diff --git a/cron.te b/cron.te
index 91fc6e1..2b0b0d7 100644
--- a/cron.te
+++ b/cron.te
@@ -813,9 +813,9 @@ tunable_policy(`fcron_crond',`
dontaudit crontab_domain crond_t:process signal;
')
-#optional_policy(`
-# ssh_dontaudit_use_ptys(crontab_domain)
-#')
+optional_policy(`
+ ssh_dontaudit_use_ptys(crontab_domain)
+')
optional_policy(`
openshift_dontaudit_rw_inherited_fifo_files(crontab_domain)
diff --git a/cyrus.if b/cyrus.if
index 7c30655..4203ea9 100644
--- a/cyrus.if
+++ b/cyrus.if
@@ -20,6 +20,25 @@ interface(`cyrus_manage_data',`
manage_files_pattern($1, cyrus_var_lib_t, cyrus_var_lib_t)
')
+#######################################
+##
+## Allow write cyrus data files.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`cyrus_write_data',`
+ gen_require(`
+ type cyrus_var_lib_t;
+ ')
+
+ files_search_var_lib($1)
+ write_files_pattern($1, cyrus_var_lib_t, cyrus_var_lib_t)
+')
+
########################################
##
## Connect to Cyrus using a unix domain stream socket.
diff --git a/openshift.te b/openshift.te
index 0d24b97..72b3bb4 100644
--- a/openshift.te
+++ b/openshift.te
@@ -360,9 +360,9 @@ fs_read_cgroup_files(openshift_cgroup_read_t)
allow openshift_cgroup_read_t openshift_var_lib_t:dir list_dir_perms;
read_files_pattern(openshift_cgroup_read_t, openshift_var_lib_t, openshift_var_lib_t)
-#optional_policy(`
-# ssh_dontaudit_use_ptys(openshift_cgroup_read_t)
-#')
+optional_policy(`
+ ssh_dontaudit_use_ptys(openshift_cgroup_read_t)
+')
#######################################################
#
@@ -384,9 +384,9 @@ read_lnk_files_pattern(openshift_user_domain, openshift_file_type, openshift_fil
term_use_ptmx(openshift_domain)
-#optional_policy(`
-# ssh_use_ptys(openshift_domain)
-#')
+optional_policy(`
+ ssh_use_ptys(openshift_domain)
+')
#######################################################
#