policy_module(iotop, 1.0.0)

########################################
#
# Declarations
#

attribute_role iotop_roles;
roleattribute system_r iotop_roles;

type iotop_t;
type iotop_exec_t;
application_domain(iotop_t, iotop_exec_t)

permissive iotop_t;

########################################
#
# iotop local policy
#

#allow iotop_t self:fifo_file manage_fifo_file_perms;
#allow iotop_t self:unix_stream_socket create_stream_socket_perms;

#domain_use_interactive_fds(iotop_t)

#files_read_etc_files(iotop_t)

miscfiles_read_localization(iotop_t)