#DESC auditd - System auditing daemon
#
# Authors: Colin Walters <walters@verbum.org>
#

daemon_domain(auditd)
allow auditd_t self:netlink_audit_socket { bind create getattr nlmsg_read nlmsg_write read write };
allow auditd_t self:capability { audit_write audit_control };
allow auditd_t sysadm_tty_device_t:chr_file rw_file_perms;
allow auditd_t self:unix_dgram_socket create_socket_perms;
allow auditd_t etc_t:file { getattr read };
log_domain(auditd)