diff --git a/refpolicy/policy/modules/system/selinux.if b/refpolicy/policy/modules/system/selinux.if
index 9804950a..04a72740 100644
--- a/refpolicy/policy/modules/system/selinux.if
+++ b/refpolicy/policy/modules/system/selinux.if
@@ -124,6 +124,20 @@ type newrole_t;
 class process sigchld;
 ')
 
+#######################################
+#
+# selinux_newrole_use_file_descriptors(domain)
+#
+define(`selinux_newrole_use_file_descriptors',`
+requires_block_template(selinux_newrole_use_file_descriptors_depend)
+allow $1 newrole_t:fd use;
+')
+
+define(`selinux_newrole_use_file_descriptors_depend',`
+type newrole_t;
+class fd use;
+')
+
 #######################################
 #
 # selinux_restorecon_transition(domain)
diff --git a/refpolicy/policy/modules/system/selinuxutil.if b/refpolicy/policy/modules/system/selinuxutil.if
index 9804950a..04a72740 100644
--- a/refpolicy/policy/modules/system/selinuxutil.if
+++ b/refpolicy/policy/modules/system/selinuxutil.if
@@ -124,6 +124,20 @@ type newrole_t;
 class process sigchld;
 ')
 
+#######################################
+#
+# selinux_newrole_use_file_descriptors(domain)
+#
+define(`selinux_newrole_use_file_descriptors',`
+requires_block_template(selinux_newrole_use_file_descriptors_depend)
+allow $1 newrole_t:fd use;
+')
+
+define(`selinux_newrole_use_file_descriptors_depend',`
+type newrole_t;
+class fd use;
+')
+
 #######################################
 #
 # selinux_restorecon_transition(domain)