1 # Life begins with the kernel. 2 type kernel, domain; 3 permissive kernel; 4 # The kernel is unconfined. 5 unconfined_domain(kernel) 6 relabelto_domain(kernel) 7 8 allow kernel {fs_type dev_type file_type}:dir_file_class_set relabelto; 9