module local-mkinitcpio 1.0;

require {
	type user_tmp_t;
	type unconfined_t;
	type kmod_t;
	type tmp_t;
	class unix_stream_socket { read write };
	class file all;
	class dir all;
	class lnk_file all;
}

#============= kmod_t ==============
allow kmod_t tmp_t:file all;
allow kmod_t tmp_t:dir all;
allow kmod_t tmp_t:lnk_file all;
allow kmod_t unconfined_t:unix_stream_socket { read write };
allow kmod_t user_tmp_t:file all;
allow kmod_t user_tmp_t:dir all;
allow kmod_t user_tmp_t:lnk_file all;