Lines Matching refs:allow
977 allow bin_t fs_t:filesystem associate;
978 allow bin_t noxattrfs:filesystem associate;
980 allow sbin_t fs_t:filesystem associate;
981 allow sbin_t noxattrfs:filesystem associate;
983 allow ls_exec_t fs_t:filesystem associate;
984 allow ls_exec_t noxattrfs:filesystem associate;
987 allow shell_exec_t fs_t:filesystem associate;
988 allow shell_exec_t noxattrfs:filesystem associate;
990 allow chroot_exec_t fs_t:filesystem associate;
991 allow chroot_exec_t noxattrfs:filesystem associate;
994 allow ppp_device_t fs_t:filesystem associate;
995 allow ppp_device_t tmpfs_t:filesystem associate;
996 allow ppp_device_t tmp_t:filesystem associate;
998 allow tun_tap_device_t fs_t:filesystem associate;
999 allow tun_tap_device_t tmpfs_t:filesystem associate;
1000 allow tun_tap_device_t tmp_t:filesystem associate;
1090 allow device_t tmpfs_t:filesystem associate;
1091 allow device_t fs_t:filesystem associate;
1092 allow device_t noxattrfs:filesystem associate;
1094 allow device_t fs_t:filesystem associate;
1095 allow device_t noxattrfs:filesystem associate;
1098 allow device_t tmp_t:filesystem associate;
1100 allow agp_device_t fs_t:filesystem associate;
1101 allow agp_device_t tmpfs_t:filesystem associate;
1102 allow agp_device_t tmp_t:filesystem associate;
1104 allow apm_bios_t fs_t:filesystem associate;
1105 allow apm_bios_t tmpfs_t:filesystem associate;
1106 allow apm_bios_t tmp_t:filesystem associate;
1108 allow cardmgr_dev_t fs_t:filesystem associate;
1109 allow cardmgr_dev_t tmpfs_t:filesystem associate;
1110 allow cardmgr_dev_t tmp_t:filesystem associate;
1111 allow cardmgr_dev_t fs_t:filesystem associate;
1112 allow cardmgr_dev_t noxattrfs:filesystem associate;
1114 allow cardmgr_dev_t fs_t:filesystem associate;
1115 allow cardmgr_dev_t noxattrfs:filesystem associate;
1118 allow cardmgr_dev_t tmpfs_t:filesystem associate;
1120 allow cardmgr_dev_t tmp_t:filesystem associate;
1122 allow clock_device_t fs_t:filesystem associate;
1123 allow clock_device_t tmpfs_t:filesystem associate;
1124 allow clock_device_t tmp_t:filesystem associate;
1126 allow cpu_device_t fs_t:filesystem associate;
1127 allow cpu_device_t tmpfs_t:filesystem associate;
1128 allow cpu_device_t tmp_t:filesystem associate;
1130 allow crypt_device_t fs_t:filesystem associate;
1131 allow crypt_device_t tmpfs_t:filesystem associate;
1132 allow crypt_device_t tmp_t:filesystem associate;
1134 allow dri_device_t fs_t:filesystem associate;
1135 allow dri_device_t tmpfs_t:filesystem associate;
1136 allow dri_device_t tmp_t:filesystem associate;
1138 allow event_device_t fs_t:filesystem associate;
1139 allow event_device_t tmpfs_t:filesystem associate;
1140 allow event_device_t tmp_t:filesystem associate;
1142 allow framebuf_device_t fs_t:filesystem associate;
1143 allow framebuf_device_t tmpfs_t:filesystem associate;
1144 allow framebuf_device_t tmp_t:filesystem associate;
1146 allow lvm_control_t fs_t:filesystem associate;
1147 allow lvm_control_t tmpfs_t:filesystem associate;
1148 allow lvm_control_t tmp_t:filesystem associate;
1150 allow memory_device_t fs_t:filesystem associate;
1151 allow memory_device_t tmpfs_t:filesystem associate;
1152 allow memory_device_t tmp_t:filesystem associate;
1156 allow misc_device_t fs_t:filesystem associate;
1157 allow misc_device_t tmpfs_t:filesystem associate;
1158 allow misc_device_t tmp_t:filesystem associate;
