module plocate 1.0;

require {
	type systemd_machined_t;
	type var_lib_t;
	type locate_t;
	type sysctl_kernel_t;
	class file read;
	class unix_stream_socket connectto;
	class dir search;
}

#============= locate_t ==============
allow locate_t sysctl_kernel_t:dir search;
allow locate_t systemd_machined_t:unix_stream_socket connectto;
allow locate_t var_lib_t:file read;