module sddm 1.0;

require {
        type xdm_t;
        type usr_t;
        type unconfined_t;
        class process execmem;
        class file entrypoint;
}

#============= unconfined_t ==============
allow unconfined_t usr_t:file entrypoint;

#============= xdm_t ==============
# Note: you can also use one of the following boolean: allow_execmem, allow_execstack, xserver_gnome_xdm
allow xdm_t self:process execmem;