1160 allow mouse_device_t fs_t:filesystem associate;
1161 allow mouse_device_t tmpfs_t:filesystem associate;
1162 allow mouse_device_t tmp_t:filesystem associate;
1164 allow mtrr_device_t fs_t:filesystem associate;
1165 allow mtrr_device_t tmpfs_t:filesystem associate;
1166 allow mtrr_device_t tmp_t:filesystem associate;
1168 allow null_device_t fs_t:filesystem associate;
1169 allow null_device_t tmpfs_t:filesystem associate;
1170 allow null_device_t tmp_t:filesystem associate;
1173 allow power_device_t fs_t:filesystem associate;
1174 allow power_device_t tmpfs_t:filesystem associate;
1175 allow power_device_t tmp_t:filesystem associate;
1177 allow printer_device_t fs_t:filesystem associate;
1178 allow printer_device_t tmpfs_t:filesystem associate;
1179 allow printer_device_t tmp_t:filesystem associate;
1181 allow random_device_t fs_t:filesystem associate;
1182 allow random_device_t tmpfs_t:filesystem associate;
1183 allow random_device_t tmp_t:filesystem associate;
1185 allow scanner_device_t fs_t:filesystem associate;
1186 allow scanner_device_t tmpfs_t:filesystem associate;
1187 allow scanner_device_t tmp_t:filesystem associate;
1189 allow sound_device_t fs_t:filesystem associate;
1190 allow sound_device_t tmpfs_t:filesystem associate;
1191 allow sound_device_t tmp_t:filesystem associate;
1192 allow sysfs_t fs_t:filesystem associate;
1193 allow sysfs_t noxattrfs:filesystem associate;
1197 allow sysfs_t self:filesystem associate;
1199 allow urandom_device_t fs_t:filesystem associate;
1200 allow urandom_device_t tmpfs_t:filesystem associate;
1201 allow urandom_device_t tmp_t:filesystem associate;
1202 allow usbfs_t fs_t:filesystem associate;
1203 allow usbfs_t noxattrfs:filesystem associate;
1207 allow usbfs_t self:filesystem associate;
1210 allow usb_device_t fs_t:filesystem associate;
1211 allow usb_device_t tmpfs_t:filesystem associate;
1212 allow usb_device_t tmp_t:filesystem associate;
1214 allow v4l_device_t fs_t:filesystem associate;
1215 allow v4l_device_t tmpfs_t:filesystem associate;
1216 allow v4l_device_t tmp_t:filesystem associate;
1218 allow xserver_misc_device_t fs_t:filesystem associate;
1219 allow xserver_misc_device_t tmpfs_t:filesystem associate;
1220 allow xserver_misc_device_t tmp_t:filesystem associate;
1222 allow zero_device_t fs_t:filesystem associate;
1223 allow zero_device_t tmpfs_t:filesystem associate;
1224 allow zero_device_t tmp_t:filesystem associate;
1226 allow xconsole_device_t fs_t:filesystem associate;
1227 allow xconsole_device_t noxattrfs:filesystem associate;
1229 allow xconsole_device_t tmpfs_t:filesystem associate;
1230 allow xconsole_device_t tmp_t:filesystem associate;
1232 allow devfs_control_t fs_t:filesystem associate;
1233 allow devfs_control_t tmpfs_t:filesystem associate;
1234 allow devfs_control_t tmp_t:filesystem associate;
1239 allow file_type self:filesystem associate;
1240 allow boot_t fs_t:filesystem associate;
1241 allow boot_t noxattrfs:filesystem associate;
1243 allow boot_t fs_t:filesystem associate;
1244 allow boot_t noxattrfs:filesystem associate;
1247 allow default_t fs_t:filesystem associate;
1248 allow default_t noxattrfs:filesystem associate;
1249 allow etc_t fs_t:filesystem associate;
1250 allow etc_t noxattrfs:filesystem associate;
1251 allow etc_runtime_t fs_t:filesystem associate;
1252 allow etc_runtime_t noxattrfs:filesystem associate;
