diff --git a/dirmngr.fc b/dirmngr.fc
new file mode 100644
index 0000000..6ce47dc
--- /dev/null
+++ b/dirmngr.fc
@@ -0,0 +1,13 @@
+/etc/dirmngr(/.*)? gen_context(system_u:object_r:dirmngr_conf_t,s0)
+
+/etc/rc\.d/init\.d/dirmngr -- gen_context(system_u:object_r:dirmngr_initrc_exec_t,s0)
+
+/usr/bin/dirmngr -- gen_context(system_u:object_r:dirmngr_exec_t,s0)
+
+/var/log/dirmngr(/.*)? gen_context(system_u:object_r:dirmngr_log_t,s0)
+
+/var/lib/dirmngr(/.*)? gen_context(system_u:object_r:dirmngr_var_lib_t,s0)
+
+/var/run/dirmngr\.pid -- gen_context(system_u:object_r:dirmngr_var_run_t,s0)
+
+/var/run/dirmngr(/.*)? gen_context(system_u:object_r:dirmngr_var_run_t,s0)
diff --git a/dirmngr.if b/dirmngr.if
new file mode 100644
index 0000000..e5f6733
--- /dev/null
+++ b/dirmngr.if
@@ -0,0 +1,45 @@
+## Server for managing and downloading certificate revocation lists.
+
+########################################
+##
+## All of the rules required to
+## administrate an dirmngr environment.
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+##
+## Role allowed access.
+##
+##
+##
+#
+interface(`dirmngr_admin',`
+ gen_require(`
+ type dirmngr_t, dirmngr_initrc_exec_t, dirmngr_var_run_t;
+ type dirmngr_conf_t, dirmngr_var_lib_t, dirmngr_log_t;
+ ')
+
+ allow $1 dirmngr_t:process { ptrace signal_perms };
+ ps_process_pattern($1, dirmngr_t)
+
+ init_labeled_script_domtrans($1, dirmngr_initrc_exec_t)
+ domain_system_change_exemption($1)
+ role_transition $2 dirmngr_initrc_exec_t system_r;
+ allow $2 system_r;
+
+ files_search_etc($1)
+ admin_pattern($1, dirmngr_conf_t)
+
+ logging_search_logs($1)
+ admin_pattern($1, dirmngr_log_t)
+
+ files_search_pids($1)
+ admin_pattern($1, dirmngr_var_run_t)
+
+ files_search_var_lib($1)
+ admin_pattern($1, dirmngr_var_lib_t)
+')
diff --git a/dirmngr.te b/dirmngr.te
new file mode 100644
index 0000000..b3b2188
--- /dev/null
+++ b/dirmngr.te
@@ -0,0 +1,58 @@
+policy_module(dirmngr, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+type dirmngr_t;
+type dirmngr_exec_t;
+init_daemon_domain(dirmngr_t, dirmngr_exec_t)
+
+type dirmngr_conf_t;
+files_config_file(dirmngr_conf_t)
+
+type dirmngr_initrc_exec_t;
+init_script_file(dirmngr_initrc_exec_t)
+
+type dirmngr_log_t;
+logging_log_file(dirmngr_log_t)
+
+type dirmngr_var_lib_t;
+files_type(dirmngr_var_lib_t)
+
+type dirmngr_var_run_t;
+files_pid_file(dirmngr_var_run_t)
+
+########################################
+#
+# Local policy
+#
+
+allow dirmngr_t self:fifo_file rw_file_perms;
+
+allow dirmngr_t dirmngr_conf_t:dir list_dir_perms;
+allow dirmngr_t dirmngr_conf_t:file read_file_perms;
+allow dirmngr_t dirmngr_conf_t:lnk_file read_lnk_file_perms;
+
+manage_dirs_pattern(dirmngr_t, dirmngr_log_t, dirmngr_log_t)
+append_files_pattern(dirmngr_t, dirmngr_log_t, dirmngr_log_t)
+create_files_pattern(dirmngr_t, dirmngr_log_t, dirmngr_log_t)
+setattr_files_pattern(dirmngr_t, dirmngr_log_t, dirmngr_log_t)
+logging_log_filetrans(dirmngr_t, dirmngr_log_t, dir)
+
+manage_dirs_pattern(dirmngr_t, dirmngr_var_lib_t, dirmngr_var_lib_t)
+manage_files_pattern(dirmngr_t, dirmngr_var_lib_t, dirmngr_var_lib_t)
+manage_lnk_files_pattern(dirmngr_t, dirmngr_var_lib_t, dirmngr_var_lib_t)
+files_var_lib_filetrans(dirmngr_t, dirmngr_var_lib_t, dir)
+
+manage_dirs_pattern(dirmngr_t, dirmngr_var_run_t, dirmngr_var_run_t)
+manage_files_pattern(dirmngr_t, dirmngr_var_run_t, dirmngr_var_run_t)
+manage_sock_files_pattern(dirmngr_t, dirmngr_var_run_t, dirmngr_var_run_t)
+files_pid_filetrans(dirmngr_t, dirmngr_var_run_t, { dir file })
+
+kernel_read_crypto_sysctls(dirmngr_t)
+
+files_read_etc_files(dirmngr_t)
+
+miscfiles_read_localization(dirmngr_t)