allow mpdecision socket_device:dir w_dir_perms;
allow mpdecision socket_device:sock_file create;
allow mpdecision self:capability sys_nice;