diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 35e6e7c2f8..4f6e99e58c 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -92,6 +92,7 @@ interface(`auth_use_pam_systemd',`
systemd_dbus_chat_logind($1)
systemd_read_logind_state($1)
systemd_use_logind_fds($1)
+ systemd_connectto_logind_sockets($1)
# to read /etc/machine-id
files_read_etc_runtime_files($1)
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index db6bd97523..0d77bd8ce7 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -1470,6 +1470,25 @@ interface(`systemd_use_logind_fds',`
allow $1 systemd_logind_t:fd use;
')
+######################################
+##
+## Connect to systemd logind
+## sockets.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`systemd_connectto_logind_sockets',`
+ gen_require(`
+ type systemd_logind_t;
+ ')
+
+ allow $1 systemd_logind_t:unix_stream_socket connectto;
+')
+
######################################
##
## Watch logind sessions dirs.