- a/policy/modules/services/rpc.te
+++ b/policy/modules/services/rpc.te
@@ -88,6 +88,7 @@ fs_read_rpc_files(rpcd_t)
 fs_read_rpc_symlinks(rpcd_t)
 fs_rw_rpc_sockets(rpcd_t)
 fs_get_all_fs_quotas(rpcd_t)
+fs_set_xattr_fs_quotas(rpcd_t)
 fs_getattr_all_fs(rpcd_t)
 
 storage_getattr_fixed_disk_dev(rpcd_t)