diff --git a/refpolicy/policy/modules/admin/netutils.te b/refpolicy/policy/modules/admin/netutils.te
index 8445136b..92ca0bd6 100644
--- a/refpolicy/policy/modules/admin/netutils.te
+++ b/refpolicy/policy/modules/admin/netutils.te
@@ -121,6 +121,7 @@ filesystem_ignore_get_persistent_filesystem_attributes(ping_t)
 domain_use_widely_inheritable_file_descriptors(ping_t)
 
 files_read_general_system_config(ping_t)
+files_ignore_search_system_state_data_directory(ping_t)
 
 libraries_use_dynamic_loader(ping_t)
 libraries_read_shared_libraries(ping_t)
@@ -135,25 +136,18 @@ if (user_ping) {
 }
 
 ifdef(`TODO',`
-role sysadm_r types ping_t;
-in_user_role(ping_t)
+can_ypbind(ping_t)
 
+domain_auto_trans(sysadm_t, ping_exec_t, ping_t)
+role sysadm_r types ping_t;
+allow ping_t admin_tty_type:chr_file rw_file_perms;
+ifdef(`gnome-pty-helper.te', `allow ping_t sysadm_gph_t:fd use;')
+
+in_user_role(ping_t)
 if (user_ping) {
 	domain_auto_trans(unpriv_userdomain, ping_exec_t, ping_t)
 	ifdef(`gnome-pty-helper.te', `allow ping_t gphdomain:fd use;')
 }
-
-# Transition into this domain when you run this program.
-domain_auto_trans(sysadm_t, ping_exec_t, ping_t)
-
-can_ypbind(ping_t)
-
-# Access the terminal.
-allow ping_t admin_tty_type:chr_file rw_file_perms;
-ifdef(`gnome-pty-helper.te', `allow ping_t sysadm_gph_t:fd use;')
-
-# it tries to access /var/run
-dontaudit ping_t var_t:dir search;
 ') dnl end TODO
 
 ########################################