diff --git a/manifests/fedora-coreos.yaml b/manifests/fedora-coreos.yaml
index 581e0e38b..0f2f09da9 100644
--- a/manifests/fedora-coreos.yaml
+++ b/manifests/fedora-coreos.yaml
@@ -136,7 +136,24 @@ postprocess:
             done
         done
     done
-
+  # Recent changes in the SELinux policy have broken a lot of our code.
+  # Revert the affected domains back to permissive mode until
+  # https://github.com/fedora-selinux/selinux-policy/pull/2257 merges
+  # and the domains are reverted upstream.
+  - |
+    #!/usr/bin/env bash
+    set -xeuo pipefail
+    cat > /tmp/fcos-workarounds.cil << EOF
+    ; https://bugzilla.redhat.com/show_bug.cgi?id=2300306
+    (typeattributeset cil_gen_require bootupd_t)
+    (typepermissive bootupd_t)
+
+    ; https://bugzilla.redhat.com/show_bug.cgi?id=2305385
+    (typeattributeset cil_gen_require coreos_installer_t)
+    (typepermissive coreos_installer_t)
+    EOF
+    /usr/sbin/semodule -i /tmp/fcos-workarounds.cil
+    rm /tmp/fcos-workarounds.cil
 
 remove-files:
   # We don't ship man(1) or info(1)