diff --git a/sec-policy/selinux-icinga2/Manifest b/sec-policy/selinux-icinga2/Manifest
index b54b51c..bd73d40 100644
--- a/sec-policy/selinux-icinga2/Manifest
+++ b/sec-policy/selinux-icinga2/Manifest
@@ -1,3 +1,3 @@
-AUX gentoonize.patch 4405 BLAKE2B 9821c6bfcbe06f6318173c02d1bf31f49a4e84214de8dcec471229246226603992b5fd251352f4d69a7e04c595d7aacbaa661323bc49fe162320fdc3e6d74520 SHA512 0eef0cb9d1a376bae75582eaca5daec42f833c79a8614839f6018d3ac6df5b0755ea2830727bf15df331566ecedd52de11850c5eb4a65981996d3886f6f461a0
+AUX gentoonize.patch 5576 BLAKE2B 5960d09e9b3cfd1e893fcb93b73bc23e1b4818d8ea9554375687f319084eccb504420a734ebbad4dca47666b9864c988b11f2a6b7899bb9a595e94093efb5cda SHA512 2be59c08a7ec879953a7bbc938bfd3ea022c282cc84a3bd5c048b2e2439330844c339b37184c8610f262132f5bae59e8a86d05bce29ee50b70b8de80860dcfee
 DIST icinga2-2.11.3.tar.gz 7475785 BLAKE2B baabe8c90170a7b2ddb3ae7e95ef3cd042e64f68dbfdb50f5a981bc63ae5aa1e8ec4082729456d1b3fc02c0c74a98e15383cc56e56c53a2ab6181db94125365c SHA512 616e938fabaa6565fb9ac4824649c09801dd53b3517c0a9b5b62307293bc838377c18818cc13dd40e240902f02455c421d433b6ee54671403598c5b7aeb78ea1
 EBUILD selinux-icinga2-2.11.3.ebuild 1077 BLAKE2B 54fffd47616853ad07a35d996dbd2efe68d248fbfb05dd37de09c40fa18fb581ece81101595a03ec9f13a9c372a9dea2e1e9ae91f744a046bca5282d3c298d96 SHA512 8d170b5a8a414ff1bfa4aaaa862f872d739dba40154c715137c028c5699b5bae058e7ede17907fa5ed5f33d021bb3a99663f431ff07e0f15197c4be06f6f188d
diff --git a/sec-policy/selinux-icinga2/files/gentoonize.patch b/sec-policy/selinux-icinga2/files/gentoonize.patch
index bc0dbdc..01031bc 100644
--- a/sec-policy/selinux-icinga2/files/gentoonize.patch
+++ b/sec-policy/selinux-icinga2/files/gentoonize.patch
@@ -1,12 +1,17 @@
---- icinga2-2.11.3/tools/selinux/icinga2.te.orig	2020-05-23 12:30:01.124718236 +0200
-+++ icinga2-2.11.3/tools/selinux/icinga2.te	2020-05-23 12:32:01.098712372 +0200
-@@ -41,13 +41,14 @@
+--- icinga2-2.11.3/tools/selinux/icinga2.te.orig	2020-05-23 16:55:59.329080781 +0200
++++ icinga2-2.11.3/tools/selinux/icinga2.te	2020-05-23 17:05:18.181127417 +0200
+@@ -41,13 +41,19 @@
  	type nagios_system_plugin_t; type nagios_system_plugin_exec_t;
  	type nagios_unconfined_plugin_t; type nagios_unconfined_plugin_exec_t;
  	type nagios_eventhandler_plugin_t; type nagios_eventhandler_plugin_exec_t;
 -	type nagios_openshift_plugin_t; type nagios_openshift_plugin_exec_t;
  	type httpd_t; type system_mail_t;
  	type devlog_t;
++	type sysadm_t;
++	type run_init_t;
++	type tmpfiles_t;
++	type var_t;
++	role sysadm_r;
  	role staff_r;
  	attribute unreserved_port_type;
  }
@@ -16,7 +21,7 @@
  type icinga2_t;
  type icinga2_exec_t;
  init_daemon_domain(icinga2_t, icinga2_exec_t)
-@@ -58,7 +59,12 @@
+@@ -58,7 +64,12 @@
  init_script_file(icinga2_initrc_exec_t)
  
