1 (class testing (read open close write exec)) 2 (class fooclass (read open close write exec)) 3 4 (type foo_t) 5 (type typea_t) 6 (type typeb_t) 7 (type typec_t) 8 (role foo_r) 9 (role rolea_r) 10 (role roleb_r) 11 (user foo_u) 12 (user user_u) 13 (userrole foo_u foo_r) 14 15 (sid test_sid) 16 ;(sidcontext test_sid (foo_u foo_r foo_t (s0 (c0)) (s0 (c0)))) 17 ;(sid test_sid_anon_l) 18 19 ;(fsuse xattr ext3 con) 20 ;(fsuse xattr ext3 con_anon_l) 21 22 ;(netifcon eth0 con con_anon_l) 23 24 (ipaddr ip_v4 192.25.35.200) 25 (ipaddr netmask 192.168.1.1) 26 (ipaddr ip_v6 2001:0DB8:AC10:FE01::) 27 (ipaddr netmask_v6 2001:0DE0:DA88:2222::) 28 ; will need anon levels 29 ;(nodecon ip_v4 netmask con) 30 ;(nodecon ip_v6 netmask_v6 con_anon_l) 31 32 ;needs anon levels 33 ;(portcon type 25 con) 34 35 ;(filecon root path file con) 36 37 ;(genfscon type path con) 38 39 ;(netifcon eth0 con con_anon_l) 40 41 (typemember typea_t typeb_t testing typec_t) 42 (typechange typea_t typeb_t testing typec_t) 43 (typetransition typea_t typeb_t testing typec_t) 44 45 (permissionset permset (open close)) 46 (allow typea_t typeb_t testing (write)) 47 (allow typea_t typeb_t testing permset) 48 49 (roleallow rolea_r roleb_r) 50 51 (rolebounds rolea_r roleb_r) 52 53 (roletransition foo_r foo_t testing rolea_r) 54 55 (common fooclass (open)) 56 (classcommon fooclass fooclass) 57 58 59 (nametypetransition string typea_t typeb_t fooclass foo_t) 60 61 (typepermissive foo_t) 62 63 (typebounds typea_t typeb_t) 64 65 (block test_b 66 (typealias .test_b.test typea_t) 67 (type test)) 68 69 (attribute attrs) 70 (attributetypes attrs (foo_t)) 71 72 (roletype foo_r foo_t) 73 74 (userbounds user_u foo_u) 75 76 (userrole user_u foo_r) 77 78 ;(bool foo_b true) 79 ;(bool baz_b false) 80 ;(booleanif (&& foo_b baz_b) 81 ; (allow typea_t typeb_t fooclass(read))) 82 ;(class baz (read)) 83 ;(booleanif (&& foo_b baz_b) 84 ; (allow foo_b baz_b fooclass (read))) 85 86 87
