diff --git a/policy/modules/system/systemd.fc b/policy/modules/system/systemd.fc
index 58e4d1666b..7d3c208ab8 100644
--- a/policy/modules/system/systemd.fc
+++ b/policy/modules/system/systemd.fc
@@ -99,6 +99,9 @@ HOME_DIR/\.config/systemd/user(/.*)?		gen_context(system_u:object_r:systemd_unit
 
 /var/cache/systemd(//.*)?		gen_context(system_u:object_r:systemd_cache_t,s0)
 
+/var/lib/confexts(/.*)?				gen_context(system_u:object_r:systemd_importd_var_lib_t,s0)
+/var/lib/extensions(/.*)?			gen_context(system_u:object_r:systemd_importd_var_lib_t,s0)
+/var/lib/portables(/.*)?			gen_context(system_u:object_r:systemd_importd_var_lib_t,s0)
 /var/lib/machines(/.*)?			gen_context(system_u:object_r:systemd_machined_var_lib_t,s0)
 /var/lib/systemd/coredump(/.*)?		gen_context(system_u:object_r:systemd_coredump_var_lib_t,s0)
 /var/lib/systemd/network(/.*)?         gen_context(system_u:object_r:systemd_networkd_var_lib_t,s0)
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 676c497ced..c5df491e74 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -247,6 +247,9 @@ files_type(systemd_machined_var_lib_t)
 systemd_domain_template(systemd_importd)
 init_nnp_daemon_domain(systemd_importd_t)
 
+type systemd_importd_var_lib_t;
+files_type(systemd_importd_var_lib_t)
+
 type systemd_importd_var_run_t;
 files_pid_file(systemd_importd_var_run_t)
 
@@ -1660,6 +1663,12 @@ allow systemd_importd_t self:udp_socket create_socket_perms;
 allow systemd_importd_t self:unix_dgram_socket sendto;
 allow systemd_importd_t systemd_importd_exec_t:file execute_no_trans;
 
+manage_dirs_pattern(systemd_importd_t, systemd_importd_var_lib_t, systemd_importd_var_lib_t)
+manage_files_pattern(systemd_importd_t, systemd_importd_var_lib_t, systemd_importd_var_lib_t)
+files_var_lib_filetrans(systemd_importd_t, systemd_importd_var_lib_t, dir, "confexts")
+files_var_lib_filetrans(systemd_importd_t, systemd_importd_var_lib_t, dir, "extensions")
+files_var_lib_filetrans(systemd_importd_t, systemd_importd_var_lib_t, dir, "portables")
+
 manage_dirs_pattern(systemd_importd_t, systemd_importd_var_run_t, systemd_importd_var_run_t)
 manage_files_pattern(systemd_importd_t, systemd_importd_var_run_t, systemd_importd_var_run_t)
 manage_sock_files_pattern(systemd_importd_t, systemd_importd_var_run_t, systemd_importd_var_run_t)