  type icinga2_unit_file_t;
@@ -30,7 +35,22 @@
  
  type icinga2_etc_t;
  files_config_file(icinga2_etc_t)
-@@ -155,7 +161,12 @@
+@@ -89,6 +100,14 @@
+ typeattribute icinga2_port_t unreserved_port_type;
+ corenet_port(icinga2_port_t)
+ 
++corenet_tcp_bind_generic_node(icinga2_t)
++init_startstop_service(sysadm_t, sysadm_r, icinga2_t, icinga2_initrc_exec_t)
++domain_auto_transition_pattern(run_init_t, icinga2_exec_t, icinga2_t)
++manage_dirs_pattern(tmpfiles_t, var_t, icinga2_cache_t)
++manage_files_pattern(initrc_t, icinga2_log_t, icinga2_log_t)
++logging_send_syslog_msg(icinga2_t)
++dev_read_urand(icinga2_t)
++
+ ########################################
+ #
+ # icinga2 local policy
+@@ -155,7 +174,12 @@
  icinga2_execstrans(nagios_system_plugin_exec_t, nagios_system_plugin_t)
  icinga2_execstrans(nagios_unconfined_plugin_exec_t, nagios_unconfined_plugin_t)
  icinga2_execstrans(nagios_eventhandler_plugin_exec_t, nagios_eventhandler_plugin_t)
@@ -44,7 +64,7 @@
  
  # should be moved nagios.te
  nagios_plugin_template(notification)
-@@ -176,7 +187,9 @@
+@@ -176,7 +200,9 @@
  ')
  icinga2_dontaudit_leaks_fifo(system_mail_t)
  # hipsaint notification
@@ -55,7 +75,7 @@
  sysnet_read_config(nagios_notification_plugin_t)
  allow nagios_notification_plugin_t self:udp_socket create_stream_socket_perms;
  allow nagios_notification_plugin_t self:tcp_socket create_stream_socket_perms;
-@@ -216,16 +229,13 @@
+@@ -216,16 +242,13 @@
      selinux_compute_access_vector(icinga2_t)
  
      dbus_send_system_bus(icinga2_t)
@@ -73,7 +93,7 @@
  ')
  
  
-@@ -271,5 +281,10 @@
+@@ -271,5 +294,10 @@
  icinga2adm_execstrans(nagios_system_plugin_exec_t, nagios_system_plugin_t)
  icinga2adm_execstrans(nagios_unconfined_plugin_exec_t, nagios_unconfined_plugin_t)
  icinga2adm_execstrans(nagios_eventhandler_plugin_exec_t, nagios_eventhandler_plugin_t)
@@ -85,8 +105,8 @@
 +  icinga2adm_execstrans(nagios_openshift_plugin_exec_t, nagios_openshift_plugin_t)
 +')
  icinga2adm_execstrans(nagios_notification_plugin_exec_t, nagios_notification_plugin_t)
---- icinga2-2.11.3/tools/selinux/icinga2.if.orig	2020-05-23 12:30:13.197717646 +0200
-+++ icinga2-2.11.3/tools/selinux/icinga2.if	2020-05-23 12:31:03.445715190 +0200
+--- icinga2-2.11.3/tools/selinux/icinga2.if.orig	2020-05-23 16:56:10.481081712 +0200
++++ icinga2-2.11.3/tools/selinux/icinga2.if	2020-05-23 16:56:31.862083496 +0200
 @@ -54,9 +54,11 @@
                  type icinga2_unit_file_t;
          ')
@@ -126,3 +146,13 @@
  	')
  ')
  
+--- icinga2-2.11.3/tools/selinux/icinga2.fc.orig	2020-05-23 17:19:17.224197435 +0200
++++ icinga2-2.11.3/tools/selinux/icinga2.fc	2020-05-23 17:20:00.709201064 +0200
+@@ -3,6 +3,7 @@
+ /usr/lib/systemd/system/icinga2.*  --     gen_context(system_u:object_r:icinga2_unit_file_t,s0)
+ 
+ /etc/icinga2(/.*)?		gen_context(system_u:object_r:icinga2_etc_t,s0)
++/usr/share/icinga2/inc(lude)(/.*)? gen_context(system_u:object_r:icinga2_etc_t,s0)
+ 
+ /etc/icinga2/scripts(/.*)?	 --	gen_context(system_u:object_r:nagios_notification_plugin_exec_t,s0)
+