module samba-dc 1.1;

require {
        type ntpd_var_run_t;
        type unconfined_service_t;
        type chronyd_t;
        class sock_file write;
        class unix_stream_socket connectto;
}

#============= chronyd_t ==============
allow chronyd_t ntpd_var_run_t:sock_file write;
allow chronyd_t unconfined_service_t:unix_stream_socket connectto;