1 # Label inodes with the fs label. 2 genfscon rootfs / u:object_r:rootfs:s0 3 # proc labeling can be further refined (longest matching prefix). 4 genfscon proc / u:object_r:proc:s0 5 genfscon proc /iomem u:object_r:proc_iomem:s0 6 genfscon proc /meminfo u:object_r:proc_meminfo:s0 7 genfscon proc /net u:object_r:proc_net:s0 8 genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0 9 genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0 10 genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0 11 genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0 12 genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0 13 genfscon proc /sys/fs/suid_dumpable u:object_r:proc_security:s0 14 genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0 15 genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0 16 genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0 17 genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0 18 genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0 19 genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0 20 genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0 21 genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0 22 genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0 23 genfscon proc /sys/net u:object_r:proc_net:s0 24 genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0 25 genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0 26 genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0 27 genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0 28 29 # selinuxfs booleans can be individually labeled. 30 genfscon selinuxfs / u:object_r:selinuxfs:s0 31 genfscon cgroup / u:object_r:cgroup:s0 32 # sysfs labels can be set by userspace. 33 genfscon sysfs / u:object_r:sysfs:s0 34 genfscon inotifyfs / u:object_r:inotify:s0 35 genfscon vfat / u:object_r:vfat:s0 36 genfscon debugfs / u:object_r:debugfs:s0 37 genfscon tracefs / u:object_r:debugfs_tracing:s0 38 genfscon fuse / u:object_r:fuse:s0 39 genfscon configfs / u:object_r:configfs:s0 40 genfscon sdcardfs / u:object_r:sdcardfs:s0 41 genfscon pstore / u:object_r:pstorefs:s0 42 genfscon functionfs / u:object_r:functionfs:s0 43 genfscon usbfs / u:object_r:usbfs:s0 44 genfscon binfmt_misc / u:object_r:binfmt_miscfs:s0 45
