module fedmsg 1.1;

require {
	type anon_inodefs_t;
	type httpd_t;
	class file write;
}

require {
	type ptmx_t;
	type httpd_t;
	class chr_file getattr;
}

#============= httpd_t ==============
# For basic port binding
allow httpd_t anon_inodefs_t:file write;
# So that psutil can work from /etc/fedmsg.d/logging.py
allow httpd_t ptmx_t:chr_file getattr;