1253 allow file_t fs_t:filesystem associate;
1254 allow file_t noxattrfs:filesystem associate;
1255 allow kernel_t file_t:dir mounton;
1256 allow home_root_t fs_t:filesystem associate;
1257 allow home_root_t noxattrfs:filesystem associate;
1258 allow home_root_t fs_t:filesystem associate;
1259 allow home_root_t noxattrfs:filesystem associate;
1262 allow lost_found_t fs_t:filesystem associate;
1263 allow lost_found_t noxattrfs:filesystem associate;
1264 allow mnt_t fs_t:filesystem associate;
1265 allow mnt_t noxattrfs:filesystem associate;
1266 allow modules_object_t fs_t:filesystem associate;
1267 allow modules_object_t noxattrfs:filesystem associate;
1269 allow no_access_t fs_t:filesystem associate;
1270 allow no_access_t noxattrfs:filesystem associate;
1271 allow poly_t fs_t:filesystem associate;
1272 allow poly_t noxattrfs:filesystem associate;
1273 allow readable_t fs_t:filesystem associate;
1274 allow readable_t noxattrfs:filesystem associate;
1275 allow root_t fs_t:filesystem associate;
1276 allow root_t noxattrfs:filesystem associate;
1277 allow root_t fs_t:filesystem associate;
1278 allow root_t noxattrfs:filesystem associate;
1281 allow kernel_t root_t:dir mounton;
1282 allow src_t fs_t:filesystem associate;
1283 allow src_t noxattrfs:filesystem associate;
1284 allow system_map_t fs_t:filesystem associate;
1285 allow system_map_t noxattrfs:filesystem associate;
1287 allow tmp_t fs_t:filesystem associate;
1288 allow tmp_t noxattrfs:filesystem associate;
1290 allow tmp_t fs_t:filesystem associate;
1291 allow tmp_t noxattrfs:filesystem associate;
1294 allow tmp_t tmpfs_t:filesystem associate;
1296 allow tmp_t tmp_t:filesystem associate;
1297 allow tmp_t fs_t:filesystem associate;
1298 allow tmp_t noxattrfs:filesystem associate;
1301 allow usr_t fs_t:filesystem associate;
1302 allow usr_t noxattrfs:filesystem associate;
1303 allow var_t fs_t:filesystem associate;
1304 allow var_t noxattrfs:filesystem associate;
1305 allow var_lib_t fs_t:filesystem associate;
1306 allow var_lib_t noxattrfs:filesystem associate;
1307 allow var_lock_t fs_t:filesystem associate;
1308 allow var_lock_t noxattrfs:filesystem associate;
1309 allow var_run_t fs_t:filesystem associate;
1310 allow var_run_t noxattrfs:filesystem associate;
1311 allow var_spool_t fs_t:filesystem associate;
1312 allow var_spool_t noxattrfs:filesystem associate;
1314 allow var_spool_t fs_t:filesystem associate;
1315 allow var_spool_t noxattrfs:filesystem associate;
1318 allow var_spool_t tmpfs_t:filesystem associate;
1320 allow var_spool_t tmp_t:filesystem associate;
1322 allow fs_t self:filesystem associate;
1324 allow bdev_t self:filesystem associate;
1326 allow binfmt_misc_fs_t self:filesystem associate;
1327 allow binfmt_misc_fs_t fs_t:filesystem associate;
1328 allow binfmt_misc_fs_t noxattrfs:filesystem associate;
1332 allow capifs_t self:filesystem associate;
1334 allow configfs_t self:filesystem associate;
1336 allow eventpollfs_t self:filesystem associate;
1338 allow futexfs_t self:filesystem associate;
1340 allow hugetlbfs_t self:filesystem associate;
1341 allow hugetlbfs_t fs_t:filesystem associate;
1342 allow hugetlbfs_t noxattrfs:filesystem associate;
1346 allow inotifyfs_t self:filesystem associate;
1348 allow nfsd_fs_t self:filesystem associate;
1350 allow ramfs_t self:filesystem associate;
1352 allow romfs_t self:filesystem associate;
