diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 9189e167c0..94e575a299 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -1311,8 +1311,9 @@ fs_read_efivarfs_files(systemd_bless_boot_generator_t)
 
 ### cryptsetup generator
 manage_dirs_pattern(systemd_cryptsetup_generator_t, systemd_fstab_generator_unit_file_t, systemd_fstab_generator_unit_file_t)
-
 manage_files_pattern(systemd_cryptsetup_generator_t, systemd_fstab_generator_unit_file_t, systemd_fstab_generator_unit_file_t)
+manage_dirs_pattern(systemd_cryptsetup_generator_t, init_var_run_t, init_var_run_t)
+manage_files_pattern(systemd_cryptsetup_generator_t, init_var_run_t, init_var_run_t)
 
 ### fstab generator
 allow systemd_fstab_generator_t self:capability { dac_override dac_read_search };