diff --git a/policy-f25-base.patch b/policy-f25-base.patch
index 24f8fdc..fc9076a 100644
--- a/policy-f25-base.patch
+++ b/policy-f25-base.patch
@@ -26939,7 +26939,7 @@ index 76d9f66ec..7528851ad 100644
 +/root/\.ssh(/.*)?			gen_context(system_u:object_r:ssh_home_t,s0)
 +/root/\.shosts				gen_context(system_u:object_r:ssh_home_t,s0)
 diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if
-index fe0c68272..a1954d8cd 100644
+index fe0c68272..15a1aa103 100644
 --- a/policy/modules/services/ssh.if
 +++ b/policy/modules/services/ssh.if
 @@ -32,10 +32,11 @@
@@ -27066,7 +27066,7 @@ index fe0c68272..a1954d8cd 100644
  	files_pid_file($1_var_run_t)
  
 -	allow $1_t self:capability { kill sys_chroot sys_nice sys_resource chown dac_override fowner fsetid setgid setuid sys_tty_config };
-+	allow $1_t self:capability { kill sys_admin sys_chroot sys_nice sys_resource chown dac_override chown dac_read fowner fsetid net_admin setgid setuid sys_tty_config };;
++	allow $1_t self:capability { kill sys_admin sys_chroot sys_nice sys_resource chown dac_override chown dac_read_search fowner fsetid net_admin setgid setuid sys_tty_config };;
  	allow $1_t self:fifo_file rw_fifo_file_perms;
 -	allow $1_t self:process { signal getsched setsched setrlimit setexec setkeycreate };
 +	allow $1_t self:process { setcap getcap signal getsched setsched setrlimit setexec };