16cd6a6acSopenharmony_ciclass security 26cd6a6acSopenharmony_ciclass process 36cd6a6acSopenharmony_ciclass system 46cd6a6acSopenharmony_ciclass capability 56cd6a6acSopenharmony_ciclass filesystem 66cd6a6acSopenharmony_ciclass file 76cd6a6acSopenharmony_ciclass dir 86cd6a6acSopenharmony_ciclass fd 96cd6a6acSopenharmony_ciclass lnk_file 106cd6a6acSopenharmony_ciclass chr_file 116cd6a6acSopenharmony_ciclass blk_file 126cd6a6acSopenharmony_ciclass sock_file 136cd6a6acSopenharmony_ciclass fifo_file 146cd6a6acSopenharmony_ciclass socket 156cd6a6acSopenharmony_ciclass tcp_socket 166cd6a6acSopenharmony_ciclass udp_socket 176cd6a6acSopenharmony_ciclass rawip_socket 186cd6a6acSopenharmony_ciclass node 196cd6a6acSopenharmony_ciclass netif 206cd6a6acSopenharmony_ciclass netlink_socket 216cd6a6acSopenharmony_ciclass packet_socket 226cd6a6acSopenharmony_ciclass key_socket 236cd6a6acSopenharmony_ciclass unix_stream_socket 246cd6a6acSopenharmony_ciclass unix_dgram_socket 256cd6a6acSopenharmony_ciclass sem 266cd6a6acSopenharmony_ciclass msg 276cd6a6acSopenharmony_ciclass msgq 286cd6a6acSopenharmony_ciclass shm 296cd6a6acSopenharmony_ciclass ipc 306cd6a6acSopenharmony_ciclass passwd # userspace 316cd6a6acSopenharmony_ciclass drawable # userspace 326cd6a6acSopenharmony_ciclass window # userspace 336cd6a6acSopenharmony_ciclass gc # userspace 346cd6a6acSopenharmony_ciclass font # userspace 356cd6a6acSopenharmony_ciclass colormap # userspace 366cd6a6acSopenharmony_ciclass property # userspace 376cd6a6acSopenharmony_ciclass cursor # userspace 386cd6a6acSopenharmony_ciclass xclient # userspace 396cd6a6acSopenharmony_ciclass xinput # userspace 406cd6a6acSopenharmony_ciclass xserver # userspace 416cd6a6acSopenharmony_ciclass xextension # userspace 426cd6a6acSopenharmony_ciclass pax 436cd6a6acSopenharmony_ciclass netlink_route_socket 446cd6a6acSopenharmony_ciclass netlink_firewall_socket 456cd6a6acSopenharmony_ciclass netlink_tcpdiag_socket 466cd6a6acSopenharmony_ciclass netlink_nflog_socket 476cd6a6acSopenharmony_ciclass netlink_xfrm_socket 486cd6a6acSopenharmony_ciclass netlink_selinux_socket 496cd6a6acSopenharmony_ciclass netlink_audit_socket 506cd6a6acSopenharmony_ciclass netlink_ip6fw_socket 516cd6a6acSopenharmony_ciclass netlink_dnrt_socket 526cd6a6acSopenharmony_ciclass dbus # userspace 536cd6a6acSopenharmony_ciclass nscd # userspace 546cd6a6acSopenharmony_ciclass association 556cd6a6acSopenharmony_ciclass netlink_kobject_uevent_socket 566cd6a6acSopenharmony_cisid kernel 576cd6a6acSopenharmony_cisid security 586cd6a6acSopenharmony_cisid unlabeled 596cd6a6acSopenharmony_cisid fs 606cd6a6acSopenharmony_cisid file 616cd6a6acSopenharmony_cisid file_labels 626cd6a6acSopenharmony_cisid init 636cd6a6acSopenharmony_cisid any_socket 646cd6a6acSopenharmony_cisid port 656cd6a6acSopenharmony_cisid netif 666cd6a6acSopenharmony_cisid netmsg 676cd6a6acSopenharmony_cisid node 686cd6a6acSopenharmony_cisid igmp_packet 696cd6a6acSopenharmony_cisid icmp_socket 706cd6a6acSopenharmony_cisid tcp_socket 716cd6a6acSopenharmony_cisid sysctl_modprobe 726cd6a6acSopenharmony_cisid sysctl 736cd6a6acSopenharmony_cisid sysctl_fs 746cd6a6acSopenharmony_cisid sysctl_kernel 756cd6a6acSopenharmony_cisid sysctl_net 766cd6a6acSopenharmony_cisid sysctl_net_unix 776cd6a6acSopenharmony_cisid sysctl_vm 786cd6a6acSopenharmony_cisid sysctl_dev 796cd6a6acSopenharmony_cisid kmod 806cd6a6acSopenharmony_cisid policy 816cd6a6acSopenharmony_cisid scmp_packet 826cd6a6acSopenharmony_cisid devnull 836cd6a6acSopenharmony_cicommon file 846cd6a6acSopenharmony_ci{ 856cd6a6acSopenharmony_ci ioctl 866cd6a6acSopenharmony_ci read 876cd6a6acSopenharmony_ci write 886cd6a6acSopenharmony_ci create 896cd6a6acSopenharmony_ci getattr 906cd6a6acSopenharmony_ci setattr 916cd6a6acSopenharmony_ci lock 926cd6a6acSopenharmony_ci relabelfrom 936cd6a6acSopenharmony_ci relabelto 946cd6a6acSopenharmony_ci append 956cd6a6acSopenharmony_ci unlink 966cd6a6acSopenharmony_ci link 976cd6a6acSopenharmony_ci rename 986cd6a6acSopenharmony_ci execute 996cd6a6acSopenharmony_ci swapon 1006cd6a6acSopenharmony_ci quotaon 1016cd6a6acSopenharmony_ci mounton 1026cd6a6acSopenharmony_ci} 1036cd6a6acSopenharmony_cicommon socket 1046cd6a6acSopenharmony_ci{ 1056cd6a6acSopenharmony_ci ioctl 1066cd6a6acSopenharmony_ci read 1076cd6a6acSopenharmony_ci write 1086cd6a6acSopenharmony_ci create 1096cd6a6acSopenharmony_ci getattr 1106cd6a6acSopenharmony_ci setattr 1116cd6a6acSopenharmony_ci lock 1126cd6a6acSopenharmony_ci relabelfrom 1136cd6a6acSopenharmony_ci relabelto 1146cd6a6acSopenharmony_ci append 1156cd6a6acSopenharmony_ci bind 1166cd6a6acSopenharmony_ci connect 1176cd6a6acSopenharmony_ci listen 1186cd6a6acSopenharmony_ci accept 1196cd6a6acSopenharmony_ci getopt 1206cd6a6acSopenharmony_ci setopt 1216cd6a6acSopenharmony_ci shutdown 1226cd6a6acSopenharmony_ci recvfrom 1236cd6a6acSopenharmony_ci sendto 1246cd6a6acSopenharmony_ci recv_msg 1256cd6a6acSopenharmony_ci send_msg 1266cd6a6acSopenharmony_ci name_bind 1276cd6a6acSopenharmony_ci} 1286cd6a6acSopenharmony_cicommon ipc 1296cd6a6acSopenharmony_ci{ 1306cd6a6acSopenharmony_ci create 1316cd6a6acSopenharmony_ci destroy 1326cd6a6acSopenharmony_ci getattr 1336cd6a6acSopenharmony_ci setattr 1346cd6a6acSopenharmony_ci read 1356cd6a6acSopenharmony_ci write 1366cd6a6acSopenharmony_ci associate 1376cd6a6acSopenharmony_ci unix_read 1386cd6a6acSopenharmony_ci unix_write 1396cd6a6acSopenharmony_ci} 1406cd6a6acSopenharmony_ciclass filesystem 1416cd6a6acSopenharmony_ci{ 1426cd6a6acSopenharmony_ci mount 1436cd6a6acSopenharmony_ci remount 1446cd6a6acSopenharmony_ci unmount 1456cd6a6acSopenharmony_ci getattr 1466cd6a6acSopenharmony_ci relabelfrom 1476cd6a6acSopenharmony_ci relabelto 1486cd6a6acSopenharmony_ci transition 1496cd6a6acSopenharmony_ci associate 1506cd6a6acSopenharmony_ci quotamod 1516cd6a6acSopenharmony_ci quotaget 1526cd6a6acSopenharmony_ci} 1536cd6a6acSopenharmony_ciclass dir 1546cd6a6acSopenharmony_ciinherits file 1556cd6a6acSopenharmony_ci{ 1566cd6a6acSopenharmony_ci add_name 1576cd6a6acSopenharmony_ci remove_name 1586cd6a6acSopenharmony_ci reparent 1596cd6a6acSopenharmony_ci search 1606cd6a6acSopenharmony_ci rmdir 1616cd6a6acSopenharmony_ci} 1626cd6a6acSopenharmony_ciclass file 1636cd6a6acSopenharmony_ciinherits file 1646cd6a6acSopenharmony_ci{ 1656cd6a6acSopenharmony_ci execute_no_trans 1666cd6a6acSopenharmony_ci entrypoint 1676cd6a6acSopenharmony_ci execmod 1686cd6a6acSopenharmony_ci} 1696cd6a6acSopenharmony_ciclass lnk_file 1706cd6a6acSopenharmony_ciinherits file 1716cd6a6acSopenharmony_ciclass chr_file 1726cd6a6acSopenharmony_ciinherits file 1736cd6a6acSopenharmony_ci{ 1746cd6a6acSopenharmony_ci execute_no_trans 1756cd6a6acSopenharmony_ci entrypoint 1766cd6a6acSopenharmony_ci execmod 1776cd6a6acSopenharmony_ci} 1786cd6a6acSopenharmony_ciclass blk_file 1796cd6a6acSopenharmony_ciinherits file 1806cd6a6acSopenharmony_ciclass sock_file 1816cd6a6acSopenharmony_ciinherits file 1826cd6a6acSopenharmony_ciclass fifo_file 1836cd6a6acSopenharmony_ciinherits file 1846cd6a6acSopenharmony_ciclass fd 1856cd6a6acSopenharmony_ci{ 1866cd6a6acSopenharmony_ci use 1876cd6a6acSopenharmony_ci} 1886cd6a6acSopenharmony_ciclass socket 1896cd6a6acSopenharmony_ciinherits socket 1906cd6a6acSopenharmony_ciclass tcp_socket 1916cd6a6acSopenharmony_ciinherits socket 1926cd6a6acSopenharmony_ci{ 1936cd6a6acSopenharmony_ci connectto 1946cd6a6acSopenharmony_ci newconn 1956cd6a6acSopenharmony_ci acceptfrom 1966cd6a6acSopenharmony_ci node_bind 1976cd6a6acSopenharmony_ci name_connect 1986cd6a6acSopenharmony_ci} 1996cd6a6acSopenharmony_ciclass udp_socket 2006cd6a6acSopenharmony_ciinherits socket 2016cd6a6acSopenharmony_ci{ 2026cd6a6acSopenharmony_ci node_bind 2036cd6a6acSopenharmony_ci} 2046cd6a6acSopenharmony_ciclass rawip_socket 2056cd6a6acSopenharmony_ciinherits socket 2066cd6a6acSopenharmony_ci{ 2076cd6a6acSopenharmony_ci node_bind 2086cd6a6acSopenharmony_ci} 2096cd6a6acSopenharmony_ciclass node 2106cd6a6acSopenharmony_ci{ 2116cd6a6acSopenharmony_ci tcp_recv 2126cd6a6acSopenharmony_ci tcp_send 2136cd6a6acSopenharmony_ci udp_recv 2146cd6a6acSopenharmony_ci udp_send 2156cd6a6acSopenharmony_ci rawip_recv 2166cd6a6acSopenharmony_ci rawip_send 2176cd6a6acSopenharmony_ci enforce_dest 2186cd6a6acSopenharmony_ci} 2196cd6a6acSopenharmony_ciclass netif 2206cd6a6acSopenharmony_ci{ 2216cd6a6acSopenharmony_ci tcp_recv 2226cd6a6acSopenharmony_ci tcp_send 2236cd6a6acSopenharmony_ci udp_recv 2246cd6a6acSopenharmony_ci udp_send 2256cd6a6acSopenharmony_ci rawip_recv 2266cd6a6acSopenharmony_ci rawip_send 2276cd6a6acSopenharmony_ci} 2286cd6a6acSopenharmony_ciclass netlink_socket 2296cd6a6acSopenharmony_ciinherits socket 2306cd6a6acSopenharmony_ciclass packet_socket 2316cd6a6acSopenharmony_ciinherits socket 2326cd6a6acSopenharmony_ciclass key_socket 2336cd6a6acSopenharmony_ciinherits socket 2346cd6a6acSopenharmony_ciclass unix_stream_socket 2356cd6a6acSopenharmony_ciinherits socket 2366cd6a6acSopenharmony_ci{ 2376cd6a6acSopenharmony_ci connectto 2386cd6a6acSopenharmony_ci newconn 2396cd6a6acSopenharmony_ci acceptfrom 2406cd6a6acSopenharmony_ci} 2416cd6a6acSopenharmony_ciclass unix_dgram_socket 2426cd6a6acSopenharmony_ciinherits socket 2436cd6a6acSopenharmony_ciclass process 2446cd6a6acSopenharmony_ci{ 2456cd6a6acSopenharmony_ci fork 2466cd6a6acSopenharmony_ci transition 2476cd6a6acSopenharmony_ci sigchld # commonly granted from child to parent 2486cd6a6acSopenharmony_ci sigkill # cannot be caught or ignored 2496cd6a6acSopenharmony_ci sigstop # cannot be caught or ignored 2506cd6a6acSopenharmony_ci signull # for kill(pid, 0) 2516cd6a6acSopenharmony_ci signal # all other signals 2526cd6a6acSopenharmony_ci ptrace 2536cd6a6acSopenharmony_ci getsched 2546cd6a6acSopenharmony_ci setsched 2556cd6a6acSopenharmony_ci getsession 2566cd6a6acSopenharmony_ci getpgid 2576cd6a6acSopenharmony_ci setpgid 2586cd6a6acSopenharmony_ci getcap 2596cd6a6acSopenharmony_ci setcap 2606cd6a6acSopenharmony_ci share 2616cd6a6acSopenharmony_ci getattr 2626cd6a6acSopenharmony_ci setexec 2636cd6a6acSopenharmony_ci setfscreate 2646cd6a6acSopenharmony_ci noatsecure 2656cd6a6acSopenharmony_ci siginh 2666cd6a6acSopenharmony_ci setrlimit 2676cd6a6acSopenharmony_ci rlimitinh 2686cd6a6acSopenharmony_ci dyntransition 2696cd6a6acSopenharmony_ci setcurrent 2706cd6a6acSopenharmony_ci execmem 2716cd6a6acSopenharmony_ci execstack 2726cd6a6acSopenharmony_ci execheap 2736cd6a6acSopenharmony_ci} 2746cd6a6acSopenharmony_ciclass ipc 2756cd6a6acSopenharmony_ciinherits ipc 2766cd6a6acSopenharmony_ciclass sem 2776cd6a6acSopenharmony_ciinherits ipc 2786cd6a6acSopenharmony_ciclass msgq 2796cd6a6acSopenharmony_ciinherits ipc 2806cd6a6acSopenharmony_ci{ 2816cd6a6acSopenharmony_ci enqueue 2826cd6a6acSopenharmony_ci} 2836cd6a6acSopenharmony_ciclass msg 2846cd6a6acSopenharmony_ci{ 2856cd6a6acSopenharmony_ci send 2866cd6a6acSopenharmony_ci receive 2876cd6a6acSopenharmony_ci} 2886cd6a6acSopenharmony_ciclass shm 2896cd6a6acSopenharmony_ciinherits ipc 2906cd6a6acSopenharmony_ci{ 2916cd6a6acSopenharmony_ci lock 2926cd6a6acSopenharmony_ci} 2936cd6a6acSopenharmony_ciclass security 2946cd6a6acSopenharmony_ci{ 2956cd6a6acSopenharmony_ci compute_av 2966cd6a6acSopenharmony_ci compute_create 2976cd6a6acSopenharmony_ci compute_member 2986cd6a6acSopenharmony_ci check_context 2996cd6a6acSopenharmony_ci load_policy 3006cd6a6acSopenharmony_ci compute_relabel 3016cd6a6acSopenharmony_ci compute_user 3026cd6a6acSopenharmony_ci setenforce # was avc_toggle in system class 3036cd6a6acSopenharmony_ci setbool 3046cd6a6acSopenharmony_ci setsecparam 3056cd6a6acSopenharmony_ci setcheckreqprot 3066cd6a6acSopenharmony_ci} 3076cd6a6acSopenharmony_ciclass system 3086cd6a6acSopenharmony_ci{ 3096cd6a6acSopenharmony_ci