policy_module(my_iotop,1.0.0)

require {
    type sysadm_t;
    type staff_t;
    type user_t;
}

allow { sysadm_t staff_t user_t } self:netlink_socket { bind create read setopt write };

#eof