type iddd, domain; 

type iddd_exec, exec_type, file_type; 
init_daemon_domain(iddd)

allow iddd self:socket create_socket_perms;
allow iddd iddd_file:fifo_file rw_file_perms;
allow iddd iddd_file:file rw_file_perms;
allow iddd iddd_file:dir rw_file_perms;
allow iddd iddd_file:dir { add_name remove_name search };
allow iddd iddd_file:file { create rename unlink };
allow iddd iddd_file:sock_file { create setattr unlink write };


type_transition iddd system_data_file:file iddd_file;

type credmgr, domain;
type credmgr_exec, exec_type, file_type;
init_daemon_domain(credmgr);


type scd, domain;
type scd_exec, exec_type, file_type;
type scd_data, file_type;
init_daemon_domain(scd)

type wv,domain;
type wv_exec, exec_type, file_type;
init_daemon_domain(wv)

#iddd logd
allow iddd logd:unix_stream_socket connectto;
allow iddd logdr_socket:sock_file write;

#============= system_server ==============
allow system_server credmgr_exec:dir search;
allow system_server credmgr_exec:file { getattr open read };
allow system_server iddd_exec:dir search;
allow system_server iddd_exec:file { getattr open read };
allow iddd tmpfs:lnk_file read;
#============= iddd ==============
allow iddd iddd_exec:file execute_no_trans;