policy_module(unconfined_additional, 0.0.2) require { type unconfined_t; type portage_sandbox_t; type sysadm_t; } allow unconfined_t portage_sandbox_t:process transition; allow unconfined_t self:process execmem; allow unconfined_t sysadm_t:process transition;
