policy_module(unprivuser, 2.0.0)

# this module should be named user, but that is
# a compile error since user is a keyword.

########################################
#
# Declarations
#

role user_r;

userdom_unpriv_user_template(user)

optional_policy(`
	apache_role(user_r, user_t)
')

optional_policy(`
	auth_role(user_r, user_t)
')

optional_policy(`
	bluetooth_role(user_r, user_t)
')

optional_policy(`
	cdrecord_role(user_r, user_t)
')

optional_policy(`
	cron_role(user_r, user_t)
')

optional_policy(`
	dbus_role_template(user, user_r, user_t)
')

optional_policy(`
	ethereal_role(user_r, user_t)
')

optional_policy(`
	evolution_role(user_r, user_t)
')

optional_policy(`
	games_role(user_r, user_t)
')

optional_policy(`
	gift_role(user_r, user_t)
')

optional_policy(`
	gnome_role(user_r, user_t)
')

optional_policy(`
	gpg_role(user_r, user_t)
')

optional_policy(`
	irc_role(user_r, user_t)
')

optional_policy(`
	java_role(user_r, user_t)
')

optional_policy(`
	lockdev_role(user_r, user_t)
')

optional_policy(`
	lpd_role(user_r, user_t)
')

optional_policy(`
	mozilla_role(user_r, user_t)
')

optional_policy(`
	mplayer_role(user_r, user_t)
')

optional_policy(`
	mta_role(user_r, user_t)
')

optional_policy(`
	oident_manage_user_content(user_t)
	oident_relabel_user_content(user_t)
')

optional_policy(`
	pyzor_role(user_r, user_t)
')

optional_policy(`
	razor_role(user_r, user_t)
')

optional_policy(`
	rssh_role(user_r, user_t)
')

optional_policy(`
	screen_role_template(user, user_r, user_t)
')

optional_policy(`
	spamassassin_role(user_r, user_t)
')

optional_policy(`
	ssh_role_template(user, user_r, user_t)
')

optional_policy(`
	su_role_template(user, user_r, user_t)
')

optional_policy(`
	sudo_role_template(user, user_r, user_t)
')

optional_policy(`
	thunderbird_role(user_r, user_t)
')

optional_policy(`
	tvtime_role(user_r, user_t)
')

optional_policy(`
	uml_role(user_r, user_t)
')

optional_policy(`
	userhelper_role_template(user, user_r, user_t)
')

optional_policy(`
	vmware_role(user_r, user_t)
')

optional_policy(`
	wireshark_role(user_r, user_t)
')

optional_policy(`
	xserver_role(user_r, user_t)
')