module tdm 1.0; require { type etc_t; type fprintd_t; type init_t; type tmp_t; type unconfined_service_t; type unconfined_t; type var_lib_t; type var_run_t; type xdm_t; class capability2 mac_admin; class dbus send_msg; class fifo_file { getattr open read setattr unlink }; class file { create entrypoint getattr lock map open read rename unlink write }; class lnk_file unlink; class process transition; } allow fprintd_t init_t:dbus send_msg; allow unconfined_service_t unconfined_t:process transition; allow unconfined_t self:capability2 mac_admin; allow xdm_t etc_t:file { create entrypoint rename unlink write }; allow xdm_t tmp_t:fifo_file { getattr open read setattr unlink }; allow xdm_t tmp_t:file { map open unlink }; allow xdm_t tmp_t:lnk_file unlink; allow xdm_t var_lib_t:file { unlink }; allow xdm_t var_run_t:file { getattr lock open read write };