ipc_info 3106cd6a6acSopenharmony_ci syslog_read 3116cd6a6acSopenharmony_ci syslog_mod 3126cd6a6acSopenharmony_ci syslog_console 3136cd6a6acSopenharmony_ci} 3146cd6a6acSopenharmony_ciclass capability 3156cd6a6acSopenharmony_ci{ 3166cd6a6acSopenharmony_ci chown 3176cd6a6acSopenharmony_ci dac_override 3186cd6a6acSopenharmony_ci dac_read_search 3196cd6a6acSopenharmony_ci fowner 3206cd6a6acSopenharmony_ci fsetid 3216cd6a6acSopenharmony_ci kill 3226cd6a6acSopenharmony_ci setgid 3236cd6a6acSopenharmony_ci setuid 3246cd6a6acSopenharmony_ci setpcap 3256cd6a6acSopenharmony_ci linux_immutable 3266cd6a6acSopenharmony_ci net_bind_service 3276cd6a6acSopenharmony_ci net_broadcast 3286cd6a6acSopenharmony_ci net_admin 3296cd6a6acSopenharmony_ci net_raw 3306cd6a6acSopenharmony_ci ipc_lock 3316cd6a6acSopenharmony_ci ipc_owner 3326cd6a6acSopenharmony_ci sys_module 3336cd6a6acSopenharmony_ci sys_rawio 3346cd6a6acSopenharmony_ci sys_chroot 3356cd6a6acSopenharmony_ci sys_ptrace 3366cd6a6acSopenharmony_ci sys_pacct 3376cd6a6acSopenharmony_ci sys_admin 3386cd6a6acSopenharmony_ci sys_boot 3396cd6a6acSopenharmony_ci sys_nice 3406cd6a6acSopenharmony_ci sys_resource 3416cd6a6acSopenharmony_ci sys_time 3426cd6a6acSopenharmony_ci sys_tty_config 3436cd6a6acSopenharmony_ci mknod 3446cd6a6acSopenharmony_ci lease 3456cd6a6acSopenharmony_ci audit_write 3466cd6a6acSopenharmony_ci audit_control 3476cd6a6acSopenharmony_ci} 3486cd6a6acSopenharmony_ciclass passwd 3496cd6a6acSopenharmony_ci{ 3506cd6a6acSopenharmony_ci passwd # change another user passwd 3516cd6a6acSopenharmony_ci chfn # change another user finger info 3526cd6a6acSopenharmony_ci chsh # change another user shell 3536cd6a6acSopenharmony_ci rootok # pam_rootok check (skip auth) 3546cd6a6acSopenharmony_ci crontab # crontab on another user 3556cd6a6acSopenharmony_ci} 3566cd6a6acSopenharmony_ciclass drawable 3576cd6a6acSopenharmony_ci{ 3586cd6a6acSopenharmony_ci create 3596cd6a6acSopenharmony_ci destroy 3606cd6a6acSopenharmony_ci draw 3616cd6a6acSopenharmony_ci copy 3626cd6a6acSopenharmony_ci getattr 3636cd6a6acSopenharmony_ci} 3646cd6a6acSopenharmony_ciclass gc 3656cd6a6acSopenharmony_ci{ 3666cd6a6acSopenharmony_ci create 3676cd6a6acSopenharmony_ci free 3686cd6a6acSopenharmony_ci getattr 3696cd6a6acSopenharmony_ci setattr 3706cd6a6acSopenharmony_ci} 3716cd6a6acSopenharmony_ciclass window 3726cd6a6acSopenharmony_ci{ 3736cd6a6acSopenharmony_ci addchild 3746cd6a6acSopenharmony_ci create 3756cd6a6acSopenharmony_ci destroy 3766cd6a6acSopenharmony_ci map 3776cd6a6acSopenharmony_ci unmap 3786cd6a6acSopenharmony_ci chstack 3796cd6a6acSopenharmony_ci chproplist 3806cd6a6acSopenharmony_ci chprop 3816cd6a6acSopenharmony_ci listprop 3826cd6a6acSopenharmony_ci getattr 3836cd6a6acSopenharmony_ci setattr 3846cd6a6acSopenharmony_ci setfocus 3856cd6a6acSopenharmony_ci move 3866cd6a6acSopenharmony_ci chselection 3876cd6a6acSopenharmony_ci chparent 3886cd6a6acSopenharmony_ci ctrllife 3896cd6a6acSopenharmony_ci enumerate 3906cd6a6acSopenharmony_ci transparent 3916cd6a6acSopenharmony_ci mousemotion 3926cd6a6acSopenharmony_ci clientcomevent 3936cd6a6acSopenharmony_ci inputevent 3946cd6a6acSopenharmony_ci drawevent 3956cd6a6acSopenharmony_ci windowchangeevent 3966cd6a6acSopenharmony_ci windowchangerequest 3976cd6a6acSopenharmony_ci serverchangeevent 3986cd6a6acSopenharmony_ci extensionevent 3996cd6a6acSopenharmony_ci} 4006cd6a6acSopenharmony_ciclass font 4016cd6a6acSopenharmony_ci{ 4026cd6a6acSopenharmony_ci load 4036cd6a6acSopenharmony_ci free 4046cd6a6acSopenharmony_ci getattr 4056cd6a6acSopenharmony_ci use 4066cd6a6acSopenharmony_ci} 4076cd6a6acSopenharmony_ciclass colormap 4086cd6a6acSopenharmony_ci{ 4096cd6a6acSopenharmony_ci create 4106cd6a6acSopenharmony_ci free 4116cd6a6acSopenharmony_ci install 4126cd6a6acSopenharmony_ci uninstall 4136cd6a6acSopenharmony_ci list 4146cd6a6acSopenharmony_ci read 4156cd6a6acSopenharmony_ci store 4166cd6a6acSopenharmony_ci getattr 4176cd6a6acSopenharmony_ci setattr 4186cd6a6acSopenharmony_ci} 4196cd6a6acSopenharmony_ciclass property 4206cd6a6acSopenharmony_ci{ 4216cd6a6acSopenharmony_ci create 4226cd6a6acSopenharmony_ci free 4236cd6a6acSopenharmony_ci read 4246cd6a6acSopenharmony_ci write 4256cd6a6acSopenharmony_ci} 4266cd6a6acSopenharmony_ciclass cursor 4276cd6a6acSopenharmony_ci{ 4286cd6a6acSopenharmony_ci create 4296cd6a6acSopenharmony_ci createglyph 4306cd6a6acSopenharmony_ci free 4316cd6a6acSopenharmony_ci assign 4326cd6a6acSopenharmony_ci setattr 4336cd6a6acSopenharmony_ci} 4346cd6a6acSopenharmony_ciclass xclient 4356cd6a6acSopenharmony_ci{ 4366cd6a6acSopenharmony_ci kill 4376cd6a6acSopenharmony_ci} 4386cd6a6acSopenharmony_ciclass xinput 4396cd6a6acSopenharmony_ci{ 4406cd6a6acSopenharmony_ci lookup 4416cd6a6acSopenharmony_ci getattr 4426cd6a6acSopenharmony_ci setattr 4436cd6a6acSopenharmony_ci setfocus 4446cd6a6acSopenharmony_ci warppointer 4456cd6a6acSopenharmony_ci activegrab 4466cd6a6acSopenharmony_ci passivegrab 4476cd6a6acSopenharmony_ci ungrab 4486cd6a6acSopenharmony_ci bell 4496cd6a6acSopenharmony_ci mousemotion 4506cd6a6acSopenharmony_ci relabelinput 4516cd6a6acSopenharmony_ci} 4526cd6a6acSopenharmony_ciclass xserver 4536cd6a6acSopenharmony_ci{ 4546cd6a6acSopenharmony_ci screensaver 4556cd6a6acSopenharmony_ci gethostlist 4566cd6a6acSopenharmony_ci sethostlist 4576cd6a6acSopenharmony_ci getfontpath 4586cd6a6acSopenharmony_ci setfontpath 4596cd6a6acSopenharmony_ci getattr 4606cd6a6acSopenharmony_ci grab 4616cd6a6acSopenharmony_ci ungrab 4626cd6a6acSopenharmony_ci} 4636cd6a6acSopenharmony_ciclass xextension 4646cd6a6acSopenharmony_ci{ 4656cd6a6acSopenharmony_ci query 4666cd6a6acSopenharmony_ci use 4676cd6a6acSopenharmony_ci} 4686cd6a6acSopenharmony_ciclass pax 4696cd6a6acSopenharmony_ci{ 4706cd6a6acSopenharmony_ci pageexec # Paging based non-executable pages 4716cd6a6acSopenharmony_ci emutramp # Emulate trampolines 4726cd6a6acSopenharmony_ci mprotect # Restrict mprotect() 4736cd6a6acSopenharmony_ci randmmap # Randomize mmap() base 4746cd6a6acSopenharmony_ci randexec # Randomize ET_EXEC base 4756cd6a6acSopenharmony_ci segmexec # Segmentation based non-executable pages 4766cd6a6acSopenharmony_ci} 4776cd6a6acSopenharmony_ciclass netlink_route_socket 4786cd6a6acSopenharmony_ciinherits socket 4796cd6a6acSopenharmony_ci{ 4806cd6a6acSopenharmony_ci nlmsg_read 4816cd6a6acSopenharmony_ci nlmsg_write 4826cd6a6acSopenharmony_ci} 4836cd6a6acSopenharmony_ciclass netlink_firewall_socket 4846cd6a6acSopenharmony_ciinherits socket 4856cd6a6acSopenharmony_ci{ 4866cd6a6acSopenharmony_ci nlmsg_read 4876cd6a6acSopenharmony_ci nlmsg_write 4886cd6a6acSopenharmony_ci} 4896cd6a6acSopenharmony_ciclass netlink_tcpdiag_socket 4906cd6a6acSopenharmony_ciinherits socket 4916cd6a6acSopenharmony_ci{ 4926cd6a6acSopenharmony_ci nlmsg_read 4936cd6a6acSopenharmony_ci nlmsg_write 4946cd6a6acSopenharmony_ci} 4956cd6a6acSopenharmony_ciclass netlink_nflog_socket 4966cd6a6acSopenharmony_ciinherits socket 4976cd6a6acSopenharmony_ciclass netlink_xfrm_socket 4986cd6a6acSopenharmony_ciinherits socket 4996cd6a6acSopenharmony_ci{ 5006cd6a6acSopenharmony_ci nlmsg_read 5016cd6a6acSopenharmony_ci nlmsg_write 5026cd6a6acSopenharmony_ci} 5036cd6a6acSopenharmony_ciclass netlink_selinux_socket 5046cd6a6acSopenharmony_ciinherits socket 5056cd6a6acSopenharmony_ciclass netlink_audit_socket 5066cd6a6acSopenharmony_ciinherits socket 5076cd6a6acSopenharmony_ci{ 5086cd6a6acSopenharmony_ci nlmsg_read 5096cd6a6acSopenharmony_ci nlmsg_write 5106cd6a6acSopenharmony_ci nlmsg_relay 5116cd6a6acSopenharmony_ci nlmsg_readpriv 5126cd6a6acSopenharmony_ci} 5136cd6a6acSopenharmony_ciclass netlink_ip6fw_socket 5146cd6a6acSopenharmony_ciinherits socket 5156cd6a6acSopenharmony_ci{ 5166cd6a6acSopenharmony_ci nlmsg_read 5176cd6a6acSopenharmony_ci nlmsg_write 5186cd6a6acSopenharmony_ci} 5196cd6a6acSopenharmony_ciclass netlink_dnrt_socket 5206cd6a6acSopenharmony_ciinherits socket 5216cd6a6acSopenharmony_ciclass dbus 5226cd6a6acSopenharmony_ci{ 5236cd6a6acSopenharmony_ci acquire_svc 5246cd6a6acSopenharmony_ci send_msg 5256cd6a6acSopenharmony_ci} 5266cd6a6acSopenharmony_ciclass nscd 5276cd6a6acSopenharmony_ci{ 5286cd6a6acSopenharmony_ci getpwd 5296cd6a6acSopenharmony_ci getgrp 5306cd6a6acSopenharmony_ci gethost 5316cd6a6acSopenharmony_ci getstat 5326cd6a6acSopenharmony_ci admin 5336cd6a6acSopenharmony_ci shmempwd 5346cd6a6acSopenharmony_ci shmemgrp 5356cd6a6acSopenharmony_ci shmemhost 5366cd6a6acSopenharmony_ci} 5376cd6a6acSopenharmony_ciclass association 5386cd6a6acSopenharmony_ci{ 5396cd6a6acSopenharmony_ci sendto 5406cd6a6acSopenharmony_ci recvfrom 5416cd6a6acSopenharmony_ci setcontext 5426cd6a6acSopenharmony_ci} 5436cd6a6acSopenharmony_ciclass netlink_kobject_uevent_socket 5446cd6a6acSopenharmony_ciinherits socket 5456cd6a6acSopenharmony_cisensitivity s0; 5466cd6a6acSopenharmony_cidominance { s0 } 5476cd6a6acSopenharmony_cicategory c0; category c1; category c2; category c3; 5486cd6a6acSopenharmony_cicategory c4; category c5; category c6; category c7; 5496cd6a6acSopenharmony_cicategory c8; category c9; category c10; category c11; 5506cd6a6acSopenharmony_cicategory c12; category c13; category c14; category c15; 5516cd6a6acSopenharmony_cicategory c16; category c17; category c18; category c19; 5526cd6a6acSopenharmony_cicategory c20; category c21; category c22; category c23; 5536cd6a6acSopenharmony_cicategory c24; category c25; category c26; category c27; 5546cd6a6acSopenharmony_cicategory c28; category c29; category c30; category c31; 5556cd6a6acSopenharmony_cicategory c32; category c33; category c34; category c35; 5566cd6a6acSopenharmony_cicategory c36; category c37; category c38; category c39; 5576cd6a6acSopenharmony_cicategory c40; category c41; category c42; category c43; 5586cd6a6acSopenharmony_cicategory c44; category c45; category c46; category c47; 5596cd6a6acSopenharmony_cicategory c48; category c49; category c50; category c51; 5606cd6a6acSopenharmony_cicategory c52; category c53; category c54; category c55; 5616cd6a6acSopenharmony_cicategory c56; category c57; category c58; category c59; 5626cd6a6acSopenharmony_cicategory c60; category c61; category c62; category c63; 5636cd6a6acSopenharmony_cicategory c64; category c65; category c66; category c67; 5646cd6a6acSopenharmony_cicategory c68; category c69; category c70; category c71; 5656cd6a6acSopenharmony_cicategory c72; category c73; category c74; category c75; 5666cd6a6acSopenharmony_cicategory c76; category c77; category c78; category c79; 5676cd6a6acSopenharmony_cicategory c80; category c81; category c82; category c83; 5686cd6a6acSopenharmony_cicategory c84; category c85; category c86; category c87; 5696cd6a6acSopenharmony_cicategory c88; category c89; category c90; category c91; 5706cd6a6acSopenharmony_cicategory c92; category c93; category c94; category c95; 5716cd6a6acSopenharmony_cicategory c96; category c97; category c98; category c99; 5726cd6a6acSopenharmony_cicategory c100; category c101; category c102; category c103; 5736cd6a6acSopenharmony_cicategory c104; category c105; category c106; category c107; 5746cd6a6acSopenharmony_cicategory c108; category c109; category c110; category c111; 5756cd6a6acSopenharmony_cicategory c112; category c113; category c114; category c115; 5766cd6a6acSopenharmony_cicategory c116; category c117; category c118; category c119; 5776cd6a6acSopenharmony_cicategory c120; category c121; category c122; category c123; 5786cd6a6acSopenharmony_cicategory c124; category c125; category c126; category c127; 5796cd6a6acSopenharmony_cicategory c128; category c129; category c130; category c131; 5806cd6a6acSopenharmony_cicategory c132; category c133; category c134; category c135; 5816cd6a6acSopenharmony_cicategory c136; category c137; category c138; category