diff --git a/radicale-config-storage-hooks-SELinux-note.patch b/radicale-config-storage-hooks-SELinux-note.patch
new file mode 100644
index 0000000..6baa180
--- /dev/null
+++ b/radicale-config-storage-hooks-SELinux-note.patch
@@ -0,0 +1,10 @@
+--- Radicale-3.0.6/config.orig	2021-11-20 07:11:17.884076653 +0100
++++ Radicale-3.0.6/config	2021-11-20 07:11:24.497058662 +0100
+@@ -94,6 +94,7 @@
+ 
+ # Command that is run after changes to storage
+ # Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)
++# Note: storage hooks configuration is currently not supported by packaged SELinux policy and requires a local custom policy extension (RHBZ#1928899)
+ #hook =
+ 
+ 
diff --git a/radicale.spec b/radicale.spec
index a52d659..6b95d1a 100644
--- a/radicale.spec
+++ b/radicale.spec
@@ -26,7 +26,7 @@
 
 Name:             radicale
 Version:          %{radicale_version}
-Release:          22%{?dist}
+Release:          23%{?dist}
 Summary:          A simple CalDAV (calendar) and CardDAV (contact) server
 License:          GPLv3+
 URL:              https://radicale.org
@@ -48,6 +48,8 @@ Source7:          %{name}-tmpfiles.conf
 Source50:	  %{name}-test-example.ics
 Source51:	  %{name}-test-example.vcf
 
+Patch0:           %{name}-config-storage-hooks-SELinux-note.patch
+
 BuildArch:        noarch
 
 
@@ -200,6 +202,9 @@ Requires(postun): policycoreutils-python-utils
 %description -n %{radicale_package_name}-selinux
 SELinux definitions for Radicale (Python3).
 
+Note: storage hooks configuration is currently not supported by packaged
+ SELinux policy and requires a local custom policy extension (RHBZ#1928899)
+
 
 %prep
 %autosetup -n Radicale-%{version}
@@ -452,6 +457,10 @@ fi
 
 
 %changelog
+* Mon Dec 27 2021 Peter Bieringer <pb@bieringer.de> - 3.1.0-23
+- SELinux policy: add notes in subpackage description and default config file that storage hooks are not supported so far (RHBZ#1928899)
+- add required init_nnp_daemon_domain to radicale.te (1.0.9): (RHBZ#2020942)
+
 * Mon Dec 27 2021 Peter Bieringer <pb@bieringer.de> - 3.1.0-22
 - Version 3.1.0
 
diff --git a/radicale.te b/radicale.te
index 2a82f38..60b0faf 100644
--- a/radicale.te
+++ b/radicale.te
@@ -1,4 +1,4 @@
-policy_module(radicale, 1.0.8)
+policy_module(radicale, 1.0.9)
 
 gen_require(`
     type httpd_t;
@@ -13,6 +13,7 @@ gen_require(`
 type radicale_t;
 type radicale_exec_t;
 init_daemon_domain(radicale_t, radicale_exec_t)
+init_nnp_daemon_domain(radicale_t) # RHBZ#2020942
 
 type radicale_log_t;
 logging_log_file(radicale_log_t)