(block my_container
    (blockinherit container)
    (blockinherit restricted_net_container)
    (allow process ftp_port_t ( tcp_socket (  name_bind ))) 
    (blockinherit home_container)
    (allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process abrt_var_cache_t ( sock_file ( append getattr open read write ))) 
    (allow process antivirus_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process antivirus_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process antivirus_db_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process antivirus_db_t ( sock_file ( append getattr open read write ))) 
    (allow process asterisk_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process asterisk_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process asterisk_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process asterisk_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process audit_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process audit_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process audit_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process audit_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process bacula_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process bacula_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process bacula_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process bacula_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process callweaver_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process callweaver_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process callweaver_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process callweaver_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process courier_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process cron_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process ctdbd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process ctdbd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process ctdbd_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process ctdbd_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process device_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process device_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process device_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process device_t ( sock_file ( append getattr open read write ))) 
    (allow process devlog_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process devlog_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process devlog_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process devlog_t ( sock_file ( append getattr open read write ))) 
    (allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process dkim_milter_data_t ( sock_file ( append getattr open read write ))) 
    (allow process dovecot_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process dovecot_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process dovecot_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process dovecot_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process etc_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process etc_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process etc_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process etc_t ( sock_file ( append getattr open read write ))) 
    (allow process exim_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process exim_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process exim_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process exim_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process getty_var_run_t ( sock_file ( append getattr open read write ))) 
    (allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write ))) 
    (allow process ld_so_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process ld_so_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process ld_so_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process ld_so_t ( sock_file ( append getattr open read write ))) 
    (allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process lib_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process lib_t ( sock_file ( append getattr open read write ))) 
    (allow process locale_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process locale_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process locale_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process locale_t ( sock_file ( append getattr open read write ))) 
    (allow process lpd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process lpd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process lpd_var_run_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process lpd_var_run_t ( sock_file ( append getattr open read write ))) 
    (allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process mail_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process mailman_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process mailman_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process mailman_data_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process mailman_data_t ( sock_file ( append getattr open read write ))) 
    (allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process mqueue_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process mscan_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process mscan_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process mscan_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process mscan_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process nagios_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process news_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process news_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process news_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process news_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process plymouthd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process plymouthd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process plymouthd_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process plymouthd_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process plymouthd_var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process plymouthd_var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process plymouthd_var_log_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process plymouthd_var_log_t ( sock_file ( append getattr open read write ))) 
    (allow process postfix_private_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process postfix_private_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process postfix_private_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process postfix_private_t ( sock_file ( append getattr open read write ))) 
    (allow process postfix_public_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process postfix_public_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process postfix_public_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process postfix_public_t ( sock_file ( append getattr open read write ))) 
    (allow process postfix_spool_bounce_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process postfix_spool_bounce_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process postfix_spool_bounce_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process postfix_spool_bounce_t ( sock_file ( append getattr open read write ))) 
    (allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process postfix_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process postfix_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process postfix_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process postfix_var_run_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process postfix_var_run_t ( sock_file ( append getattr open read write ))) 
    (allow process postgrey_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process postgrey_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process postgrey_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process postgrey_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process prelude_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process print_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process public_content_rw_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process public_content_rw_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process public_content_rw_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process public_content_rw_t ( sock_file ( append getattr open read write ))) 
    (allow process pyicqt_var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process pyicqt_var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process pyicqt_var_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process pyicqt_var_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process quota_db_t ( sock_file ( append getattr open read write ))) 
    (allow process regex_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process regex_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process regex_milter_data_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process regex_milter_data_t ( sock_file ( append getattr open read write ))) 
    (allow process rpm_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process rpm_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process rpm_var_cache_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process rpm_var_cache_t ( sock_file ( append getattr open read write ))) 
    (allow process rwho_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process rwho_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process rwho_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process rwho_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process samba_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process samba_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process samba_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process samba_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process sge_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process sge_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process sge_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process sge_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process smsd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process smsd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process smsd_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process smsd_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process snmpd_var_lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process snmpd_var_lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process snmpd_var_lib_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process snmpd_var_lib_t ( sock_file ( append getattr open read write ))) 
    (allow process spamass_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process spamass_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process spamass_milter_data_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process spamass_milter_data_t ( sock_file ( append getattr open read write ))) 
    (allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process spamd_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process spamd_var_run_t ( sock_file ( append getattr open read write ))) 
    (allow process squid_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process squid_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process squid_cache_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process squid_cache_t ( sock_file ( append getattr open read write ))) 
    (allow process squirrelmail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process squirrelmail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process squirrelmail_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process squirrelmail_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process system_cron_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process tetex_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process tetex_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process tetex_data_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process tetex_data_t ( sock_file ( append getattr open read write ))) 
    (allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process user_cron_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process uucpd_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process var_log_t ( sock_file ( append getattr open read write ))) 
    (allow process var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process var_run_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process var_run_t ( sock_file ( append getattr open read write ))) 
    (allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process var_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process xdm_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process xdm_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process xdm_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process xdm_spool_t ( sock_file ( append getattr open read write ))) 
    (allow process zoneminder_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) 
    (allow process zoneminder_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write ))) 
    (allow process zoneminder_spool_t ( fifo_file ( getattr read write append ioctl lock open ))) 
    (allow process zoneminder_spool_t ( sock_file ( append getattr open read write ))) 
)