c139; 5826cd6a6acSopenharmony_cicategory c140; category c141; category c142; category c143; 5836cd6a6acSopenharmony_cicategory c144; category c145; category c146; category c147; 5846cd6a6acSopenharmony_cicategory c148; category c149; category c150; category c151; 5856cd6a6acSopenharmony_cicategory c152; category c153; category c154; category c155; 5866cd6a6acSopenharmony_cicategory c156; category c157; category c158; category c159; 5876cd6a6acSopenharmony_cicategory c160; category c161; category c162; category c163; 5886cd6a6acSopenharmony_cicategory c164; category c165; category c166; category c167; 5896cd6a6acSopenharmony_cicategory c168; category c169; category c170; category c171; 5906cd6a6acSopenharmony_cicategory c172; category c173; category c174; category c175; 5916cd6a6acSopenharmony_cicategory c176; category c177; category c178; category c179; 5926cd6a6acSopenharmony_cicategory c180; category c181; category c182; category c183; 5936cd6a6acSopenharmony_cicategory c184; category c185; category c186; category c187; 5946cd6a6acSopenharmony_cicategory c188; category c189; category c190; category c191; 5956cd6a6acSopenharmony_cicategory c192; category c193; category c194; category c195; 5966cd6a6acSopenharmony_cicategory c196; category c197; category c198; category c199; 5976cd6a6acSopenharmony_cicategory c200; category c201; category c202; category c203; 5986cd6a6acSopenharmony_cicategory c204; category c205; category c206; category c207; 5996cd6a6acSopenharmony_cicategory c208; category c209; category c210; category c211; 6006cd6a6acSopenharmony_cicategory c212; category c213; category c214; category c215; 6016cd6a6acSopenharmony_cicategory c216; category c217; category c218; category c219; 6026cd6a6acSopenharmony_cicategory c220; category c221; category c222; category c223; 6036cd6a6acSopenharmony_cicategory c224; category c225; category c226; category c227; 6046cd6a6acSopenharmony_cicategory c228; category c229; category c230; category c231; 6056cd6a6acSopenharmony_cicategory c232; category c233; category c234; category c235; 6066cd6a6acSopenharmony_cicategory c236; category c237; category c238; category c239; 6076cd6a6acSopenharmony_cicategory c240; category c241; category c242; category c243; 6086cd6a6acSopenharmony_cicategory c244; category c245; category c246; category c247; 6096cd6a6acSopenharmony_cicategory c248; category c249; category c250; category c251; 6106cd6a6acSopenharmony_cicategory c252; category c253; category c254; category c255; 6116cd6a6acSopenharmony_cilevel s0:c0.c255; 6126cd6a6acSopenharmony_cimlsconstrain file { write setattr append unlink link rename 6136cd6a6acSopenharmony_ci ioctl lock execute relabelfrom } (h1 dom h2); 6146cd6a6acSopenharmony_cimlsconstrain file { create relabelto } ((h1 dom h2) and (l2 eq h2)); 6156cd6a6acSopenharmony_cimlsconstrain file { read } ((h1 dom h2) or ( t2 == domain ) or ( t1 == mlsfileread )); 6166cd6a6acSopenharmony_cimlsconstrain { dir lnk_file chr_file blk_file sock_file fifo_file } { relabelfrom } 6176cd6a6acSopenharmony_ci ( h1 dom h2 ); 6186cd6a6acSopenharmony_cimlsconstrain { dir lnk_file chr_file blk_file sock_file fifo_file } { create relabelto } 6196cd6a6acSopenharmony_ci (( h1 dom h2 ) and ( l2 eq h2 )); 6206cd6a6acSopenharmony_cimlsconstrain process { ptrace } ( h1 dom h2 ); 6216cd6a6acSopenharmony_cimlsconstrain process { sigkill sigstop } ( h1 dom h2 ) or 6226cd6a6acSopenharmony_ci ( t1 == mcskillall ); 6236cd6a6acSopenharmony_cimlsconstrain xextension query ( t1 == mlsfileread ); 6246cd6a6acSopenharmony_ciattribute netif_type; 6256cd6a6acSopenharmony_ciattribute node_type; 6266cd6a6acSopenharmony_ciattribute port_type; 6276cd6a6acSopenharmony_ciattribute reserved_port_type; 6286cd6a6acSopenharmony_ciattribute device_node; 6296cd6a6acSopenharmony_ciattribute memory_raw_read; 6306cd6a6acSopenharmony_ciattribute memory_raw_write; 6316cd6a6acSopenharmony_ciattribute domain; 6326cd6a6acSopenharmony_ciattribute unconfined_domain_type; 6336cd6a6acSopenharmony_ciattribute set_curr_context; 6346cd6a6acSopenharmony_ciattribute entry_type; 6356cd6a6acSopenharmony_ciattribute privfd; 6366cd6a6acSopenharmony_ciattribute can_change_process_identity; 6376cd6a6acSopenharmony_ciattribute can_change_process_role; 6386cd6a6acSopenharmony_ciattribute can_change_object_identity; 6396cd6a6acSopenharmony_ciattribute can_system_change; 6406cd6a6acSopenharmony_ciattribute process_user_target; 6416cd6a6acSopenharmony_ciattribute cron_source_domain; 6426cd6a6acSopenharmony_ciattribute cron_job_domain; 6436cd6a6acSopenharmony_ciattribute process_uncond_exempt; # add userhelperdomain to this one 6446cd6a6acSopenharmony_ciattribute file_type; 6456cd6a6acSopenharmony_ciattribute lockfile; 6466cd6a6acSopenharmony_ciattribute mountpoint; 6476cd6a6acSopenharmony_ciattribute pidfile; 6486cd6a6acSopenharmony_ciattribute polydir; 6496cd6a6acSopenharmony_ciattribute usercanread; 6506cd6a6acSopenharmony_ciattribute polyparent; 6516cd6a6acSopenharmony_ciattribute polymember; 6526cd6a6acSopenharmony_ciattribute security_file_type; 6536cd6a6acSopenharmony_ciattribute tmpfile; 6546cd6a6acSopenharmony_ciattribute tmpfsfile; 6556cd6a6acSopenharmony_ciattribute filesystem_type; 6566cd6a6acSopenharmony_ciattribute noxattrfs; 6576cd6a6acSopenharmony_ciattribute can_load_kernmodule; 6586cd6a6acSopenharmony_ciattribute can_receive_kernel_messages; 6596cd6a6acSopenharmony_ciattribute kern_unconfined; 6606cd6a6acSopenharmony_ciattribute proc_type; 6616cd6a6acSopenharmony_ciattribute sysctl_type; 6626cd6a6acSopenharmony_ciattribute mcskillall; 6636cd6a6acSopenharmony_ciattribute mlsfileread; 6646cd6a6acSopenharmony_ciattribute mlsfilereadtoclr; 6656cd6a6acSopenharmony_ciattribute mlsfilewrite; 6666cd6a6acSopenharmony_ciattribute mlsfilewritetoclr; 6676cd6a6acSopenharmony_ciattribute mlsfileupgrade; 6686cd6a6acSopenharmony_ciattribute mlsfiledowngrade; 6696cd6a6acSopenharmony_ciattribute mlsnetread; 6706cd6a6acSopenharmony_ciattribute mlsnetreadtoclr; 6716cd6a6acSopenharmony_ciattribute mlsnetwrite; 6726cd6a6acSopenharmony_ciattribute mlsnetwritetoclr; 6736cd6a6acSopenharmony_ciattribute mlsnetupgrade; 6746cd6a6acSopenharmony_ciattribute mlsnetdowngrade; 6756cd6a6acSopenharmony_ciattribute mlsnetrecvall; 6766cd6a6acSopenharmony_ciattribute mlsipcread; 6776cd6a6acSopenharmony_ciattribute mlsipcreadtoclr; 6786cd6a6acSopenharmony_ciattribute mlsipcwrite; 6796cd6a6acSopenharmony_ciattribute mlsipcwritetoclr; 6806cd6a6acSopenharmony_ciattribute mlsprocread; 6816cd6a6acSopenharmony_ciattribute mlsprocreadtoclr; 6826cd6a6acSopenharmony_ciattribute mlsprocwrite; 6836cd6a6acSopenharmony_ciattribute mlsprocwritetoclr; 6846cd6a6acSopenharmony_ciattribute mlsprocsetsl; 6856cd6a6acSopenharmony_ciattribute mlsxwinread; 6866cd6a6acSopenharmony_ciattribute mlsxwinreadtoclr; 6876cd6a6acSopenharmony_ciattribute mlsxwinwrite; 6886cd6a6acSopenharmony_ciattribute mlsxwinwritetoclr; 6896cd6a6acSopenharmony_ciattribute mlsxwinreadproperty; 6906cd6a6acSopenharmony_ciattribute mlsxwinwriteproperty; 6916cd6a6acSopenharmony_ciattribute mlsxwinreadcolormap; 6926cd6a6acSopenharmony_ciattribute mlsxwinwritecolormap; 6936cd6a6acSopenharmony_ciattribute mlsxwinwritexinput; 6946cd6a6acSopenharmony_ciattribute mlstrustedobject; 6956cd6a6acSopenharmony_ciattribute privrangetrans; 6966cd6a6acSopenharmony_ciattribute mlsrangetrans; 6976cd6a6acSopenharmony_ciattribute can_load_policy; 6986cd6a6acSopenharmony_ciattribute can_setenforce; 6996cd6a6acSopenharmony_ciattribute can_setsecparam; 7006cd6a6acSopenharmony_ciattribute ttynode; 7016cd6a6acSopenharmony_ciattribute ptynode; 7026cd6a6acSopenharmony_ciattribute server_ptynode; 7036cd6a6acSopenharmony_ciattribute serial_device; 7046cd6a6acSopenharmony_citype bin_t; 7056cd6a6acSopenharmony_citype sbin_t; 7066cd6a6acSopenharmony_citype ls_exec_t; 7076cd6a6acSopenharmony_citype shell_exec_t; 7086cd6a6acSopenharmony_citype chroot_exec_t; 7096cd6a6acSopenharmony_citype ppp_device_t; 7106cd6a6acSopenharmony_citype tun_tap_device_t; 7116cd6a6acSopenharmony_citype port_t, port_type; 7126cd6a6acSopenharmony_citype reserved_port_t, port_type, reserved_port_type; 7136cd6a6acSopenharmony_citype afs_bos_port_t, port_type; 7146cd6a6acSopenharmony_citype afs_fs_port_t, port_type; 7156cd6a6acSopenharmony_citype afs_ka_port_t, port_type; 7166cd6a6acSopenharmony_citype afs_pt_port_t, port_type; 7176cd6a6acSopenharmony_citype afs_vl_port_t, port_type; 7186cd6a6acSopenharmony_citype amanda_port_t, port_type; 7196cd6a6acSopenharmony_citype amavisd_recv_port_t, port_type; 7206cd6a6acSopenharmony_citype amavisd_send_port_t, port_type; 7216cd6a6acSopenharmony_citype asterisk_port_t, port_type; 7226cd6a6acSopenharmony_citype auth_port_t, port_type; 7236cd6a6acSopenharmony_citype bgp_port_t, port_type; 7246cd6a6acSopenharmony_citype biff_port_t, port_type, reserved_port_type; 7256cd6a6acSopenharmony_citype clamd_port_t, port_type; 7266cd6a6acSopenharmony_citype clockspeed_port_t, port_type; 7276cd6a6acSopenharmony_citype comsat_port_t, port_type; 7286cd6a6acSopenharmony_citype cvs_port_t, port_type; 7296cd6a6acSopenharmony_citype dcc_port_t, port_type; 7306cd6a6acSopenharmony_citype dbskkd_port_t, port_type; 7316cd6a6acSopenharmony_citype dhcpc_port_t, port_type; 7326cd6a6acSopenharmony_citype dhcpd_port_t, port_type; 7336cd6a6acSopenharmony_citype dict_port_t, port_type; 7346cd6a6acSopenharmony_citype distccd_port_t, port_type; 7356cd6a6acSopenharmony_citype dns_port_t, port_type; 7366cd6a6acSopenharmony_citype fingerd_port_t, port_type; 7376cd6a6acSopenharmony_citype ftp_data_port_t, port_type; 7386cd6a6acSopenharmony_citype ftp_port_t, port_type; 7396cd6a6acSopenharmony_citype gatekeeper_port_t, port_type; 7406cd6a6acSopenharmony_citype giftd_port_t, port_type; 7416cd6a6acSopenharmony_citype gopher_port_t, port_type; 7426cd6a6acSopenharmony_citype http_cache_port_t, port_type; 7436cd6a6acSopenharmony_citype http_port_t, port_type; 7446cd6a6acSopenharmony_citype howl_port_t, port_type; 7456cd6a6acSopenharmony_citype hplip_port_t, port_type; 7466cd6a6acSopenharmony_citype i18n_input_port_t, port_type; 7476cd6a6acSopenharmony_citype imaze_port_t, port_type; 7486cd6a6acSopenharmony_citype inetd_child_port_t, port_type; 7496cd6a6acSopenharmony_citype innd_port_t, port_type; 7506cd6a6acSopenharmony_citype ipp_port_t, port_type; 7516cd6a6acSopenharmony_citype ircd_port_t, port_type; 7526cd6a6acSopenharmony_citype isakmp_port_t, port_type; 7536cd6a6acSopenharmony_citype jabber_client_port_t, port_type; 7546cd6a6acSopenharmony_citype jabber_interserver_port_t, port_type; 7556cd6a6acSopenharmony_citype kerberos_admin_port_t, port_type; 7566cd6a6acSopenharmony_citype kerberos_master_port_t, port_type; 7576cd6a6acSopenharmony_citype kerberos_port_t, port_type; 7586cd6a6acSopenharmony_citype ktalkd_port_t, port_type; 7596cd6a6acSopenharmony_citype ldap_port_t, port_type; 7606cd6a6acSopenharmony_citype lrrd_port_t, port_type; 7616cd6a6acSopenharmony_citype mail_port_t, port_type; 7626cd6a6acSopenharmony_citype monopd_port_t, port_type; 7636cd6a6acSopenharmony_citype mysqld_port_t, port_type; 7646cd6a6acSopenharmony_citype nessus_port_t, port_type; 7656cd6a6acSopenharmony_citype nmbd_port_t, port_type; 7666cd6a6acSopenharmony_citype ntp_port_t, port_type; 7676cd6a6acSopenharmony_citype openvpn_port_t, port_type; 7686cd6a6acSopenharmony_citype pegasus_http_port_t, port_type; 7696cd6a6acSopenharmony_citype pegasus_https_port_t, port_type; 7706cd6a6acSopenharmony_citype pop_port_t, port_type; 7716cd6a6acSopenharmony_citype portmap_port_t, port_type; 7726cd6a6acSopenharmony_citype postgresql_port_t, port_type; 7736cd6a6acSopenharmony_citype postgrey_port_t, port_type; 7746cd6a6acSopenharmony_citype