diff --git a/k3s.fc b/k3s.fc
index 69ad298..a3c2262 100644
--- a/k3s.fc
+++ b/k3s.fc
@@ -6,6 +6,7 @@
 /var/lib/cni(/.*)?								gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s(/.*)?							gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/data(/.*)?							gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/var/lib/rancher/k3s/storage(/.*)?						gen_context(system_u:object_r:container_file_t,s0)
 #/var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots(/.*)?			gen_context(system_u:object_r:container_share_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots			-d	gen_context(system_u:object_r:container_share_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*		-d	gen_context(system_u:object_r:container_share_t,s0)
diff --git a/k3s.te b/k3s.te
index 13f8c0f..71ea8ca 100644
--- a/k3s.te
+++ b/k3s.te
@@ -5,6 +5,11 @@ gen_require(`
 ')
 filetrans_pattern(container_runtime_t, container_var_lib_t, container_runtime_exec_t, dir, "data")
 
+gen_require(`
+    type container_runtime_t, container_var_lib_t, container_file_t;
+')
+filetrans_pattern(container_runtime_t, container_var_lib_t, container_file_t, dir, "storage")
+
 gen_require(`
     type container_runtime_t, container_var_lib_t, container_share_t;
 ')