1354 allow rpc_pipefs_t self:filesystem associate;
1356 allow tmpfs_t self:filesystem associate;
1357 allow tmpfs_t fs_t:filesystem associate;
1358 allow tmpfs_t noxattrfs:filesystem associate;
1360 allow tmpfs_t fs_t:filesystem associate;
1361 allow tmpfs_t noxattrfs:filesystem associate;
1364 allow tmpfs_t noxattrfs:filesystem associate;
1366 allow autofs_t self:filesystem associate;
1367 allow autofs_t fs_t:filesystem associate;
1368 allow autofs_t noxattrfs:filesystem associate;
1372 allow cifs_t self:filesystem associate;
1374 allow dosfs_t self:filesystem associate;
1375 allow dosfs_t fs_t:filesystem associate;
1377 allow iso9660_t self:filesystem associate;
1378 allow removable_t noxattrfs:filesystem associate;
1380 allow removable_t self:filesystem associate;
1381 allow removable_t fs_t:filesystem associate;
1382 allow removable_t noxattrfs:filesystem associate;
1386 allow nfs_t self:filesystem associate;
1387 allow nfs_t fs_t:filesystem associate;
1388 allow nfs_t noxattrfs:filesystem associate;
1398 allow kernel_t self:dir { read getattr lock search ioctl };
1399 allow kernel_t self:lnk_file { read getattr lock ioctl };
1400 allow kernel_t self:file { getattr read write append ioctl lock };
1401 allow kernel_t self:process { fork sigchld };
1409 allow debugfs_t self:filesystem associate;
1410 allow debugfs_t self:filesystem associate;
1411 allow proc_t fs_t:filesystem associate;
1412 allow proc_t noxattrfs:filesystem associate;
1416 allow proc_t self:filesystem associate;
1419 allow sysctl_t fs_t:filesystem associate;
1420 allow sysctl_t noxattrfs:filesystem associate;
1423 allow sysctl_fs_t fs_t:filesystem associate;
1424 allow sysctl_fs_t noxattrfs:filesystem associate;
1427 allow kernel_t self:capability *;
1428 allow kernel_t unlabeled_t:dir mounton;
1429 allow kernel_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack ex…
1430 allow kernel_t self:shm { associate getattr setattr create destroy read write lock unix_read unix_w…
1431 allow kernel_t self:sem { associate getattr setattr create destroy read write unix_read unix_write …
1432 allow kernel_t self:msg { send receive };
1433 allow kernel_t self:msgq { associate getattr setattr create destroy read write enqueue unix_read un…
1434 allow kernel_t self:unix_dgram_socket { create { ioctl read getattr write setattr append bind conne…
1435 allow kernel_t self:unix_stream_socket { { create { ioctl read getattr write setattr append bind co…
1436 allow kernel_t self:unix_dgram_socket sendto;
1437 allow kernel_t self:unix_stream_socket connectto;
1438 allow kernel_t self:fifo_file { getattr read write append ioctl lock };
1439 allow kernel_t self:sock_file { read getattr lock ioctl };
1440 allow kernel_t self:fd use;
1441 allow kernel_t proc_t:dir { read getattr lock search ioctl };
1442 allow kernel_t proc_t:{ lnk_file file } { read getattr lock ioctl };
1443 allow kernel_t proc_net_t:dir { read getattr lock search ioctl };
1444 allow kernel_t proc_net_t:file { read getattr lock ioctl };
1445 allow kernel_t proc_mdstat_t:file { read getattr lock ioctl };
1446 allow kernel_t proc_kcore_t:file getattr;
1447 allow kernel_t proc_kmsg_t:file getattr;
1448 allow kernel_t sysctl_t:dir { read getattr lock search ioctl };
1449 allow kernel_t sysctl_kernel_t:dir { read getattr lock search ioctl };
1450 allow kernel_t sysctl_kernel_t:file { read getattr lock ioctl };