printer_port_t, port_type; 7756cd6a6acSopenharmony_citype ptal_port_t, port_type; 7766cd6a6acSopenharmony_citype pxe_port_t, port_type; 7776cd6a6acSopenharmony_citype pyzor_port_t, port_type; 7786cd6a6acSopenharmony_citype radacct_port_t, port_type; 7796cd6a6acSopenharmony_citype radius_port_t, port_type; 7806cd6a6acSopenharmony_citype razor_port_t, port_type; 7816cd6a6acSopenharmony_citype rlogind_port_t, port_type; 7826cd6a6acSopenharmony_citype rndc_port_t, port_type; 7836cd6a6acSopenharmony_citype router_port_t, port_type; 7846cd6a6acSopenharmony_citype rsh_port_t, port_type; 7856cd6a6acSopenharmony_citype rsync_port_t, port_type; 7866cd6a6acSopenharmony_citype smbd_port_t, port_type; 7876cd6a6acSopenharmony_citype smtp_port_t, port_type; 7886cd6a6acSopenharmony_citype snmp_port_t, port_type; 7896cd6a6acSopenharmony_citype spamd_port_t, port_type; 7906cd6a6acSopenharmony_citype ssh_port_t, port_type; 7916cd6a6acSopenharmony_citype soundd_port_t, port_type; 7926cd6a6acSopenharmony_citype socks_port_t, port_type; type stunnel_port_t, port_type; 7936cd6a6acSopenharmony_citype swat_port_t, port_type; 7946cd6a6acSopenharmony_citype syslogd_port_t, port_type; 7956cd6a6acSopenharmony_citype telnetd_port_t, port_type; 7966cd6a6acSopenharmony_citype tftp_port_t, port_type; 7976cd6a6acSopenharmony_citype transproxy_port_t, port_type; 7986cd6a6acSopenharmony_citype utcpserver_port_t, port_type; 7996cd6a6acSopenharmony_citype uucpd_port_t, port_type; 8006cd6a6acSopenharmony_citype vnc_port_t, port_type; 8016cd6a6acSopenharmony_citype xserver_port_t, port_type; 8026cd6a6acSopenharmony_citype xen_port_t, port_type; 8036cd6a6acSopenharmony_citype zebra_port_t, port_type; 8046cd6a6acSopenharmony_citype zope_port_t, port_type; 8056cd6a6acSopenharmony_citype node_t, node_type; 8066cd6a6acSopenharmony_citype compat_ipv4_node_t alias node_compat_ipv4_t, node_type; 8076cd6a6acSopenharmony_citype inaddr_any_node_t alias node_inaddr_any_t, node_type; 8086cd6a6acSopenharmony_citype node_internal_t, node_type; 8096cd6a6acSopenharmony_citype link_local_node_t alias node_link_local_t, node_type; 8106cd6a6acSopenharmony_citype lo_node_t alias node_lo_t, node_type; 8116cd6a6acSopenharmony_citype mapped_ipv4_node_t alias node_mapped_ipv4_t, node_type; 8126cd6a6acSopenharmony_citype multicast_node_t alias node_multicast_t, node_type; 8136cd6a6acSopenharmony_citype site_local_node_t alias node_site_local_t, node_type; 8146cd6a6acSopenharmony_citype unspec_node_t alias node_unspec_t, node_type; 8156cd6a6acSopenharmony_citype netif_t, netif_type; 8166cd6a6acSopenharmony_citype device_t; 8176cd6a6acSopenharmony_citype agp_device_t; 8186cd6a6acSopenharmony_citype apm_bios_t; 8196cd6a6acSopenharmony_citype cardmgr_dev_t; 8206cd6a6acSopenharmony_citype clock_device_t; 8216cd6a6acSopenharmony_citype cpu_device_t; 8226cd6a6acSopenharmony_citype crypt_device_t; 8236cd6a6acSopenharmony_citype dri_device_t; 8246cd6a6acSopenharmony_citype event_device_t; 8256cd6a6acSopenharmony_citype framebuf_device_t; 8266cd6a6acSopenharmony_citype lvm_control_t; 8276cd6a6acSopenharmony_citype memory_device_t; 8286cd6a6acSopenharmony_citype misc_device_t; 8296cd6a6acSopenharmony_citype mouse_device_t; 8306cd6a6acSopenharmony_citype mtrr_device_t; 8316cd6a6acSopenharmony_citype null_device_t; 8326cd6a6acSopenharmony_citype power_device_t; 8336cd6a6acSopenharmony_citype printer_device_t; 8346cd6a6acSopenharmony_citype random_device_t; 8356cd6a6acSopenharmony_citype scanner_device_t; 8366cd6a6acSopenharmony_citype sound_device_t; 8376cd6a6acSopenharmony_citype sysfs_t; 8386cd6a6acSopenharmony_citype urandom_device_t; 8396cd6a6acSopenharmony_citype usbfs_t alias usbdevfs_t; 8406cd6a6acSopenharmony_citype usb_device_t; 8416cd6a6acSopenharmony_citype v4l_device_t; 8426cd6a6acSopenharmony_citype xserver_misc_device_t; 8436cd6a6acSopenharmony_citype zero_device_t; 8446cd6a6acSopenharmony_citype xconsole_device_t; 8456cd6a6acSopenharmony_citype devfs_control_t; 8466cd6a6acSopenharmony_citype boot_t; 8476cd6a6acSopenharmony_citype default_t, file_type, mountpoint; 8486cd6a6acSopenharmony_citype etc_t, file_type; 8496cd6a6acSopenharmony_citype etc_runtime_t, file_type; 8506cd6a6acSopenharmony_citype file_t, file_type, mountpoint; 8516cd6a6acSopenharmony_citype home_root_t, file_type, mountpoint; 8526cd6a6acSopenharmony_citype lost_found_t, file_type; 8536cd6a6acSopenharmony_citype mnt_t, file_type, mountpoint; 8546cd6a6acSopenharmony_citype modules_object_t; 8556cd6a6acSopenharmony_citype no_access_t, file_type; 8566cd6a6acSopenharmony_citype poly_t, file_type; 8576cd6a6acSopenharmony_citype readable_t, file_type; 8586cd6a6acSopenharmony_citype root_t, file_type, mountpoint; 8596cd6a6acSopenharmony_citype src_t, file_type, mountpoint; 8606cd6a6acSopenharmony_citype system_map_t; 8616cd6a6acSopenharmony_citype tmp_t, mountpoint; #, polydir 8626cd6a6acSopenharmony_citype usr_t, file_type, mountpoint; 8636cd6a6acSopenharmony_citype var_t, file_type, mountpoint; 8646cd6a6acSopenharmony_citype var_lib_t, file_type, mountpoint; 8656cd6a6acSopenharmony_citype var_lock_t, file_type, lockfile; 8666cd6a6acSopenharmony_citype var_run_t, file_type, pidfile; 8676cd6a6acSopenharmony_citype var_spool_t; 8686cd6a6acSopenharmony_citype fs_t; 8696cd6a6acSopenharmony_citype bdev_t; 8706cd6a6acSopenharmony_citype binfmt_misc_fs_t; 8716cd6a6acSopenharmony_citype capifs_t; 8726cd6a6acSopenharmony_citype configfs_t; 8736cd6a6acSopenharmony_citype eventpollfs_t; 8746cd6a6acSopenharmony_citype futexfs_t; 8756cd6a6acSopenharmony_citype hugetlbfs_t; 8766cd6a6acSopenharmony_citype inotifyfs_t; 8776cd6a6acSopenharmony_citype nfsd_fs_t; 8786cd6a6acSopenharmony_citype ramfs_t; 8796cd6a6acSopenharmony_citype romfs_t; 8806cd6a6acSopenharmony_citype rpc_pipefs_t; 8816cd6a6acSopenharmony_citype tmpfs_t; 8826cd6a6acSopenharmony_citype autofs_t, noxattrfs; 8836cd6a6acSopenharmony_citype cifs_t alias sambafs_t, noxattrfs; 8846cd6a6acSopenharmony_citype dosfs_t, noxattrfs; 8856cd6a6acSopenharmony_citype iso9660_t, filesystem_type, noxattrfs; 8866cd6a6acSopenharmony_citype removable_t, noxattrfs; 8876cd6a6acSopenharmony_citype nfs_t, filesystem_type, noxattrfs; 8886cd6a6acSopenharmony_citype kernel_t, can_load_kernmodule; 8896cd6a6acSopenharmony_citype debugfs_t; 8906cd6a6acSopenharmony_citype proc_t, proc_type; 8916cd6a6acSopenharmony_citype proc_kmsg_t, proc_type; 8926cd6a6acSopenharmony_citype proc_kcore_t, proc_type; 8936cd6a6acSopenharmony_citype proc_mdstat_t, proc_type; 8946cd6a6acSopenharmony_citype proc_net_t, proc_type; 8956cd6a6acSopenharmony_citype proc_xen_t, proc_type; 8966cd6a6acSopenharmony_citype sysctl_t, sysctl_type; 8976cd6a6acSopenharmony_citype sysctl_irq_t, sysctl_type; 8986cd6a6acSopenharmony_citype sysctl_rpc_t, sysctl_type; 8996cd6a6acSopenharmony_citype sysctl_fs_t, sysctl_type; 9006cd6a6acSopenharmony_citype sysctl_kernel_t, sysctl_type; 9016cd6a6acSopenharmony_citype sysctl_modprobe_t, sysctl_type; 9026cd6a6acSopenharmony_citype sysctl_hotplug_t, sysctl_type; 9036cd6a6acSopenharmony_citype sysctl_net_t, sysctl_type; 9046cd6a6acSopenharmony_citype sysctl_net_unix_t, sysctl_type; 9056cd6a6acSopenharmony_citype sysctl_vm_t, sysctl_type; 9066cd6a6acSopenharmony_citype sysctl_dev_t, sysctl_type; 9076cd6a6acSopenharmony_citype unlabeled_t; 9086cd6a6acSopenharmony_citype auditd_exec_t; 9096cd6a6acSopenharmony_citype crond_exec_t; 9106cd6a6acSopenharmony_citype cupsd_exec_t; 9116cd6a6acSopenharmony_citype getty_t; 9126cd6a6acSopenharmony_citype init_t; 9136cd6a6acSopenharmony_citype init_exec_t; 9146cd6a6acSopenharmony_citype initrc_t; 9156cd6a6acSopenharmony_citype initrc_exec_t; 9166cd6a6acSopenharmony_citype login_exec_t; 9176cd6a6acSopenharmony_citype sshd_exec_t; 9186cd6a6acSopenharmony_citype su_exec_t; 9196cd6a6acSopenharmony_citype udev_exec_t; 9206cd6a6acSopenharmony_citype unconfined_t; 9216cd6a6acSopenharmony_citype xdm_exec_t; 9226cd6a6acSopenharmony_citype lvm_exec_t; 9236cd6a6acSopenharmony_citype security_t; 9246cd6a6acSopenharmony_citype bsdpty_device_t; 9256cd6a6acSopenharmony_citype console_device_t; 9266cd6a6acSopenharmony_citype devpts_t; 9276cd6a6acSopenharmony_citype devtty_t; 9286cd6a6acSopenharmony_citype ptmx_t; 9296cd6a6acSopenharmony_citype tty_device_t, serial_device; 9306cd6a6acSopenharmony_citype usbtty_device_t, serial_device; 9316cd6a6acSopenharmony_ci bool secure_mode false; 9326cd6a6acSopenharmony_ci bool secure_mode_insmod false; 9336cd6a6acSopenharmony_ci bool secure_mode_policyload false; 9346cd6a6acSopenharmony_ci bool allow_cvs_read_shadow false; 9356cd6a6acSopenharmony_ci bool allow_execheap false; 9366cd6a6acSopenharmony_ci bool allow_execmem true; 9376cd6a6acSopenharmony_ci bool allow_execmod false; 9386cd6a6acSopenharmony_ci bool allow_execstack true; 9396cd6a6acSopenharmony_ci bool allow_ftpd_anon_write false; 9406cd6a6acSopenharmony_ci bool allow_gssd_read_tmp true; 9416cd6a6acSopenharmony_ci bool allow_httpd_anon_write false; 9426cd6a6acSopenharmony_ci bool allow_java_execstack false; 9436cd6a6acSopenharmony_ci bool allow_kerberos true; 9446cd6a6acSopenharmony_ci bool allow_rsync_anon_write false; 9456cd6a6acSopenharmony_ci bool allow_saslauthd_read_shadow false; 9466cd6a6acSopenharmony_ci bool allow_smbd_anon_write false; 9476cd6a6acSopenharmony_ci bool allow_ptrace false; 9486cd6a6acSopenharmony_ci bool allow_ypbind false; 9496cd6a6acSopenharmony_ci bool fcron_crond false; 9506cd6a6acSopenharmony_ci bool ftp_home_dir false; 9516cd6a6acSopenharmony_ci bool ftpd_is_daemon true; 9526cd6a6acSopenharmony_ci bool httpd_builtin_scripting true; 9536cd6a6acSopenharmony_ci bool httpd_can_network_connect false; 9546cd6a6acSopenharmony_ci bool httpd_can_network_connect_db false; 9556cd6a6acSopenharmony_ci bool httpd_can_network_relay false; 9566cd6a6acSopenharmony_ci bool httpd_enable_cgi true; 9576cd6a6acSopenharmony_ci bool httpd_enable_ftp_server false; 9586cd6a6acSopenharmony_ci bool httpd_enable_homedirs true; 9596cd6a6acSopenharmony_ci bool httpd_ssi_exec true; 9606cd6a6acSopenharmony_ci bool httpd_tty_comm false; 9616cd6a6acSopenharmony_ci bool httpd_unified true; 9626cd6a6acSopenharmony_ci bool named_write_master_zones false; 9636cd6a6acSopenharmony_ci bool nfs_export_all_rw true; 9646cd6a6acSopenharmony_ci bool nfs_export_all_ro true; 9656cd6a6acSopenharmony_ci bool pppd_can_insmod false; 9666cd6a6acSopenharmony_ci bool read_default_t true; 9676cd6a6acSopenharmony_ci bool run_ssh_inetd false; 9686cd6a6acSopenharmony_ci bool samba_enable_home_dirs false; 9696cd6a6acSopenharmony_ci bool spamassasin_can_network false; 9706cd6a6acSopenharmony_ci bool squid_connect_any false; 9716cd6a6acSopenharmony_ci bool ssh_sysadm_login false; 9726cd6a6acSopenharmony_ci bool stunnel_is_daemon false; 9736cd6a6acSopenharmony_ci bool use_nfs_home_dirs false; 9746cd6a6acSopenharmony_ci bool use_samba_home_dirs false; 9756cd6a6acSopenharmony_ci bool user_ping true; 9766cd6a6acSopenharmony_ci bool spamd_enable_home_dirs true; 9776cd6a6acSopenharmony_ci allow bin_t fs_t:filesystem associate; 9786cd6a6acSopenharmony_ci allow bin_t noxattrfs:filesystem associate; 9796cd6a6acSopenharmony_ci typeattribute bin_t file_type; 9806cd6a6acSopenharmony_ci allow sbin_t fs_t:filesystem associate; 9816cd6a6acSopenharmony_ci allow sbin_t noxattrfs:filesystem associate; 9826cd6a6acSopenharmony_ci typeattribute sbin_t file_type; 9836cd6a6acSopenharmony_ci allow ls_exec_t fs_t:filesystem associate; 9846cd6a6acSopenharmony_ci allow ls_exec_t noxattrfs:filesystem associate; 9856cd6a6acSopenharmony_ci typeattribute ls_exec_t file_type; 9866cd6a6acSopenharmony_citypeattribute ls_exec_t entry_type; 9876cd6a6acSopenharmony_ci allow shell_exec_t fs_t:filesystem associate; 