--- /root/public_html/policy/nsa/domains/program/unused/mysqld.te	2004-08-30 23:35:32.000000000 +0300
+++ /etc/security/selinux/src/policy/domains/program/mysqld.te	2004-10-06 04:36:23.704673096 +0300
@@ -23,7 +23,8 @@
 
 log_domain(mysqld)
 
-allow mysqld_t tmp_t:dir { getattr read };
+# for temporary tables
+tmp_domain(mysqld)
 
 allow mysqld_t usr_t:file { getattr read };
 
@@ -57,10 +58,6 @@
 
 can_unix_connect(sysadm_t, mysqld_t)
 
-# for /root/.my.cnf - should not be needed
-allow mysqld_t sysadm_home_dir_t:dir search;
-allow mysqld_t sysadm_home_t:file { read getattr };
-
 ifdef(`logrotate.te', `
 r_dir_file(logrotate_t, mysqld_etc_t)
 allow logrotate_t mysqld_db_t:dir search;
@@ -74,6 +71,12 @@
 allow userdomain mysqld_var_run_t:sock_file write;
 ')
 
+ifdef(`daemontools.te', `
+domain_auto_trans( svc_run_t, mysqld_exec_t, mysqld_t)
+allow svc_start_t mysqld_t:process signal;
+svc_ipc_domain(mysqld_t)
+')dnl end ifdef daemontools
+
 ifdef(`distro_redhat', `
 allow initrc_t mysqld_db_t:dir create_dir_perms;