policy_module(wm, 1.2.0)

attribute wm_domain;

########################################
#
# Declarations
#

type wm_exec_t;
corecmd_executable_file(wm_exec_t)

allow wm_domain self:fifo_file rw_fifo_file_perms;
allow wm_domain self:process getsched;
allow wm_domain self:shm create_shm_perms;
allow wm_domain self:unix_dgram_socket create_socket_perms;

dev_read_urand(wm_domain)


fs_getattr_tmpfs(wm_domain)

application_signull(wm_domain)

miscfiles_read_fonts(wm_domain)

optional_policy(`
	dbus_system_bus_client(wm_domain)
	dbus_session_bus_client(wm_domain)
')

optional_policy(`
	pulseaudio_stream_connect(wm_domain)
')

optional_policy(`
	xserver_manage_core_devices(wm_domain)
')