9886cd6a6acSopenharmony_ci allow shell_exec_t noxattrfs:filesystem associate; 9896cd6a6acSopenharmony_ci typeattribute shell_exec_t file_type; 9906cd6a6acSopenharmony_ci allow chroot_exec_t fs_t:filesystem associate; 9916cd6a6acSopenharmony_ci allow chroot_exec_t noxattrfs:filesystem associate; 9926cd6a6acSopenharmony_ci typeattribute chroot_exec_t file_type; 9936cd6a6acSopenharmony_ci typeattribute ppp_device_t device_node; 9946cd6a6acSopenharmony_ci allow ppp_device_t fs_t:filesystem associate; 9956cd6a6acSopenharmony_ci allow ppp_device_t tmpfs_t:filesystem associate; 9966cd6a6acSopenharmony_ci allow ppp_device_t tmp_t:filesystem associate; 9976cd6a6acSopenharmony_ci typeattribute tun_tap_device_t device_node; 9986cd6a6acSopenharmony_ci allow tun_tap_device_t fs_t:filesystem associate; 9996cd6a6acSopenharmony_ci allow tun_tap_device_t tmpfs_t:filesystem associate; 10006cd6a6acSopenharmony_ci allow tun_tap_device_t tmp_t:filesystem associate; 10016cd6a6acSopenharmony_citypeattribute auth_port_t reserved_port_type; 10026cd6a6acSopenharmony_citypeattribute bgp_port_t reserved_port_type; 10036cd6a6acSopenharmony_citypeattribute bgp_port_t reserved_port_type; 10046cd6a6acSopenharmony_citypeattribute comsat_port_t reserved_port_type; 10056cd6a6acSopenharmony_citypeattribute dhcpc_port_t reserved_port_type; 10066cd6a6acSopenharmony_citypeattribute dhcpd_port_t reserved_port_type; 10076cd6a6acSopenharmony_citypeattribute dhcpd_port_t reserved_port_type; 10086cd6a6acSopenharmony_citypeattribute dhcpd_port_t reserved_port_type; 10096cd6a6acSopenharmony_citypeattribute dhcpd_port_t reserved_port_type; 10106cd6a6acSopenharmony_citypeattribute dhcpd_port_t reserved_port_type; 10116cd6a6acSopenharmony_citypeattribute dns_port_t reserved_port_type; 10126cd6a6acSopenharmony_citypeattribute dns_port_t reserved_port_type; 10136cd6a6acSopenharmony_citypeattribute fingerd_port_t reserved_port_type; 10146cd6a6acSopenharmony_citypeattribute ftp_data_port_t reserved_port_type; 10156cd6a6acSopenharmony_citypeattribute ftp_port_t reserved_port_type; 10166cd6a6acSopenharmony_citypeattribute gopher_port_t reserved_port_type; 10176cd6a6acSopenharmony_citypeattribute gopher_port_t reserved_port_type; 10186cd6a6acSopenharmony_citypeattribute http_port_t reserved_port_type; 10196cd6a6acSopenharmony_citypeattribute http_port_t reserved_port_type; 10206cd6a6acSopenharmony_citypeattribute http_port_t reserved_port_type; 10216cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10226cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10236cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10246cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10256cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10266cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10276cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10286cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10296cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10306cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10316cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10326cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10336cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10346cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10356cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10366cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10376cd6a6acSopenharmony_citypeattribute inetd_child_port_t reserved_port_type; 10386cd6a6acSopenharmony_citypeattribute innd_port_t reserved_port_type; 10396cd6a6acSopenharmony_citypeattribute ipp_port_t reserved_port_type; 10406cd6a6acSopenharmony_citypeattribute ipp_port_t reserved_port_type; 10416cd6a6acSopenharmony_citypeattribute isakmp_port_t reserved_port_type; 10426cd6a6acSopenharmony_citypeattribute kerberos_admin_port_t reserved_port_type; 10436cd6a6acSopenharmony_citypeattribute kerberos_admin_port_t reserved_port_type; 10446cd6a6acSopenharmony_citypeattribute kerberos_admin_port_t reserved_port_type; 10456cd6a6acSopenharmony_citypeattribute kerberos_port_t reserved_port_type; 10466cd6a6acSopenharmony_citypeattribute kerberos_port_t reserved_port_type; 10476cd6a6acSopenharmony_citypeattribute kerberos_port_t reserved_port_type; 10486cd6a6acSopenharmony_citypeattribute kerberos_port_t reserved_port_type; 10496cd6a6acSopenharmony_citypeattribute ktalkd_port_t reserved_port_type; 10506cd6a6acSopenharmony_citypeattribute ktalkd_port_t reserved_port_type; 10516cd6a6acSopenharmony_citypeattribute ldap_port_t reserved_port_type; 10526cd6a6acSopenharmony_citypeattribute ldap_port_t reserved_port_type; 10536cd6a6acSopenharmony_citypeattribute ldap_port_t reserved_port_type; 10546cd6a6acSopenharmony_citypeattribute ldap_port_t reserved_port_type; 10556cd6a6acSopenharmony_citypeattribute nmbd_port_t reserved_port_type; 10566cd6a6acSopenharmony_citypeattribute nmbd_port_t reserved_port_type; 10576cd6a6acSopenharmony_citypeattribute nmbd_port_t reserved_port_type; 10586cd6a6acSopenharmony_citypeattribute ntp_port_t reserved_port_type; 10596cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10606cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10616cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10626cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10636cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10646cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10656cd6a6acSopenharmony_citypeattribute pop_port_t reserved_port_type; 10666cd6a6acSopenharmony_citypeattribute portmap_port_t reserved_port_type; 10676cd6a6acSopenharmony_citypeattribute portmap_port_t reserved_port_type; 10686cd6a6acSopenharmony_citypeattribute printer_port_t reserved_port_type; 10696cd6a6acSopenharmony_citypeattribute rlogind_port_t reserved_port_type; 10706cd6a6acSopenharmony_citypeattribute rndc_port_t reserved_port_type; 10716cd6a6acSopenharmony_citypeattribute router_port_t reserved_port_type; 10726cd6a6acSopenharmony_citypeattribute rsh_port_t reserved_port_type; 10736cd6a6acSopenharmony_citypeattribute rsync_port_t reserved_port_type; 10746cd6a6acSopenharmony_citypeattribute rsync_port_t reserved_port_type; 10756cd6a6acSopenharmony_citypeattribute smbd_port_t reserved_port_type; 10766cd6a6acSopenharmony_citypeattribute smbd_port_t reserved_port_type; 10776cd6a6acSopenharmony_citypeattribute smtp_port_t reserved_port_type; 10786cd6a6acSopenharmony_citypeattribute smtp_port_t reserved_port_type; 10796cd6a6acSopenharmony_citypeattribute smtp_port_t reserved_port_type; 10806cd6a6acSopenharmony_citypeattribute snmp_port_t reserved_port_type; 10816cd6a6acSopenharmony_citypeattribute snmp_port_t reserved_port_type; 10826cd6a6acSopenharmony_citypeattribute snmp_port_t reserved_port_type; 10836cd6a6acSopenharmony_citypeattribute spamd_port_t reserved_port_type; 10846cd6a6acSopenharmony_citypeattribute ssh_port_t reserved_port_type; 10856cd6a6acSopenharmony_citypeattribute swat_port_t reserved_port_type; 10866cd6a6acSopenharmony_citypeattribute syslogd_port_t reserved_port_type; 10876cd6a6acSopenharmony_citypeattribute telnetd_port_t reserved_port_type; 10886cd6a6acSopenharmony_citypeattribute tftp_port_t reserved_port_type; 10896cd6a6acSopenharmony_citypeattribute uucpd_port_t reserved_port_type; 10906cd6a6acSopenharmony_ci allow device_t tmpfs_t:filesystem associate; 10916cd6a6acSopenharmony_ci allow device_t fs_t:filesystem associate; 10926cd6a6acSopenharmony_ci allow device_t noxattrfs:filesystem associate; 10936cd6a6acSopenharmony_ci typeattribute device_t file_type; 10946cd6a6acSopenharmony_ci allow device_t fs_t:filesystem associate; 10956cd6a6acSopenharmony_ci allow device_t noxattrfs:filesystem associate; 10966cd6a6acSopenharmony_ci typeattribute device_t file_type; 10976cd6a6acSopenharmony_ci typeattribute device_t mountpoint; 10986cd6a6acSopenharmony_ci allow device_t tmp_t:filesystem associate; 10996cd6a6acSopenharmony_ci typeattribute agp_device_t device_node; 11006cd6a6acSopenharmony_ci allow agp_device_t fs_t:filesystem associate; 11016cd6a6acSopenharmony_ci allow agp_device_t tmpfs_t:filesystem associate; 11026cd6a6acSopenharmony_ci allow agp_device_t tmp_t:filesystem associate; 11036cd6a6acSopenharmony_ci typeattribute apm_bios_t device_node; 11046cd6a6acSopenharmony_ci allow apm_bios_t fs_t:filesystem associate; 11056cd6a6acSopenharmony_ci allow apm_bios_t tmpfs_t:filesystem associate; 11066cd6a6acSopenharmony_ci allow apm_bios_t tmp_t:filesystem associate; 11076cd6a6acSopenharmony_ci typeattribute cardmgr_dev_t device_node; 11086cd6a6acSopenharmony_ci allow cardmgr_dev_t fs_t:filesystem associate; 11096cd6a6acSopenharmony_ci allow cardmgr_dev_t tmpfs_t:filesystem associate; 11106cd6a6acSopenharmony_ci allow cardmgr_dev_t tmp_t:filesystem associate; 11116cd6a6acSopenharmony_ci allow cardmgr_dev_t fs_t:filesystem associate; 11126cd6a6acSopenharmony_ci allow cardmgr_dev_t noxattrfs:filesystem associate; 11136cd6a6acSopenharmony_ci typeattribute cardmgr_dev_t file_type; 11146cd6a6acSopenharmony_ci allow cardmgr_dev_t fs_t:filesystem associate; 11156cd6a6acSopenharmony_ci allow cardmgr_dev_t noxattrfs:filesystem associate; 11166cd6a6acSopenharmony_ci typeattribute cardmgr_dev_t file_type; 11176cd6a6acSopenharmony_ci typeattribute cardmgr_dev_t polymember; 11186cd6a6acSopenharmony_ci allow cardmgr_dev_t tmpfs_t:filesystem associate; 11196cd6a6acSopenharmony_ci typeattribute cardmgr_dev_t tmpfile; 11206cd6a6acSopenharmony_ci allow cardmgr_dev_t tmp_t:filesystem associate; 11216cd6a6acSopenharmony_ci typeattribute clock_device_t device_node; 11226cd6a6acSopenharmony_ci allow clock_device_t fs_t:filesystem associate; 11236cd6a6acSopenharmony_ci allow clock_device_t tmpfs_t:filesystem associate; 11246cd6a6acSopenharmony_ci allow clock_device_t tmp_t:filesystem associate; 11256cd6a6acSopenharmony_ci typeattribute cpu_device_t device_node; 11266cd6a6acSopenharmony_ci allow cpu_device_t fs_t:filesystem associate; 11276cd6a6acSopenharmony_ci allow cpu_device_t tmpfs_t:filesystem associate; 11286cd6a6acSopenharmony_ci allow cpu_device_t tmp_t:filesystem associate; 11296cd6a6acSopenharmony_ci typeattribute crypt_device_t device_node; 11306cd6a6acSopenharmony_ci allow crypt_device_t fs_t:filesystem associate; 11316cd6a6acSopenharmony_ci allow crypt_device_t tmpfs_t:filesystem associate; 11326cd6a6acSopenharmony_ci allow crypt_device_t tmp_t:filesystem associate; 11336cd6a6acSopenharmony_ci typeattribute dri_device_t device_node; 11346cd6a6acSopenharmony_ci allow dri_device_t fs_t:filesystem associate; 11356cd6a6acSopenharmony_ci allow dri_device_t tmpfs_t:filesystem associate; 11366cd6a6acSopenharmony_ci allow dri_device_t tmp_t:filesystem associate; 11376cd6a6acSopenharmony_ci typeattribute event_device_t device_node; 11386cd6a6acSopenharmony_ci allow event_device_t fs_t:filesystem associate; 11396cd6a6acSopenharmony_ci allow event_device_t tmpfs_t:filesystem associate; 11406cd6a6acSopenharmony_ci allow event_device_t tmp_t:filesystem associate; 11416cd6a6acSopenharmony_ci typeattribute framebuf_device_t device_node; 11426cd6a6acSopenharmony_ci allow framebuf_device_t fs_t:filesystem associate; 11436cd6a6acSopenharmony_ci allow framebuf_device_t tmpfs_t:filesystem associate; 11446cd6a6acSopenharmony_ci allow framebuf_device_t tmp_t:filesystem associate; 11456cd6a6acSopenharmony_ci typeattribute lvm_control_t device_node; 11466cd6a6acSopenharmony_ci allow lvm_control_t fs_t:filesystem associate; 11476cd6a6acSopenharmony_ci allow lvm_control_t tmpfs_t:filesystem associate; 11486cd6a6acSopenharmony_ci allow lvm_control_t tmp_t:filesystem associate; 11496cd6a6acSopenharmony_ci typeattribute memory_device_t device_node; 11506cd6a6acSopenharmony_ci allow memory_device_t fs_t:filesystem associate; 