diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
index 1105ff5..620e17b 100644
--- a/policy/modules/roles/unconfineduser.te
+++ b/policy/modules/roles/unconfineduser.te
@@ -188,6 +188,11 @@ optional_policy(`
 		rtkit_scheduled(unconfined_usertype)
 	')
 
+	# Might remove later if this proves to be problematic, but would like to gather AVCs
+	optional_policy(`
+		thumb_role(unconfined_r, unconfined_usertype)
+	')
+
 	optional_policy(`
 		setroubleshoot_dbus_chat(unconfined_usertype)
 		setroubleshoot_dbus_chat_fixit(unconfined_t)