2 files changed, 6 insertions, 2 deletions

diff --git a/src/file/runfile/runlockfile.cil b/src/file/runfile/runlockfile.cil
index f790314..41f292c 100644
--- a/src/file/runfile/runlockfile.cil
+++ b/src/file/runfile/runlockfile.cil
@@ -3,7 +3,9 @@
 
 (block runlock
 
-  (blockinherit .file.runlock.template))
+  (blockinherit .file.runlock.template)
+
+  (call .rbacsep.exempt.obj.type (file)))
 
 (in file
 
diff --git a/src/misc.cil b/src/misc.cil
index 75e7a6a..81a3775 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -507,7 +507,9 @@
 (in runlock
 
     (filecon "/run/lock" dir file_context)
-    (filecon "/run/lock/.*" any file_context)
+    (filecon "/run/lock/.*" any ())
+
+    (filecon "/run/lock/subsys" dir file_context)
 
     (macro run_file_type_transition_file ((type ARG1))
 	   (call .run.file_type_transition