module keystone_policy 1.0;

require {
	type var_run_t;
	type httpd_t;
	class sock_file write;
}

#============= httpd_t ==============

allow httpd_t var_run_t:sock_file write;