#DESC dante - socks daemon
#
# Author: petre rodan <kaiowas@gentoo.org>
#

type dante_conf_t, file_type, sysadmfile;

daemon_domain(dante)
can_network_server(dante_t)

allow dante_t self:fifo_file { read write };
allow dante_t self:capability { setuid setgid };
allow dante_t self:unix_dgram_socket { connect create write };
allow dante_t self:unix_stream_socket { connect create read setopt write };
allow dante_t self:tcp_socket connect;

allow dante_t socks_port_t:tcp_socket name_bind;

allow dante_t { etc_t etc_runtime_t }:file r_file_perms;
r_dir_file(dante_t, dante_conf_t)

allow dante_t initrc_var_run_t:file { getattr write };