diff --git a/data/selinux/snappy.te b/data/selinux/snappy.te
index 3370fb3943..cd2f0fccce 100644
--- a/data/selinux/snappy.te
+++ b/data/selinux/snappy.te
@@ -216,6 +216,7 @@ corenet_udp_sendrecv_dns_port(snappy_t)
 corenet_tcp_connect_dns_port(snappy_t)
 corenet_sendrecv_dns_client_packets(snappy_t)
 
-# allow polkit to reply to snapd
-gen_require(` type policykit_t; class dbus send_msg; ')
-allow policykit_t snappy_t:dbus send_msg;
+# allow communication with polkit over dbus
+optional_policy(`
+  policykit_dbus_chat(snappy_t)
+')