Make dnsmasq permissive or unconfined.

Also add rules from our policy.

Change-Id: I86f07f54c5120c511f9cab2877cf765c3ae7c1a8
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

dnsmasq.te

+# DNS, DHCP services
 type dnsmasq, domain;
+permissive_or_unconfined(dnsmasq)
 type dnsmasq_exec, exec_type, file_type;
 
-init_daemon_domain(dnsmasq)
-net_domain(dnsmasq)
-unconfined_domain(dnsmasq)
+allow dnsmasq self:capability { net_bind_service setgid setuid };
+allow dnsmasq self:tcp_socket create_socket_perms;
+
+allow dnsmasq dhcp_data_file:dir w_dir_perms;
+allow dnsmasq dhcp_data_file:file create_file_perms;
+allow dnsmasq port:tcp_socket name_bind;
+allow dnsmasq node:tcp_socket node_bind;