diff --git a/src/daemon/org.projectatomic.rpmostree1.policy b/src/daemon/org.projectatomic.rpmostree1.policy
index 3651d906..304e89db 100644
--- a/src/daemon/org.projectatomic.rpmostree1.policy
+++ b/src/daemon/org.projectatomic.rpmostree1.policy
@@ -96,6 +96,16 @@
     </defaults>
   </action>
 
+  <action id="org.projectatomic.rpmostree1.reload-daemon">
+    <description>Reload the daemon state</description>
+    <message>Authentication is required to reload the rpmostree daemon state</message>
+    <defaults>
+      <allow_any>auth_admin</allow_any>
+      <allow_inactive>auth_admin</allow_inactive>
+      <allow_active>auth_admin_keep</allow_active>
+    </defaults>
+  </action>
+
   <action id="org.projectatomic.rpmostree1.cleanup">
     <description>Clear cache</description>
     <message>Authentication is required to clear cache / pending data</message>
diff --git a/src/daemon/rpmostreed-sysroot.c b/src/daemon/rpmostreed-sysroot.c
index c240a17e..a60d1585 100644
--- a/src/daemon/rpmostreed-sysroot.c
+++ b/src/daemon/rpmostreed-sysroot.c
@@ -582,6 +582,10 @@ sysroot_authorize_method (GDBusInterfaceSkeleton *interface,
       /* GetOS() is always allowed */
       authorized = TRUE;
     }
+  else if (g_strcmp0 (method_name, "ReloadConfig") == 0)
+    {
+      action = "org.projectatomic.rpmostree1.reload-daemon";
+    }
   else if (g_strcmp0 (method_name, "RegisterClient") == 0 ||
            g_strcmp0 (method_name, "UnregisterClient") == 0)
     {
diff --git a/tests/vmcheck/test-basic.sh b/tests/vmcheck/test-basic.sh
index c40095b1..bba7d4ac 100755
--- a/tests/vmcheck/test-basic.sh
+++ b/tests/vmcheck/test-basic.sh
@@ -44,13 +44,17 @@ if ! vm_cmd getent passwd testuser; then
   vm_cmd chown -R testuser:testuser /home/testuser/.ssh
 fi
 
-# Make sure we can't layer as non-root
+# Make sure we can't do various operations as non-root
 vm_build_rpm foo
 if vm_cmd_as testuser rpm-ostree pkg-add foo &> err.txt; then
     assert_not_reached "Was able to install a package as non-root!"
 fi
 assert_file_has_content err.txt 'PkgChange not allowed for user'
-echo "ok layering requires root or auth"
+if vm_cmd_as testuser rpm-ostree reload &> err.txt; then
+    assert_not_reached "Was able to reload as non-root!"
+fi
+assert_file_has_content err.txt 'ReloadConfig not allowed for user'
+echo "ok auth"
 
 # Assert that we can do status as non-root
 vm_cmd_as testuser rpm-ostree status
@@ -60,6 +64,10 @@ echo "ok status doesn't require root"
 vm_cmd runuser -u bin rpm-ostree status
 echo "ok status doesn't require active PAM session"
 
+# Reload as root https://github.com/projectatomic/rpm-ostree/issues/976
+vm_cmd rpm-ostree reload
+echo "ok reload"
+
 # Add metadata string containing EnfOfLife attribtue
 META_ENDOFLIFE_MESSAGE="this is a test for metadata message"
 commit=$(vm_cmd ostree commit -b vmcheck \