11516cd6a6acSopenharmony_ci allow memory_device_t tmpfs_t:filesystem associate; 11526cd6a6acSopenharmony_ci allow memory_device_t tmp_t:filesystem associate; 11536cd6a6acSopenharmony_cineverallow ~memory_raw_read memory_device_t:{ chr_file blk_file } read; 11546cd6a6acSopenharmony_cineverallow ~memory_raw_write memory_device_t:{ chr_file blk_file } { append write }; 11556cd6a6acSopenharmony_ci typeattribute misc_device_t device_node; 11566cd6a6acSopenharmony_ci allow misc_device_t fs_t:filesystem associate; 11576cd6a6acSopenharmony_ci allow misc_device_t tmpfs_t:filesystem associate; 11586cd6a6acSopenharmony_ci allow misc_device_t tmp_t:filesystem associate; 11596cd6a6acSopenharmony_ci typeattribute mouse_device_t device_node; 11606cd6a6acSopenharmony_ci allow mouse_device_t fs_t:filesystem associate; 11616cd6a6acSopenharmony_ci allow mouse_device_t tmpfs_t:filesystem associate; 11626cd6a6acSopenharmony_ci allow mouse_device_t tmp_t:filesystem associate; 11636cd6a6acSopenharmony_ci typeattribute mtrr_device_t device_node; 11646cd6a6acSopenharmony_ci allow mtrr_device_t fs_t:filesystem associate; 11656cd6a6acSopenharmony_ci allow mtrr_device_t tmpfs_t:filesystem associate; 11666cd6a6acSopenharmony_ci allow mtrr_device_t tmp_t:filesystem associate; 11676cd6a6acSopenharmony_ci typeattribute null_device_t device_node; 11686cd6a6acSopenharmony_ci allow null_device_t fs_t:filesystem associate; 11696cd6a6acSopenharmony_ci allow null_device_t tmpfs_t:filesystem associate; 11706cd6a6acSopenharmony_ci allow null_device_t tmp_t:filesystem associate; 11716cd6a6acSopenharmony_ci typeattribute null_device_t mlstrustedobject; 11726cd6a6acSopenharmony_ci typeattribute power_device_t device_node; 11736cd6a6acSopenharmony_ci allow power_device_t fs_t:filesystem associate; 11746cd6a6acSopenharmony_ci allow power_device_t tmpfs_t:filesystem associate; 11756cd6a6acSopenharmony_ci allow power_device_t tmp_t:filesystem associate; 11766cd6a6acSopenharmony_ci typeattribute printer_device_t device_node; 11776cd6a6acSopenharmony_ci allow printer_device_t fs_t:filesystem associate; 11786cd6a6acSopenharmony_ci allow printer_device_t tmpfs_t:filesystem associate; 11796cd6a6acSopenharmony_ci allow printer_device_t tmp_t:filesystem associate; 11806cd6a6acSopenharmony_ci typeattribute random_device_t device_node; 11816cd6a6acSopenharmony_ci allow random_device_t fs_t:filesystem associate; 11826cd6a6acSopenharmony_ci allow random_device_t tmpfs_t:filesystem associate; 11836cd6a6acSopenharmony_ci allow random_device_t tmp_t:filesystem associate; 11846cd6a6acSopenharmony_ci typeattribute scanner_device_t device_node; 11856cd6a6acSopenharmony_ci allow scanner_device_t fs_t:filesystem associate; 11866cd6a6acSopenharmony_ci allow scanner_device_t tmpfs_t:filesystem associate; 11876cd6a6acSopenharmony_ci allow scanner_device_t tmp_t:filesystem associate; 11886cd6a6acSopenharmony_ci typeattribute sound_device_t device_node; 11896cd6a6acSopenharmony_ci allow sound_device_t fs_t:filesystem associate; 11906cd6a6acSopenharmony_ci allow sound_device_t tmpfs_t:filesystem associate; 11916cd6a6acSopenharmony_ci allow sound_device_t tmp_t:filesystem associate; 11926cd6a6acSopenharmony_ci allow sysfs_t fs_t:filesystem associate; 11936cd6a6acSopenharmony_ci allow sysfs_t noxattrfs:filesystem associate; 11946cd6a6acSopenharmony_ci typeattribute sysfs_t file_type; 11956cd6a6acSopenharmony_ci typeattribute sysfs_t mountpoint; 11966cd6a6acSopenharmony_ci typeattribute sysfs_t filesystem_type; 11976cd6a6acSopenharmony_ci allow sysfs_t self:filesystem associate; 11986cd6a6acSopenharmony_ci typeattribute urandom_device_t device_node; 11996cd6a6acSopenharmony_ci allow urandom_device_t fs_t:filesystem associate; 12006cd6a6acSopenharmony_ci allow urandom_device_t tmpfs_t:filesystem associate; 12016cd6a6acSopenharmony_ci allow urandom_device_t tmp_t:filesystem associate; 12026cd6a6acSopenharmony_ci allow usbfs_t fs_t:filesystem associate; 12036cd6a6acSopenharmony_ci allow usbfs_t noxattrfs:filesystem associate; 12046cd6a6acSopenharmony_ci typeattribute usbfs_t file_type; 12056cd6a6acSopenharmony_ci typeattribute usbfs_t mountpoint; 12066cd6a6acSopenharmony_ci typeattribute usbfs_t filesystem_type; 12076cd6a6acSopenharmony_ci allow usbfs_t self:filesystem associate; 12086cd6a6acSopenharmony_ci typeattribute usbfs_t noxattrfs; 12096cd6a6acSopenharmony_ci typeattribute usb_device_t device_node; 12106cd6a6acSopenharmony_ci allow usb_device_t fs_t:filesystem associate; 12116cd6a6acSopenharmony_ci allow usb_device_t tmpfs_t:filesystem associate; 12126cd6a6acSopenharmony_ci allow usb_device_t tmp_t:filesystem associate; 12136cd6a6acSopenharmony_ci typeattribute v4l_device_t device_node; 12146cd6a6acSopenharmony_ci allow v4l_device_t fs_t:filesystem associate; 12156cd6a6acSopenharmony_ci allow v4l_device_t tmpfs_t:filesystem associate; 12166cd6a6acSopenharmony_ci allow v4l_device_t tmp_t:filesystem associate; 12176cd6a6acSopenharmony_ci typeattribute xserver_misc_device_t device_node; 12186cd6a6acSopenharmony_ci allow xserver_misc_device_t fs_t:filesystem associate; 12196cd6a6acSopenharmony_ci allow xserver_misc_device_t tmpfs_t:filesystem associate; 12206cd6a6acSopenharmony_ci allow xserver_misc_device_t tmp_t:filesystem associate; 12216cd6a6acSopenharmony_ci typeattribute zero_device_t device_node; 12226cd6a6acSopenharmony_ci allow zero_device_t fs_t:filesystem associate; 12236cd6a6acSopenharmony_ci allow zero_device_t tmpfs_t:filesystem associate; 12246cd6a6acSopenharmony_ci allow zero_device_t tmp_t:filesystem associate; 12256cd6a6acSopenharmony_ci typeattribute zero_device_t mlstrustedobject; 12266cd6a6acSopenharmony_ci allow xconsole_device_t fs_t:filesystem associate; 12276cd6a6acSopenharmony_ci allow xconsole_device_t noxattrfs:filesystem associate; 12286cd6a6acSopenharmony_ci typeattribute xconsole_device_t file_type; 12296cd6a6acSopenharmony_ci allow xconsole_device_t tmpfs_t:filesystem associate; 12306cd6a6acSopenharmony_ci allow xconsole_device_t tmp_t:filesystem associate; 12316cd6a6acSopenharmony_ci typeattribute devfs_control_t device_node; 12326cd6a6acSopenharmony_ci allow devfs_control_t fs_t:filesystem associate; 12336cd6a6acSopenharmony_ci allow devfs_control_t tmpfs_t:filesystem associate; 12346cd6a6acSopenharmony_ci allow devfs_control_t tmp_t:filesystem associate; 12356cd6a6acSopenharmony_cineverallow domain ~domain:process { transition dyntransition }; 12366cd6a6acSopenharmony_cineverallow { domain -set_curr_context } self:process setcurrent; 12376cd6a6acSopenharmony_cineverallow { domain unlabeled_t } ~{ domain unlabeled_t }:process *; 12386cd6a6acSopenharmony_cineverallow ~{ domain unlabeled_t } *:process *; 12396cd6a6acSopenharmony_ciallow file_type self:filesystem associate; 12406cd6a6acSopenharmony_ci allow boot_t fs_t:filesystem associate; 12416cd6a6acSopenharmony_ci allow boot_t noxattrfs:filesystem associate; 12426cd6a6acSopenharmony_ci typeattribute boot_t file_type; 12436cd6a6acSopenharmony_ci allow boot_t fs_t:filesystem associate; 12446cd6a6acSopenharmony_ci allow boot_t noxattrfs:filesystem associate; 12456cd6a6acSopenharmony_ci typeattribute boot_t file_type; 12466cd6a6acSopenharmony_ci typeattribute boot_t mountpoint; 12476cd6a6acSopenharmony_ci allow default_t fs_t:filesystem associate; 12486cd6a6acSopenharmony_ci allow default_t noxattrfs:filesystem associate; 12496cd6a6acSopenharmony_ci allow etc_t fs_t:filesystem associate; 12506cd6a6acSopenharmony_ci allow etc_t noxattrfs:filesystem associate; 12516cd6a6acSopenharmony_ci allow etc_runtime_t fs_t:filesystem associate; 12526cd6a6acSopenharmony_ci allow etc_runtime_t noxattrfs:filesystem associate; 12536cd6a6acSopenharmony_ci allow file_t fs_t:filesystem associate; 12546cd6a6acSopenharmony_ci allow file_t noxattrfs:filesystem associate; 12556cd6a6acSopenharmony_ci allow kernel_t file_t:dir mounton; 12566cd6a6acSopenharmony_ci allow home_root_t fs_t:filesystem associate; 12576cd6a6acSopenharmony_ci allow home_root_t noxattrfs:filesystem associate; 12586cd6a6acSopenharmony_ci allow home_root_t fs_t:filesystem associate; 12596cd6a6acSopenharmony_ci allow home_root_t noxattrfs:filesystem associate; 12606cd6a6acSopenharmony_ci typeattribute home_root_t file_type; 12616cd6a6acSopenharmony_ci typeattribute home_root_t polyparent; 12626cd6a6acSopenharmony_ci allow lost_found_t fs_t:filesystem associate; 12636cd6a6acSopenharmony_ci allow lost_found_t noxattrfs:filesystem associate; 12646cd6a6acSopenharmony_ci allow mnt_t fs_t:filesystem associate; 12656cd6a6acSopenharmony_ci allow mnt_t noxattrfs:filesystem associate; 12666cd6a6acSopenharmony_ci allow modules_object_t fs_t:filesystem associate; 12676cd6a6acSopenharmony_ci allow modules_object_t noxattrfs:filesystem associate; 12686cd6a6acSopenharmony_ci typeattribute modules_object_t file_type; 12696cd6a6acSopenharmony_ci allow no_access_t fs_t:filesystem associate; 12706cd6a6acSopenharmony_ci allow no_access_t noxattrfs:filesystem associate; 12716cd6a6acSopenharmony_ci allow poly_t fs_t:filesystem associate; 12726cd6a6acSopenharmony_ci allow poly_t noxattrfs:filesystem associate; 12736cd6a6acSopenharmony_ci allow readable_t fs_t:filesystem associate; 12746cd6a6acSopenharmony_ci allow readable_t noxattrfs:filesystem associate; 12756cd6a6acSopenharmony_ci allow root_t fs_t:filesystem associate; 12766cd6a6acSopenharmony_ci allow root_t noxattrfs:filesystem associate; 12776cd6a6acSopenharmony_ci allow root_t fs_t:filesystem associate; 12786cd6a6acSopenharmony_ci allow root_t noxattrfs:filesystem associate; 12796cd6a6acSopenharmony_ci typeattribute root_t file_type; 12806cd6a6acSopenharmony_ci typeattribute root_t polyparent; 12816cd6a6acSopenharmony_ci allow kernel_t root_t:dir mounton; 12826cd6a6acSopenharmony_ci allow src_t fs_t:filesystem associate; 12836cd6a6acSopenharmony_ci allow src_t noxattrfs:filesystem associate; 12846cd6a6acSopenharmony_ci allow system_map_t fs_t:filesystem associate; 12856cd6a6acSopenharmony_ci allow system_map_t noxattrfs:filesystem associate; 12866cd6a6acSopenharmony_ci typeattribute system_map_t file_type; 12876cd6a6acSopenharmony_ci allow tmp_t fs_t:filesystem associate; 12886cd6a6acSopenharmony_ci allow tmp_t noxattrfs:filesystem associate; 12896cd6a6acSopenharmony_ci typeattribute tmp_t file_type; 12906cd6a6acSopenharmony_ci allow tmp_t fs_t:filesystem associate; 12916cd6a6acSopenharmony_ci allow tmp_t noxattrfs:filesystem associate; 12926cd6a6acSopenharmony_ci typeattribute tmp_t file_type; 12936cd6a6acSopenharmony_ci typeattribute tmp_t polymember; 12946cd6a6acSopenharmony_ci allow tmp_t tmpfs_t:filesystem associate; 12956cd6a6acSopenharmony_ci typeattribute tmp_t tmpfile; 12966cd6a6acSopenharmony_ci allow tmp_t tmp_t:filesystem associate; 12976cd6a6acSopenharmony_ci allow tmp_t fs_t:filesystem associate; 12986cd6a6acSopenharmony_ci allow tmp_t noxattrfs:filesystem associate; 12996cd6a6acSopenharmony_ci typeattribute tmp_t file_type; 13006cd6a6acSopenharmony_ci typeattribute tmp_t polyparent; 13016cd6a6acSopenharmony_ci allow usr_t fs_t:filesystem associate; 13026cd6a6acSopenharmony_ci allow usr_t noxattrfs:filesystem associate; 13036cd6a6acSopenharmony_ci allow var_t fs_t:filesystem associate; 13046cd6a6acSopenharmony_ci allow var_t noxattrfs:filesystem associate; 13056cd6a6acSopenharmony_ci allow var_lib_t fs_t:filesystem associate; 13066cd6a6acSopenharmony_ci allow var_lib_t noxattrfs:filesystem associate; 13076cd6a6acSopenharmony_ci allow var_lock_t fs_t:filesystem associate; 13086cd6a6acSopenharmony_ci allow var_lock_t noxattrfs:filesystem associate; 13096cd6a6acSopenharmony_ci allow var_run_t fs_t:filesystem associate; 13106cd6a6acSopenharmony_ci allow var_run_t noxattrfs:filesystem associate; 13116cd6a6acSopenharmony_ci