Index: refpolicy-2.20240202/policy/modules/services/thunderbolt.fc
===================================================================
--- refpolicy-2.20240202.orig/policy/modules/services/thunderbolt.fc
+++ refpolicy-2.20240202/policy/modules/services/thunderbolt.fc
@@ -1,3 +1,3 @@
 /usr/libexec/boltd	--	gen_context(system_u:object_r:thunderboltd_exec_t,s0)
 /var/lib/boltd(/.*)?		gen_context(system_u:object_r:thunderboltd_var_lib_t,s0)
-
+/run/boltd(/.*)?		gen_context(system_u:object_r:thunderboltd_runtime_t,s0)
Index: refpolicy-2.20240202/policy/modules/services/thunderbolt.te
===================================================================
--- refpolicy-2.20240202.orig/policy/modules/services/thunderbolt.te
+++ refpolicy-2.20240202/policy/modules/services/thunderbolt.te
@@ -22,6 +22,7 @@ files_runtime_file(thunderboltd_runtime_
 # Local policy
 #
 
+dontaudit thunderboltd_t self:capability net_admin;
 allow thunderboltd_t self:unix_dgram_socket { create write };
 allow thunderboltd_t self:netlink_kobject_uevent_socket { create getattr read bind getopt setopt };
 
@@ -34,6 +35,8 @@ allow thunderboltd_t thunderboltd_runtim
 kernel_read_system_state(thunderboltd_t)
 
 dev_read_sysfs(thunderboltd_t)
+# for force_power
+dev_write_sysfs(thunderboltd_t)
 
 files_read_etc_files(thunderboltd_t)
 
@@ -41,7 +44,7 @@ logging_send_syslog_msg(thunderboltd_t)
 
 miscfiles_read_localization(thunderboltd_t)
 
-udev_search_runtime(thunderboltd_t)
+udev_read_runtime_files(thunderboltd_t)
 
 ifdef(`init_systemd',`
 	init_stream_connect(thunderboltd_t)
