diff --git a/systemd.spec b/systemd.spec
index 04cbdb6..3f4d80f 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -85,8 +85,6 @@ Source25:       98-default-mac-none.link
 # Needed for selinux subpackage
 Source100:      Makefile.selinux
 Source101:      systemd_hs.te
-Source102:      systemd_hs.if
-Source103:      systemd_hs.fc
 
 %if 0
 GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable
@@ -647,7 +645,7 @@ runs properly under an environment with SELinux enabled.
 %autosetup -n %{name}-hs%{?facebook:fb}-%{version} -p1
 
 mkdir -p /tmp/selinux
-cp %SOURCE100 %SOURCE101 %SOURCE102 %SOURCE103 /tmp/selinux
+cp %SOURCE100 %SOURCE101 /tmp/selinux
 
 %build
 %global ntpvendor %(source /etc/os-release; echo ${ID})
diff --git a/systemd_hs.fc b/systemd_hs.fc
deleted file mode 100644
index 554fbd4..0000000
--- a/systemd_hs.fc
+++ /dev/null
@@ -1,4 +0,0 @@
-/usr/lib/systemd/libsystemd-core-.+\.so.* --        system_u:object_r:lib_t:s0
-/usr/lib/systemd/libsystemd-shared-.+\.so.* --      system_u:object_r:lib_t:s0
-/efi    system_u:object_r:boot_t:s0
-/efi/.* system_u:object_r:boot_t:s0
diff --git a/systemd_hs.if b/systemd_hs.if
deleted file mode 100644
index 6695e0e..0000000
--- a/systemd_hs.if
+++ /dev/null
@@ -1,20 +0,0 @@
-########################################
-## <summary>
-##	Allows the caller to use the SELinux status page.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <rolecap/>
-#
-interface(`selinux_use_status_page',`
-	gen_require(`
-		type security_t;
-	')
-
-	dev_search_sysfs($1)
-	allow $1 security_t:dir list_dir_perms;
-	allow $1 security_t:file mmap_read_file_perms;
-')
diff --git a/systemd_hs.te b/systemd_hs.te
index 2fae7e0..c21edc1 100644
--- a/systemd_hs.te
+++ b/systemd_hs.te
@@ -1,57 +1,46 @@
 policy_module(systemd_hs,0.0.1)
 
-# systemd overrides for 247
 gen_require(`
+	type cgroup_t;
+	type default_t;
+	type init_exec_t;
 	type init_t;
 	type init_var_run_t;
-	type kmsg_device_t;
-	type proc_kmsg_t;
-	type proc_security_t;
-	type systemd_hostnamed_t;
-	type systemd_localed_t;
-	type systemd_logind_t;
-	type systemd_resolved_t;
-	type systemd_tmpfiles_t;
-	type systemd_hwdb_t;
-	type systemd_sysctl_t;
-	type security_t;
-	type tpm_device_t;
-	type ramfs_t;
-	type shadow_t;
+	type kernel_t;
+	type loadkeys_t;
 	type syslogd_t;
-	type user_tmp_t;
-	type systemd_machined_t;
+	type syslogd_var_run_t;
 	type system_dbusd_var_run_t;
+	type systemd_gpt_generator_t;
+	type systemd_network_generator_t;
 	type systemd_networkd_t;
+	type systemd_userdbd_t;
+	type tmpfs_t;
 ')
 
 #============= init_t ==============
-allow init_t kmsg_device_t:chr_file mounton;
-allow init_t proc_kmsg_t:file { getattr mounton };
-allow init_t ramfs_t:file manage_file_perms;
-allow init_t tpm_device_t:chr_file { read write open };
-allow init_t shadow_t:file { read open };
+allow init_t self:netlink_netfilter_socket { bind create getattr getopt setopt };
+allow init_t self:vsock_socket { bind connect create getopt setopt };
+allow init_t syslogd_var_run_t:file { setattr write };
 
-#============= systemd_hwdb_t ==============
-allow systemd_hwdb_t security_t:file { read open };
-allow systemd_hwdb_t self:netlink_selinux_socket { create bind };
-
-#============= systemd_sysctl_t ==============
-allow systemd_sysctl_t proc_security_t:file read;
+#============= loadkeys_t ==============
+allow loadkeys_t default_t:lnk_file read;
+allow loadkeys_t init_exec_t:file getattr;
 
 #============= syslogd_t ==============
-allow syslogd_t user_tmp_t:dir search;
 
-#============= systemd_machined_t ==============
-allow systemd_machined_t init_var_run_t:sock_file manage_sock_file_perms;
+#!!!! This avc can be allowed using the boolean 'logging_syslogd_list_non_security_dirs'
+allow syslogd_t cgroup_t:dir read;
+
+#============= systemd_gpt_generator_t ==============
+allow systemd_gpt_generator_t tmpfs_t:filesystem mount;
+
+#============= systemd_network_generator_t ==============
+allow systemd_network_generator_t init_var_run_t:file { create getattr open read rename setattr write };
+allow systemd_network_generator_t kernel_t:unix_dgram_socket sendto;
 
 #============= systemd_networkd_t ==============
-allow systemd_networkd_t system_dbusd_var_run_t:sock_file *;
-
-selinux_use_status_page(init_t)
-selinux_use_status_page(systemd_hostnamed_t)
-selinux_use_status_page(systemd_localed_t)
-selinux_use_status_page(systemd_logind_t)
-selinux_use_status_page(systemd_resolved_t)
-selinux_use_status_page(systemd_tmpfiles_t)
-selinux_use_status_page(systemd_hwdb_t)
+allow systemd_networkd_t system_dbusd_var_run_t:sock_file watch;
+
+#============= systemd_userdbd_t ==============
+allow systemd_userdbd_t self:capability sys_resource;