Index: policy/modules/system/init.te
===================================================================
--- policy/modules/system/init.te	(revision 2373)
+++ policy/modules/system/init.te	(working copy)
@@ -541,6 +541,10 @@
 ')
 
 optional_policy(`
+	alsa_domtrans(initrc_t)
+')
+
+optional_policy(`
 	amavis_search_lib(initrc_t)
 	amavis_setattr_pid_files(initrc_t)
 ')
Index: policy/modules/system/udev.te
===================================================================
--- policy/modules/system/udev.te	(revision 2373)
+++ policy/modules/system/udev.te	(working copy)
@@ -176,6 +176,10 @@
 ')
 
 optional_policy(`
+	alsa_domtrans(udev_t)
+')
+
+optional_policy(`
 	consoletype_exec(udev_t)
 ')
 
Index: policy/modules/admin/alsa.te
===================================================================
--- policy/modules/admin/alsa.te	(revision 2373)
+++ policy/modules/admin/alsa.te	(working copy)
@@ -14,6 +14,9 @@
 type alsa_etc_rw_t;
 files_type(alsa_etc_rw_t)
 
+type alsa_var_lib_t;
+files_type(alsa_var_lib_t)
+
 ########################################
 #
 # Local policy
@@ -30,9 +33,20 @@
 manage_lnk_files_pattern(alsa_t,alsa_etc_rw_t,alsa_etc_rw_t)
 
 files_read_etc_files(alsa_t)
+files_read_usr_files(alsa_t)
+files_search_pids(alsa_t)
 
+# asound.state: lives in /var/lib/alsa on Debian, /etc elsewhere
+files_etc_filetrans(alsa_t,alsa_etc_rw_t,file)
+files_search_var_lib(alsa_t)
+manage_files_pattern(alsa_t,alsa_var_lib_t,alsa_var_lib_t)
+
+dev_read_sound(alsa_t)
+dev_write_sound(alsa_t)
+
 term_use_generic_ptys(alsa_t)
 term_dontaudit_use_unallocated_ttys(alsa_t)
+init_dontaudit_use_fds(alsa_t)
 
 libs_use_ld_so(alsa_t)
 libs_use_shared_libs(alsa_t)
@@ -43,6 +57,7 @@
 
 userdom_manage_unpriv_user_semaphores(alsa_t)
 userdom_manage_unpriv_user_shared_mem(alsa_t)
+userdom_search_generic_user_home_dirs(alsa_t)
 
 optional_policy(`
 	nscd_socket_use(alsa_t)
Index: policy/modules/admin/alsa.fc
===================================================================
--- policy/modules/admin/alsa.fc	(revision 2373)
+++ policy/modules/admin/alsa.fc	(working copy)
@@ -1,4 +1,8 @@
 
 /etc/alsa/pcm(/.*)?		gen_context(system_u:object_r:alsa_etc_rw_t,s0)
 
+/etc/asound\.state	--	gen_context(system_u:object_r:alsa_etc_rw_t,s0)
+/var/lib/alsa(/.*)?		gen_context(system_u:object_r:alsa_var_lib_t,s0)
+
 /usr/bin/ainit 		--	gen_context(system_u:object_r:alsa_exec_t,s0)
+/usr/sbin/alsactl	--	gen_context(system_u:object_r:alsa_exec_t,s0)