Policy: pksd, Emulation: native
	native-__sysctl: permit
	native-accept: permit
	native-bind: sockaddr eq "/home/pksd/var/pksd_socket" then permit
	native-bind: sockaddr eq "inet-[0.0.0.0]:11371" then permit
	native-break: permit
	native-chroot: filename eq "/home/pksd" then permit
	native-close: permit
	native-connect: sockaddr eq "/dev/log" then permit
	native-exit: permit
	native-fcntl: permit
	native-fsread: filename eq "/" then permit
	native-fsread: filename eq "/<non-existent filename>: /etc/malloc.conf" then permit
	native-fsread: filename eq "/dev" then permit
	native-fsread: filename eq "/etc" then permit
	native-fsread: filename eq "/home" then permit
	native-fsread: filename eq "/home/pksd" then permit
	native-fsread: filename eq "/usr" then permit
	native-fsread: filename eq "/usr/X11R6/lib" then permit
	native-fsread: filename eq "/usr/lib" then permit
	native-fsread: filename eq "/usr/lib/libc.so.29.0" then permit
	native-fsread: filename eq "/usr/libexec/ld.so" then permit
	native-fsread: filename eq "/usr/local/lib" then permit
	native-fsread: filename eq "/usr/share/zoneinfo/Canada/Mountain" then permit
	native-fsread: filename eq "/usr/share/zoneinfo/GMT" then permit
	native-fsread: filename eq "/var" then permit
	native-fsread: filename eq "/var/run/ld.so.hints" then permit
	native-fsread: filename eq "/var/tmp" then permit
	native-fsread: filename match "/home/pksd/*" then permit
	native-fstat: permit
	native-fstatfs: permit
	native-fswrite: filename match "/home/pksd/var/*" then permit
	native-fsync: permit
	native-getdirentries: permit
	native-getpid: permit
	native-getrlimit: permit
	native-gettimeofday: permit
	native-issetugid: permit
	native-listen: permit
	native-lseek: permit
	native-mmap: permit
	native-mprotect: permit
	native-munmap: permit
	native-pread: permit
	native-pwrite: permit
	native-read: permit
	native-select: permit
	native-sendto: true then permit
	native-setgid: gid eq "PKSD_GID" then permit
	native-setsockopt: permit
	native-setuid: uid eq "PKSD_UID" and uname eq "pksd" then permit
	native-sigaction: permit
	native-sigreturn: permit
	native-socket: sockdom eq "AF_INET" and socktype eq "SOCK_STREAM" then permit
	native-socket: sockdom eq "AF_UNIX" and socktype eq "SOCK_DGRAM" then permit
	native-socket: sockdom eq "AF_UNIX" and socktype eq "SOCK_STREAM" then permit
	native-write: permit