allow var_spool_t fs_t:filesystem associate; 13126cd6a6acSopenharmony_ci allow var_spool_t noxattrfs:filesystem associate; 13136cd6a6acSopenharmony_ci typeattribute var_spool_t file_type; 13146cd6a6acSopenharmony_ci allow var_spool_t fs_t:filesystem associate; 13156cd6a6acSopenharmony_ci allow var_spool_t noxattrfs:filesystem associate; 13166cd6a6acSopenharmony_ci typeattribute var_spool_t file_type; 13176cd6a6acSopenharmony_ci typeattribute var_spool_t polymember; 13186cd6a6acSopenharmony_ci allow var_spool_t tmpfs_t:filesystem associate; 13196cd6a6acSopenharmony_ci typeattribute var_spool_t tmpfile; 13206cd6a6acSopenharmony_ci allow var_spool_t tmp_t:filesystem associate; 13216cd6a6acSopenharmony_ci typeattribute fs_t filesystem_type; 13226cd6a6acSopenharmony_ci allow fs_t self:filesystem associate; 13236cd6a6acSopenharmony_ci typeattribute bdev_t filesystem_type; 13246cd6a6acSopenharmony_ci allow bdev_t self:filesystem associate; 13256cd6a6acSopenharmony_ci typeattribute binfmt_misc_fs_t filesystem_type; 13266cd6a6acSopenharmony_ci allow binfmt_misc_fs_t self:filesystem associate; 13276cd6a6acSopenharmony_ci allow binfmt_misc_fs_t fs_t:filesystem associate; 13286cd6a6acSopenharmony_ci allow binfmt_misc_fs_t noxattrfs:filesystem associate; 13296cd6a6acSopenharmony_ci typeattribute binfmt_misc_fs_t file_type; 13306cd6a6acSopenharmony_ci typeattribute binfmt_misc_fs_t mountpoint; 13316cd6a6acSopenharmony_ci typeattribute capifs_t filesystem_type; 13326cd6a6acSopenharmony_ci allow capifs_t self:filesystem associate; 13336cd6a6acSopenharmony_ci typeattribute configfs_t filesystem_type; 13346cd6a6acSopenharmony_ci allow configfs_t self:filesystem associate; 13356cd6a6acSopenharmony_ci typeattribute eventpollfs_t filesystem_type; 13366cd6a6acSopenharmony_ci allow eventpollfs_t self:filesystem associate; 13376cd6a6acSopenharmony_ci typeattribute futexfs_t filesystem_type; 13386cd6a6acSopenharmony_ci allow futexfs_t self:filesystem associate; 13396cd6a6acSopenharmony_ci typeattribute hugetlbfs_t filesystem_type; 13406cd6a6acSopenharmony_ci allow hugetlbfs_t self:filesystem associate; 13416cd6a6acSopenharmony_ci allow hugetlbfs_t fs_t:filesystem associate; 13426cd6a6acSopenharmony_ci allow hugetlbfs_t noxattrfs:filesystem associate; 13436cd6a6acSopenharmony_ci typeattribute hugetlbfs_t file_type; 13446cd6a6acSopenharmony_ci typeattribute hugetlbfs_t mountpoint; 13456cd6a6acSopenharmony_ci typeattribute inotifyfs_t filesystem_type; 13466cd6a6acSopenharmony_ci allow inotifyfs_t self:filesystem associate; 13476cd6a6acSopenharmony_ci typeattribute nfsd_fs_t filesystem_type; 13486cd6a6acSopenharmony_ci allow nfsd_fs_t self:filesystem associate; 13496cd6a6acSopenharmony_ci typeattribute ramfs_t filesystem_type; 13506cd6a6acSopenharmony_ci allow ramfs_t self:filesystem associate; 13516cd6a6acSopenharmony_ci typeattribute romfs_t filesystem_type; 13526cd6a6acSopenharmony_ci allow romfs_t self:filesystem associate; 13536cd6a6acSopenharmony_ci typeattribute rpc_pipefs_t filesystem_type; 13546cd6a6acSopenharmony_ci allow rpc_pipefs_t self:filesystem associate; 13556cd6a6acSopenharmony_ci typeattribute tmpfs_t filesystem_type; 13566cd6a6acSopenharmony_ci allow tmpfs_t self:filesystem associate; 13576cd6a6acSopenharmony_ci allow tmpfs_t fs_t:filesystem associate; 13586cd6a6acSopenharmony_ci allow tmpfs_t noxattrfs:filesystem associate; 13596cd6a6acSopenharmony_ci typeattribute tmpfs_t file_type; 13606cd6a6acSopenharmony_ci allow tmpfs_t fs_t:filesystem associate; 13616cd6a6acSopenharmony_ci allow tmpfs_t noxattrfs:filesystem associate; 13626cd6a6acSopenharmony_ci typeattribute tmpfs_t file_type; 13636cd6a6acSopenharmony_ci typeattribute tmpfs_t mountpoint; 13646cd6a6acSopenharmony_ciallow tmpfs_t noxattrfs:filesystem associate; 13656cd6a6acSopenharmony_ci typeattribute autofs_t filesystem_type; 13666cd6a6acSopenharmony_ci allow autofs_t self:filesystem associate; 13676cd6a6acSopenharmony_ci allow autofs_t fs_t:filesystem associate; 13686cd6a6acSopenharmony_ci allow autofs_t noxattrfs:filesystem associate; 13696cd6a6acSopenharmony_ci typeattribute autofs_t file_type; 13706cd6a6acSopenharmony_ci typeattribute autofs_t mountpoint; 13716cd6a6acSopenharmony_ci typeattribute cifs_t filesystem_type; 13726cd6a6acSopenharmony_ci allow cifs_t self:filesystem associate; 13736cd6a6acSopenharmony_ci typeattribute dosfs_t filesystem_type; 13746cd6a6acSopenharmony_ci allow dosfs_t self:filesystem associate; 13756cd6a6acSopenharmony_ciallow dosfs_t fs_t:filesystem associate; 13766cd6a6acSopenharmony_ci typeattribute iso9660_t filesystem_type; 13776cd6a6acSopenharmony_ci allow iso9660_t self:filesystem associate; 13786cd6a6acSopenharmony_ciallow removable_t noxattrfs:filesystem associate; 13796cd6a6acSopenharmony_ci typeattribute removable_t filesystem_type; 13806cd6a6acSopenharmony_ci allow removable_t self:filesystem associate; 13816cd6a6acSopenharmony_ci allow removable_t fs_t:filesystem associate; 13826cd6a6acSopenharmony_ci allow removable_t noxattrfs:filesystem associate; 13836cd6a6acSopenharmony_ci typeattribute removable_t file_type; 13846cd6a6acSopenharmony_ci typeattribute removable_t usercanread; 13856cd6a6acSopenharmony_ci typeattribute nfs_t filesystem_type; 13866cd6a6acSopenharmony_ci allow nfs_t self:filesystem associate; 13876cd6a6acSopenharmony_ci allow nfs_t fs_t:filesystem associate; 13886cd6a6acSopenharmony_ci allow nfs_t noxattrfs:filesystem associate; 13896cd6a6acSopenharmony_ci typeattribute nfs_t file_type; 13906cd6a6acSopenharmony_ci typeattribute nfs_t mountpoint; 13916cd6a6acSopenharmony_cineverallow ~can_load_kernmodule self:capability sys_module; 13926cd6a6acSopenharmony_cirole system_r; 13936cd6a6acSopenharmony_cirole sysadm_r; 13946cd6a6acSopenharmony_cirole staff_r; 13956cd6a6acSopenharmony_cirole user_r; 13966cd6a6acSopenharmony_cirole secadm_r; 13976cd6a6acSopenharmony_ci typeattribute kernel_t domain; 13986cd6a6acSopenharmony_ci allow kernel_t self:dir { read getattr lock search ioctl }; 13996cd6a6acSopenharmony_ci allow kernel_t self:lnk_file { read getattr lock ioctl }; 14006cd6a6acSopenharmony_ci allow kernel_t self:file { getattr read write append ioctl lock }; 14016cd6a6acSopenharmony_ci allow kernel_t self:process { fork sigchld }; 14026cd6a6acSopenharmony_ci role secadm_r types kernel_t; 14036cd6a6acSopenharmony_ci role sysadm_r types kernel_t; 14046cd6a6acSopenharmony_ci role user_r types kernel_t; 14056cd6a6acSopenharmony_ci role staff_r types kernel_t; 14066cd6a6acSopenharmony_ci typeattribute kernel_t privrangetrans; 14076cd6a6acSopenharmony_cirole system_r types kernel_t; 14086cd6a6acSopenharmony_ci typeattribute debugfs_t filesystem_type; 14096cd6a6acSopenharmony_ci allow debugfs_t self:filesystem associate; 14106cd6a6acSopenharmony_ciallow debugfs_t self:filesystem associate; 14116cd6a6acSopenharmony_ci allow proc_t fs_t:filesystem associate; 14126cd6a6acSopenharmony_ci allow proc_t noxattrfs:filesystem associate; 14136cd6a6acSopenharmony_ci typeattribute proc_t file_type; 14146cd6a6acSopenharmony_ci typeattribute proc_t mountpoint; 14156cd6a6acSopenharmony_ci typeattribute proc_t filesystem_type; 14166cd6a6acSopenharmony_ci allow proc_t self:filesystem associate; 14176cd6a6acSopenharmony_cineverallow ~can_receive_kernel_messages proc_kmsg_t:file ~getattr; 14186cd6a6acSopenharmony_cineverallow { domain -kern_unconfined } proc_kcore_t:file ~getattr; 14196cd6a6acSopenharmony_ci allow sysctl_t fs_t:filesystem associate; 14206cd6a6acSopenharmony_ci allow sysctl_t noxattrfs:filesystem associate; 14216cd6a6acSopenharmony_ci typeattribute sysctl_t file_type; 14226cd6a6acSopenharmony_ci typeattribute sysctl_t mountpoint; 14236cd6a6acSopenharmony_ci allow sysctl_fs_t fs_t:filesystem associate; 14246cd6a6acSopenharmony_ci allow sysctl_fs_t noxattrfs:filesystem associate; 14256cd6a6acSopenharmony_ci typeattribute sysctl_fs_t file_type; 14266cd6a6acSopenharmony_ci typeattribute sysctl_fs_t mountpoint; 14276cd6a6acSopenharmony_ciallow kernel_t self:capability *; 14286cd6a6acSopenharmony_ciallow kernel_t unlabeled_t:dir mounton; 14296cd6a6acSopenharmony_ciallow kernel_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap }; 14306cd6a6acSopenharmony_ciallow kernel_t self:shm { associate getattr setattr create destroy read write lock unix_read unix_write }; 14316cd6a6acSopenharmony_ciallow kernel_t self:sem { associate getattr setattr create destroy read write unix_read unix_write }; 14326cd6a6acSopenharmony_ciallow kernel_t self:msg { send receive }; 14336cd6a6acSopenharmony_ciallow kernel_t self:msgq { associate getattr setattr create destroy read write enqueue unix_read unix_write }; 14346cd6a6acSopenharmony_ciallow kernel_t self:unix_dgram_socket { create { ioctl read getattr write setattr append bind connect getopt setopt shutdown } }; 14356cd6a6acSopenharmony_ciallow kernel_t self:unix_stream_socket { { create { ioctl read getattr write setattr append bind connect getopt setopt shutdown } } listen accept }; 14366cd6a6acSopenharmony_ciallow kernel_t self:unix_dgram_socket sendto; 14376cd6a6acSopenharmony_ciallow kernel_t self:unix_stream_socket connectto; 14386cd6a6acSopenharmony_ciallow kernel_t self:fifo_file { getattr read write append ioctl lock }; 14396cd6a6acSopenharmony_ciallow kernel_t self:sock_file { read getattr lock ioctl }; 14406cd6a6acSopenharmony_ciallow kernel_t self:fd use; 14416cd6a6acSopenharmony_ciallow kernel_t proc_t:dir { read getattr lock search ioctl }; 14426cd6a6acSopenharmony_ciallow kernel_t proc_t:{ lnk_file file } { read getattr lock ioctl }; 14436cd6a6acSopenharmony_ciallow kernel_t proc_net_t:dir { read getattr lock search ioctl }; 14446cd6a6acSopenharmony_ciallow kernel_t proc_net_t:file { read getattr lock ioctl }; 14456cd6a6acSopenharmony_ciallow kernel_t proc_mdstat_t:file { read getattr lock ioctl }; 14466cd6a6acSopenharmony_ciallow kernel_t proc_kcore_t:file getattr; 14476cd6a6acSopenharmony_ciallow kernel_t proc_kmsg_t:file getattr; 14486cd6a6acSopenharmony_ciallow kernel_t sysctl_t:dir { read getattr lock search ioctl }; 14496cd6a6acSopenharmony_ciallow kernel_t sysctl_kernel_t:dir { read getattr lock search ioctl }; 14506cd6a6acSopenharmony_ciallow kernel_t sysctl_kernel_t:file { read getattr lock ioctl }; 14516cd6a6acSopenharmony_ciallow kernel_t unlabeled_t:fifo_file { getattr read write append ioctl lock }; 14526cd6a6acSopenharmony_ci allow kernel_t unlabeled_t:association { sendto recvfrom }; 14536cd6a6acSopenharmony_ci allow kernel_t netif_type:netif rawip_send; 14546cd6a6acSopenharmony_ci allow kernel_t netif_type:netif rawip_recv; 14556cd6a6acSopenharmony_ci allow kernel_t node_type:node rawip_send; 14566cd6a6acSopenharmony_ci allow kernel_t node_type:node rawip_recv; 14576cd6a6acSopenharmony_ci allow kernel_t netif_t:netif rawip_send; 14586cd6a6acSopenharmony_ci allow kernel_t netif_type:netif { tcp_send tcp_recv }; 14596cd6a6acSopenharmony_ci allow kernel_t node_type:node { tcp_send tcp_recv }; 14606cd6a6acSopenharmony_ci allow kernel_t node_t:node rawip_send; 14616cd6a6acSopenharmony_ci allow kernel_t multicast_node_t:node rawip_send; 14626cd6a6acSopenharmony_ci allow kernel_t sysfs_t:dir { read getattr lock search ioctl }; 14636cd6a6acSopenharmony_ci allow kernel_t sysfs_t:{ file lnk_file } { read getattr lock ioctl }; 14646cd6a6acSopenharmony_ci allow kernel_t usbfs_t:dir search; 14656cd6a6acSopenharmony_ci allow kernel_t filesystem_type:filesystem mount; 14666cd6a6acSopenharmony_ci allow kernel_t security_t:dir { read search getattr }; 14676cd6a6acSopenharmony_ci allow kernel_t security_t:file { getattr read write }; 14686cd6a6acSopenharmony_ci typeattribute kernel_t can_load_policy; 14696cd6a6acSopenharmony_ci if(!secure_mode_policyload) { 