1(class testing (read open close write exec)) 2(class fooclass (read open close write exec)) 3 4(type foo_t) 5(type typea_t) 6(type typeb_t) 7(type typec_t) 8(role foo_r) 9(role rolea_r) 10(role roleb_r) 11(user foo_u) 12(user user_u) 13(userrole foo_u foo_r) 14 15(sid test_sid) 16;(sidcontext test_sid (foo_u foo_r foo_t (s0 (c0)) (s0 (c0)))) 17;(sid test_sid_anon_l) 18 19;(fsuse xattr ext3 con) 20;(fsuse xattr ext3 con_anon_l) 21 22;(netifcon eth0 con con_anon_l) 23 24(ipaddr ip_v4 192.25.35.200) 25(ipaddr netmask 192.168.1.1) 26(ipaddr ip_v6 2001:0DB8:AC10:FE01::) 27(ipaddr netmask_v6 2001:0DE0:DA88:2222::) 28; will need anon levels 29;(nodecon ip_v4 netmask con) 30;(nodecon ip_v6 netmask_v6 con_anon_l) 31 32;needs anon levels 33;(portcon type 25 con) 34 35;(filecon root path file con) 36 37;(genfscon type path con) 38 39;(netifcon eth0 con con_anon_l) 40 41(typemember typea_t typeb_t testing typec_t) 42(typechange typea_t typeb_t testing typec_t) 43(typetransition typea_t typeb_t testing typec_t) 44 45(permissionset permset (open close)) 46(allow typea_t typeb_t testing (write)) 47(allow typea_t typeb_t testing permset) 48 49(roleallow rolea_r roleb_r) 50 51(rolebounds rolea_r roleb_r) 52 53(roletransition foo_r foo_t testing rolea_r) 54 55(common fooclass (open)) 56(classcommon fooclass fooclass) 57 58 59(nametypetransition string typea_t typeb_t fooclass foo_t) 60 61(typepermissive foo_t) 62 63(typebounds typea_t typeb_t) 64 65(block test_b 66 (typealias .test_b.test typea_t) 67 (type test)) 68 69(attribute attrs) 70(attributetypes attrs (foo_t)) 71 72(roletype foo_r foo_t) 73 74(userbounds user_u foo_u) 75 76(userrole user_u foo_r) 77 78;(bool foo_b true) 79;(bool baz_b false) 80;(booleanif (&& foo_b baz_b) 81; (allow typea_t typeb_t fooclass(read))) 82;(class baz (read)) 83;(booleanif (&& foo_b baz_b) 84; (allow foo_b baz_b fooclass (read))) 85 86 87