module postfixmysql 1.0;

require {
	type mysqld_var_run_t;
	type mysqld_t;
	type mysqld_db_t;
	type postfix_virtual_t;
	type postfix_smtpd_t;
	type postfix_pipe_t;
	type postfix_cleanup_t;
	class sock_file write;
	class unix_stream_socket connectto;
	class dir search;
}

#============= postfix_cleanup_t ==============
allow postfix_cleanup_t mysqld_db_t:dir search;
allow postfix_cleanup_t mysqld_t:unix_stream_socket connectto;
allow postfix_cleanup_t mysqld_var_run_t:sock_file write;

#============= postfix_pipe_t ==============
allow postfix_pipe_t mysqld_db_t:dir search;
allow postfix_pipe_t mysqld_t:unix_stream_socket connectto;
allow postfix_pipe_t mysqld_var_run_t:sock_file write;

#============= postfix_smtpd_t ==============
allow postfix_smtpd_t mysqld_db_t:dir search;
allow postfix_smtpd_t mysqld_t:unix_stream_socket connectto;
allow postfix_smtpd_t mysqld_var_run_t:sock_file write;

#============= postfix_virtual_t ==============
allow postfix_virtual_t mysqld_db_t:dir search;
allow postfix_virtual_t mysqld_t:unix_stream_socket connectto;
allow postfix_virtual_t mysqld_var_run_t:sock_file write;