diff --git a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
index 822ecb8..23f47a5 100644
--- a/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
+++ b/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
@@ -36,7 +36,7 @@ files_tmp_file(aimee_set_root_password_tmp_t)
 #
 
 allow aimee_storinit_t self:fifo_file rw_fifo_file_perms;
-allow aimee_storinit_t self:capability { chown fsetid sys_admin };
+allow aimee_storinit_t self:capability { dac_read_search dac_override chown fowner fsetid sys_admin };
 allow aimee_storinit_t self:process { setfscreate };
 
 manage_dirs_pattern(aimee_storinit_t, aimee_storinit_runtime_t, aimee_storinit_runtime_t)