1451 allow kernel_t unlabeled_t:fifo_file { getattr read write append ioctl lock };
1452 allow kernel_t unlabeled_t:association { sendto recvfrom };
1453 allow kernel_t netif_type:netif rawip_send;
1454 allow kernel_t netif_type:netif rawip_recv;
1455 allow kernel_t node_type:node rawip_send;
1456 allow kernel_t node_type:node rawip_recv;
1457 allow kernel_t netif_t:netif rawip_send;
1458 allow kernel_t netif_type:netif { tcp_send tcp_recv };
1459 allow kernel_t node_type:node { tcp_send tcp_recv };
1460 allow kernel_t node_t:node rawip_send;
1461 allow kernel_t multicast_node_t:node rawip_send;
1462 allow kernel_t sysfs_t:dir { read getattr lock search ioctl };
1463 allow kernel_t sysfs_t:{ file lnk_file } { read getattr lock ioctl };
1464 allow kernel_t usbfs_t:dir search;
1465 allow kernel_t filesystem_type:filesystem mount;
1466 allow kernel_t security_t:dir { read search getattr };
1467 allow kernel_t security_t:file { getattr read write };
1470 allow kernel_t security_t:security load_policy;
1473 allow kernel_t device_t:dir { read getattr lock search ioctl };
1474 allow kernel_t device_t:lnk_file { getattr read };
1475 allow kernel_t console_device_t:chr_file { getattr read write append ioctl lock };
1476 allow kernel_t bin_t:dir { read getattr lock search ioctl };
1477 allow kernel_t bin_t:lnk_file { read getattr lock ioctl };
1478 allow kernel_t shell_exec_t:file { { read getattr lock execute ioctl } execute_no_trans };
1479 allow kernel_t sbin_t:dir { read getattr lock search ioctl };
1480 allow kernel_t bin_t:dir { read getattr lock search ioctl };
1481 allow kernel_t bin_t:lnk_file { read getattr lock ioctl };
1482 allow kernel_t bin_t:file { { read getattr lock execute ioctl } execute_no_trans };
1483 allow kernel_t domain:process signal;
1484 allow kernel_t proc_t:dir search;
1485 allow kernel_t domain:dir search;
1486 allow kernel_t root_t:dir { read getattr lock search ioctl };
1487 allow kernel_t root_t:lnk_file { read getattr lock ioctl };
1488 allow kernel_t etc_t:dir { read getattr lock search ioctl };
1489 allow kernel_t home_root_t:dir { read getattr lock search ioctl };
1490 allow kernel_t usr_t:dir { read getattr lock search ioctl };
1491 allow kernel_t usr_t:{ file lnk_file } { read getattr lock ioctl };
1494 allow kernel_t self:capability *;
1495 …allow kernel_t self:fifo_file { create ioctl read getattr lock write setattr append link unlink re…
1496 allow kernel_t self:process transition;
1497 allow kernel_t self:file { getattr read write append ioctl lock };
1498 allow kernel_t self:nscd *;
1499 allow kernel_t self:dbus *;
1500 allow kernel_t self:passwd *;
1501 allow kernel_t proc_type:{ dir file } *;
1502 allow kernel_t sysctl_t:{ dir file } *;
1503 allow kernel_t kernel_t:system *;
1504 allow kernel_t unlabeled_t:{ dir file lnk_file sock_file fifo_file chr_file blk_file } *;
1505 allow kernel_t unlabeled_t:filesystem *;
1506 allow kernel_t unlabeled_t:association *;
1509 allow kernel_t { proc_t proc_net_t }:dir search;
1510 allow kernel_t sysctl_type:dir { read getattr lock search ioctl };
1511 allow kernel_t sysctl_type:file { { getattr read write append ioctl lock } setattr };
1512 allow kernel_t node_type:node *;
1513 allow kernel_t netif_type:netif *;
1514 allow kernel_t port_type:tcp_socket { send_msg recv_msg name_connect };
