type SMD-daemon, domain;
type SMD-daemon_exec, exec_type, file_type;
init_daemon_domain(SMD-daemon)

allow SMD-daemon system_file:file { execute_no_trans };
allow SMD-daemon self:capability { setuid };

allow SMD-daemon log_device:chr_file { write open };
allow SMD-daemon log_device:dir { search };