(typeattributeset cil_gen_require sssd_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require userapp_t)
(typeattributeset cil_gen_require net_conf_t)
(typeattributeset cil_gen_require userapp_exec_t)
(typeattributeset cil_gen_require sssd_var_lib_t)
(typeattributeset cil_gen_require reserved_port_t)
(typeattributeset cil_gen_require node_t)
(typeattributeset cil_gen_require kernel_t)

(type sctp_port_t)
(typeattributeset port_type sctp_port_t)
(type userapp_t)
(typeattributeset domain userapp_t)
(type userapp_exec_t)
(typeattributeset file_type userapp_exec_t)

(allow userapp_t sctp_port_t (sctp_socket ( name_bind name_connect )))
(allow userapp_t userapp_t ( sctp_socket ( listen accept )))
(typetransition unconfined_t userapp_exec_t process userapp_t)
(allow unconfined_t userapp_exec_t ( file ( getattr open read execute )))
(allow unconfined_t userapp_t ( process ( transition )))
(roletype unconfined_r userapp_t)

(allow userapp_t net_conf_t (file (getattr open read)))
(allow userapp_t node_t (sctp_socket (node_bind)))
(allow userapp_t reserved_port_t (sctp_socket (name_bind)))
(allow userapp_t self (capability (net_bind_service)))
(allow userapp_t self (netlink_route_socket (bind create getattr nlmsg_read read write)))
(allow userapp_t self (sctp_socket (bind create read setopt connect write)))
(allow userapp_t self (udp_socket (connect create getattr)))
(allow userapp_t sssd_t (unix_stream_socket (connectto)))
(allow userapp_t sssd_var_lib_t (dir (search)))
(allow userapp_t sssd_var_lib_t (sock_file (write)))
(allow userapp_t user_devpts_t (chr_file (append getattr read write)))
(allow userapp_t userapp_exec_t (file (map)))
(allow userapp_t userapp_exec_t (file (entrypoint execute read)))
(allow userapp_t kernel_t (system (module_request)))
(allow userapp_t user_tmp_t (file (getattr open write append)))