1515 allow kernel_t port_type:udp_socket { send_msg recv_msg };
1516 allow kernel_t port_type:{ tcp_socket udp_socket rawip_socket } name_bind;
1517 allow kernel_t node_type:{ tcp_socket udp_socket rawip_socket } node_bind;
1518 allow kernel_t unlabeled_t:association { sendto recvfrom };
1519 allow kernel_t device_node:{ chr_file blk_file } *;
1520 allow kernel_t mtrr_device_t:{ dir file } *;
1521 allow kernel_t self:capability sys_rawio;
1528 …allow kernel_t domain:{ { tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_str…
1529 allow kernel_t domain:fd use;
1530 allow kernel_t domain:fifo_file { getattr read write append ioctl lock };
1531 allow kernel_t domain:process ~{ transition dyntransition execmem execstack execheap };
1532 allow kernel_t domain:{ sem msgq shm } *;
1533 allow kernel_t domain:msg { send receive };
1534 allow kernel_t domain:dir { read getattr lock search ioctl };
1535 allow kernel_t domain:file { read getattr lock ioctl };
1536 allow kernel_t domain:lnk_file { read getattr lock ioctl };
1542 allow kernel_t file_type:{ file chr_file } ~execmod;
1543 allow kernel_t file_type:{ dir lnk_file sock_file fifo_file blk_file } *;
1544 allow kernel_t file_type:filesystem *;
1545 allow kernel_t file_type:{ unix_stream_socket unix_dgram_socket } name_bind;
1547 allow kernel_t file_type:file execmod;
1549 allow kernel_t filesystem_type:filesystem *;
1550 allow kernel_t filesystem_type:{ dir file lnk_file sock_file fifo_file chr_file blk_file } *;
1551 allow kernel_t security_t:dir { getattr search read };
1552 allow kernel_t security_t:file { getattr read write };
1555 allow kernel_t security_t:security *;
1559 allow kernel_t self:process execheap;
1562 allow kernel_t self:process execmem;
1565 allow kernel_t self:process execstack;
1576 allow kernel_t default_t:dir { read getattr lock search ioctl };
1577 allow kernel_t default_t:file { read getattr lock ioctl };
1578 allow kernel_t default_t:lnk_file { read getattr lock ioctl };
1579 allow kernel_t default_t:sock_file { read getattr lock ioctl };
1580 allow kernel_t default_t:fifo_file { read getattr lock ioctl };
1582 allow unlabeled_t self:filesystem associate;
1594 allow security_t self:filesystem associate;
1600 allow bsdpty_device_t fs_t:filesystem associate;
1601 allow bsdpty_device_t tmpfs_t:filesystem associate;
1602 allow bsdpty_device_t tmp_t:filesystem associate;
1604 allow console_device_t fs_t:filesystem associate;
1605 allow console_device_t tmpfs_t:filesystem associate;
1606 allow console_device_t tmp_t:filesystem associate;
1607 allow devpts_t fs_t:filesystem associate;
1608 allow devpts_t noxattrfs:filesystem associate;
1611 allow devpts_t tmpfs_t:filesystem associate;
1612 allow devpts_t tmp_t:filesystem associate;
1614 allow devpts_t self:filesystem associate;
1617 allow devtty_t fs_t:filesystem associate;
1618 allow devtty_t tmpfs_t:filesystem associate;
1619 allow devtty_t tmp_t:filesystem associate;
1622 allow ptmx_t fs_t:filesystem associate;
1623 allow ptmx_t tmpfs_t:filesystem associate;
1624 allow ptmx_t tmp_t:filesystem associate;
1627 allow tty_device_t fs_t:filesystem associate;
1628 allow tty_device_t tmpfs_t:filesystem associate;
1629 allow tty_device_t tmp_t:filesystem associate;
1632 allow usbtty_device_t fs_t:filesystem associate;
1633 allow usbtty_device_t tmpfs_t:filesystem associate;
1634 allow usbtty_device_t tmp_t:filesystem associate;