policy_module(gcc_config_additional, 0.0.1)

require {
  type bin_t;
  type lib_t;
  type gcc_config_t;
  type portage_devpts_t;
}

allow gcc_config_t self:capability dac_read_search;
allow gcc_config_t self:process getsched;


manage_lnk_files_pattern(gcc_config_t, bin_t, bin_t)
manage_lnk_files_pattern(gcc_config_t, lib_t, lib_t)

allow gcc_config_t portage_devpts_t:chr_file { append read };

dev_read_urand(gcc_config_t)

files_read_var_files(gcc_config_t)