policy_module(staff, 2.1.0)

########################################
#
# Declarations
#

role staff_r;

userdom_unpriv_user_template(staff)

########################################
#
# Local policy
#

optional_policy(`
	apache_role(staff_r, staff_t)
')

optional_policy(`
	auth_role(staff_r, staff_t)
')

optional_policy(`
	auditadm_role_change(staff_r)
')

optional_policy(`
	bluetooth_role(staff_r, staff_t)
')

optional_policy(`
	cdrecord_role(staff_r, staff_t)
')

optional_policy(`
	cron_role(staff_r, staff_t)
')

optional_policy(`
	dbus_role_template(staff, staff_r, staff_t)
')

optional_policy(`
	ethereal_role(staff_r, staff_t)
')

optional_policy(`
	evolution_role(staff_r, staff_t)
')

optional_policy(`
	games_role(staff_r, staff_t)
')

optional_policy(`
	gift_role(staff_r, staff_t)
')

optional_policy(`
	gnome_role(staff_r, staff_t)
')

optional_policy(`
	gpg_role(staff_r, staff_t)
')

optional_policy(`
	irc_role(staff_r, staff_t)
')

optional_policy(`
	java_role(staff_r, staff_t)
')

optional_policy(`
	lockdev_role(staff_r, staff_t)
')

optional_policy(`
	lpd_role(staff_r, staff_t)
')

optional_policy(`
	mozilla_role(staff_r, staff_t)
')

optional_policy(`
	mplayer_role(staff_r, staff_t)
')

optional_policy(`
	mta_role(staff_r, staff_t)
')

optional_policy(`
	oident_manage_user_content(staff_t)
	oident_relabel_user_content(staff_t)
')

optional_policy(`
	postgresql_role(staff_r, staff_t)
')

optional_policy(`
	pyzor_role(staff_r, staff_t)
')

optional_policy(`
	razor_role(staff_r, staff_t)
')

optional_policy(`
	rssh_role(staff_r, staff_t)
')

optional_policy(`
	screen_role_template(staff, staff_r, staff_t)
')

optional_policy(`
	secadm_role_change(staff_r)
')

optional_policy(`
	spamassassin_role(staff_r, staff_t)
')

optional_policy(`
	ssh_role_template(staff, staff_r, staff_t)
')

optional_policy(`
	su_role_template(staff, staff_r, staff_t)
')

optional_policy(`
	sudo_role_template(staff, staff_r, staff_t)
')

optional_policy(`
	sysadm_role_change(staff_r)
	userdom_dontaudit_use_user_terminals(staff_t)
')

optional_policy(`
	thunderbird_role(staff_r, staff_t)
')

optional_policy(`
	tvtime_role(staff_r, staff_t)
')

optional_policy(`
	uml_role(staff_r, staff_t)
')

optional_policy(`
	userhelper_role_template(staff, staff_r, staff_t)
')

optional_policy(`
	vmware_role(staff_r, staff_t)
')

optional_policy(`
	wireshark_role(staff_r, staff_t)
')

optional_policy(`
	xserver_role(staff_r, staff_t)
')