module local 1.0;

require {
	type postgresql_port_t;
	type httpd_sys_script_t;
	class process execmem;
	class tcp_socket { write name_connect setopt read getopt create connect };
	class netlink_route_socket { write getattr read bind create nlmsg_read };
}

#============= httpd_sys_script_t ==============
allow httpd_sys_script_t postgresql_port_t:tcp_socket name_connect;
allow httpd_sys_script_t self:netlink_route_socket { write getattr read bind create nlmsg_read };
allow httpd_sys_script_t self:process execmem;
allow httpd_sys_script_t self:tcp_socket { write setopt read getopt create connect };