14706cd6a6acSopenharmony_ci allow kernel_t security_t:security load_policy; 14716cd6a6acSopenharmony_ci auditallow kernel_t security_t:security load_policy; 14726cd6a6acSopenharmony_ci } 14736cd6a6acSopenharmony_ci allow kernel_t device_t:dir { read getattr lock search ioctl }; 14746cd6a6acSopenharmony_ci allow kernel_t device_t:lnk_file { getattr read }; 14756cd6a6acSopenharmony_ci allow kernel_t console_device_t:chr_file { getattr read write append ioctl lock }; 14766cd6a6acSopenharmony_ci allow kernel_t bin_t:dir { read getattr lock search ioctl }; 14776cd6a6acSopenharmony_ci allow kernel_t bin_t:lnk_file { read getattr lock ioctl }; 14786cd6a6acSopenharmony_ci allow kernel_t shell_exec_t:file { { read getattr lock execute ioctl } execute_no_trans }; 14796cd6a6acSopenharmony_ci allow kernel_t sbin_t:dir { read getattr lock search ioctl }; 14806cd6a6acSopenharmony_ci allow kernel_t bin_t:dir { read getattr lock search ioctl }; 14816cd6a6acSopenharmony_ci allow kernel_t bin_t:lnk_file { read getattr lock ioctl }; 14826cd6a6acSopenharmony_ci allow kernel_t bin_t:file { { read getattr lock execute ioctl } execute_no_trans }; 14836cd6a6acSopenharmony_ci allow kernel_t domain:process signal; 14846cd6a6acSopenharmony_ci allow kernel_t proc_t:dir search; 14856cd6a6acSopenharmony_ci allow kernel_t domain:dir search; 14866cd6a6acSopenharmony_ci allow kernel_t root_t:dir { read getattr lock search ioctl }; 14876cd6a6acSopenharmony_ci allow kernel_t root_t:lnk_file { read getattr lock ioctl }; 14886cd6a6acSopenharmony_ci allow kernel_t etc_t:dir { read getattr lock search ioctl }; 14896cd6a6acSopenharmony_ci allow kernel_t home_root_t:dir { read getattr lock search ioctl }; 14906cd6a6acSopenharmony_ci allow kernel_t usr_t:dir { read getattr lock search ioctl }; 14916cd6a6acSopenharmony_ci allow kernel_t usr_t:{ file lnk_file } { read getattr lock ioctl }; 14926cd6a6acSopenharmony_ci typeattribute kernel_t mlsprocread; 14936cd6a6acSopenharmony_ci typeattribute kernel_t mlsprocwrite; 14946cd6a6acSopenharmony_ci allow kernel_t self:capability *; 14956cd6a6acSopenharmony_ci allow kernel_t self:fifo_file { create ioctl read getattr lock write setattr append link unlink rename }; 14966cd6a6acSopenharmony_ci allow kernel_t self:process transition; 14976cd6a6acSopenharmony_ci allow kernel_t self:file { getattr read write append ioctl lock }; 14986cd6a6acSopenharmony_ci allow kernel_t self:nscd *; 14996cd6a6acSopenharmony_ci allow kernel_t self:dbus *; 15006cd6a6acSopenharmony_ci allow kernel_t self:passwd *; 15016cd6a6acSopenharmony_ci allow kernel_t proc_type:{ dir file } *; 15026cd6a6acSopenharmony_ci allow kernel_t sysctl_t:{ dir file } *; 15036cd6a6acSopenharmony_ci allow kernel_t kernel_t:system *; 15046cd6a6acSopenharmony_ci allow kernel_t unlabeled_t:{ dir file lnk_file sock_file fifo_file chr_file blk_file } *; 15056cd6a6acSopenharmony_ci allow kernel_t unlabeled_t:filesystem *; 15066cd6a6acSopenharmony_ci allow kernel_t unlabeled_t:association *; 15076cd6a6acSopenharmony_ci typeattribute kernel_t can_load_kernmodule, can_receive_kernel_messages; 15086cd6a6acSopenharmony_ci typeattribute kernel_t kern_unconfined; 15096cd6a6acSopenharmony_ci allow kernel_t { proc_t proc_net_t }:dir search; 15106cd6a6acSopenharmony_ci allow kernel_t sysctl_type:dir { read getattr lock search ioctl }; 15116cd6a6acSopenharmony_ci allow kernel_t sysctl_type:file { { getattr read write append ioctl lock } setattr }; 15126cd6a6acSopenharmony_ci allow kernel_t node_type:node *; 15136cd6a6acSopenharmony_ci allow kernel_t netif_type:netif *; 15146cd6a6acSopenharmony_ci allow kernel_t port_type:tcp_socket { send_msg recv_msg name_connect }; 15156cd6a6acSopenharmony_ci allow kernel_t port_type:udp_socket { send_msg recv_msg }; 15166cd6a6acSopenharmony_ci allow kernel_t port_type:{ tcp_socket udp_socket rawip_socket } name_bind; 15176cd6a6acSopenharmony_ci allow kernel_t node_type:{ tcp_socket udp_socket rawip_socket } node_bind; 15186cd6a6acSopenharmony_ci allow kernel_t unlabeled_t:association { sendto recvfrom }; 15196cd6a6acSopenharmony_ci allow kernel_t device_node:{ chr_file blk_file } *; 15206cd6a6acSopenharmony_ci allow kernel_t mtrr_device_t:{ dir file } *; 15216cd6a6acSopenharmony_ci allow kernel_t self:capability sys_rawio; 15226cd6a6acSopenharmony_ci typeattribute kernel_t memory_raw_write, memory_raw_read; 15236cd6a6acSopenharmony_ci typeattribute kernel_t unconfined_domain_type; 15246cd6a6acSopenharmony_ci typeattribute kernel_t can_change_process_identity; 15256cd6a6acSopenharmony_ci typeattribute kernel_t can_change_process_role; 15266cd6a6acSopenharmony_ci typeattribute kernel_t can_change_object_identity; 15276cd6a6acSopenharmony_ci typeattribute kernel_t set_curr_context; 15286cd6a6acSopenharmony_ci allow kernel_t domain:{ { tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket netlink_kobject_uevent_socket } socket key_socket } *; 15296cd6a6acSopenharmony_ci allow kernel_t domain:fd use; 15306cd6a6acSopenharmony_ci allow kernel_t domain:fifo_file { getattr read write append ioctl lock }; 15316cd6a6acSopenharmony_ci allow kernel_t domain:process ~{ transition dyntransition execmem execstack execheap }; 15326cd6a6acSopenharmony_ci allow kernel_t domain:{ sem msgq shm } *; 15336cd6a6acSopenharmony_ci allow kernel_t domain:msg { send receive }; 15346cd6a6acSopenharmony_ci allow kernel_t domain:dir { read getattr lock search ioctl }; 15356cd6a6acSopenharmony_ci allow kernel_t domain:file { read getattr lock ioctl }; 15366cd6a6acSopenharmony_ci allow kernel_t domain:lnk_file { read getattr lock ioctl }; 15376cd6a6acSopenharmony_ci dontaudit kernel_t domain:dir { read getattr lock search ioctl }; 15386cd6a6acSopenharmony_ci dontaudit kernel_t domain:lnk_file { read getattr lock ioctl }; 15396cd6a6acSopenharmony_ci dontaudit kernel_t domain:file { read getattr lock ioctl }; 15406cd6a6acSopenharmony_ci dontaudit kernel_t domain:sock_file { read getattr lock ioctl }; 15416cd6a6acSopenharmony_ci dontaudit kernel_t domain:fifo_file { read getattr lock ioctl }; 15426cd6a6acSopenharmony_ci allow kernel_t file_type:{ file chr_file } ~execmod; 15436cd6a6acSopenharmony_ci allow kernel_t file_type:{ dir lnk_file sock_file fifo_file blk_file } *; 15446cd6a6acSopenharmony_ci allow kernel_t file_type:filesystem *; 15456cd6a6acSopenharmony_ci allow kernel_t file_type:{ unix_stream_socket unix_dgram_socket } name_bind; 15466cd6a6acSopenharmony_ci if (allow_execmod) { 15476cd6a6acSopenharmony_ci allow kernel_t file_type:file execmod; 15486cd6a6acSopenharmony_ci } 15496cd6a6acSopenharmony_ci allow kernel_t filesystem_type:filesystem *; 15506cd6a6acSopenharmony_ci allow kernel_t filesystem_type:{ dir file lnk_file sock_file fifo_file chr_file blk_file } *; 15516cd6a6acSopenharmony_ci allow kernel_t security_t:dir { getattr search read }; 15526cd6a6acSopenharmony_ci allow kernel_t security_t:file { getattr read write }; 15536cd6a6acSopenharmony_ci typeattribute kernel_t can_load_policy, can_setenforce, can_setsecparam; 15546cd6a6acSopenharmony_ci if(!secure_mode_policyload) { 15556cd6a6acSopenharmony_ci allow kernel_t security_t:security *; 15566cd6a6acSopenharmony_ci auditallow kernel_t security_t:security { load_policy setenforce setbool }; 15576cd6a6acSopenharmony_ci } 15586cd6a6acSopenharmony_ci if (allow_execheap) { 15596cd6a6acSopenharmony_ci allow kernel_t self:process execheap; 15606cd6a6acSopenharmony_ci } 15616cd6a6acSopenharmony_ci if (allow_execmem) { 15626cd6a6acSopenharmony_ci allow kernel_t self:process execmem; 15636cd6a6acSopenharmony_ci } 15646cd6a6acSopenharmony_ci if (allow_execmem && allow_execstack) { 15656cd6a6acSopenharmony_ci allow kernel_t self:process execstack; 15666cd6a6acSopenharmony_ci auditallow kernel_t self:process execstack; 15676cd6a6acSopenharmony_ci } else { 15686cd6a6acSopenharmony_ci } 15696cd6a6acSopenharmony_ci if (allow_execheap) { 15706cd6a6acSopenharmony_ci auditallow kernel_t self:process execheap; 15716cd6a6acSopenharmony_ci } 15726cd6a6acSopenharmony_ci if (allow_execmem) { 15736cd6a6acSopenharmony_ci auditallow kernel_t self:process execmem; 15746cd6a6acSopenharmony_ci } 15756cd6a6acSopenharmony_ci if (read_default_t) { 15766cd6a6acSopenharmony_ci allow kernel_t default_t:dir { read getattr lock search ioctl }; 15776cd6a6acSopenharmony_ci allow kernel_t default_t:file { read getattr lock ioctl }; 15786cd6a6acSopenharmony_ci allow kernel_t default_t:lnk_file { read getattr lock ioctl }; 15796cd6a6acSopenharmony_ci allow kernel_t default_t:sock_file { read getattr lock ioctl }; 15806cd6a6acSopenharmony_ci allow kernel_t default_t:fifo_file { read getattr lock ioctl }; 15816cd6a6acSopenharmony_ci } 15826cd6a6acSopenharmony_ci allow unlabeled_t self:filesystem associate; 15836cd6a6acSopenharmony_cirange_transition getty_t login_exec_t s0 - s0:c0.c255; 15846cd6a6acSopenharmony_cirange_transition init_t xdm_exec_t s0 - s0:c0.c255; 15856cd6a6acSopenharmony_cirange_transition initrc_t crond_exec_t s0 - s0:c0.c255; 15866cd6a6acSopenharmony_cirange_transition initrc_t cupsd_exec_t s0 - s0:c0.c255; 15876cd6a6acSopenharmony_cirange_transition initrc_t sshd_exec_t s0 - s0:c0.c255; 15886cd6a6acSopenharmony_cirange_transition initrc_t udev_exec_t s0 - s0:c0.c255; 15896cd6a6acSopenharmony_cirange_transition initrc_t xdm_exec_t s0 - s0:c0.c255; 15906cd6a6acSopenharmony_cirange_transition kernel_t udev_exec_t s0 - s0:c0.c255; 15916cd6a6acSopenharmony_cirange_transition unconfined_t su_exec_t s0 - s0:c0.c255; 15926cd6a6acSopenharmony_cirange_transition unconfined_t initrc_exec_t s0; 15936cd6a6acSopenharmony_ci typeattribute security_t filesystem_type; 15946cd6a6acSopenharmony_ci allow security_t self:filesystem associate; 15956cd6a6acSopenharmony_ci typeattribute security_t mlstrustedobject; 15966cd6a6acSopenharmony_cineverallow ~can_load_policy security_t:security load_policy; 15976cd6a6acSopenharmony_cineverallow ~can_setenforce security_t:security setenforce; 15986cd6a6acSopenharmony_cineverallow ~can_setsecparam security_t:security setsecparam; 15996cd6a6acSopenharmony_ci typeattribute bsdpty_device_t device_node; 16006cd6a6acSopenharmony_ci allow bsdpty_device_t fs_t:filesystem associate; 16016cd6a6acSopenharmony_ci allow bsdpty_device_t tmpfs_t:filesystem associate; 16026cd6a6acSopenharmony_ci allow bsdpty_device_t tmp_t:filesystem associate; 16036cd6a6acSopenharmony_ci typeattribute console_device_t device_node; 16046cd6a6acSopenharmony_ci allow console_device_t fs_t:filesystem associate; 16056cd6a6acSopenharmony_ci allow console_device_t tmpfs_t:filesystem associate; 16066cd6a6acSopenharmony_ci allow console_device_t tmp_t:filesystem associate; 16076cd6a6acSopenharmony_ci allow devpts_t fs_t:filesystem associate; 16086cd6a6acSopenharmony_ci allow devpts_t noxattrfs:filesystem associate; 16096cd6a6acSopenharmony_ci typeattribute devpts_t file_type; 16106cd6a6acSopenharmony_ci typeattribute devpts_t mountpoint; 16116cd6a6acSopenharmony_ci allow devpts_t tmpfs_t:filesystem associate; 16126cd6a6acSopenharmony_ci allow devpts_t tmp_t:filesystem associate; 16136cd6a6acSopenharmony_ci typeattribute devpts_t filesystem_type; 16146cd6a6acSopenharmony_ci allow devpts_t self:filesystem associate; 16156cd6a6acSopenharmony_ci typeattribute devpts_t ttynode, ptynode; 16166cd6a6acSopenharmony_ci typeattribute devtty_t device_node; 16176cd6a6acSopenharmony_ci allow devtty_t fs_t:filesystem associate; 16186cd6a6acSopenharmony_ci allow devtty_t tmpfs_t:filesystem associate; 16196cd6a6acSopenharmony_ci allow devtty_t tmp_t:filesystem associate; 16206cd6a6acSopenharmony_ci typeattribute devtty_t mlstrustedobject; 16216cd6a6acSopenharmony_ci typeattribute ptmx_t device_node; 16226cd6a6acSopenharmony_ci allow ptmx_t fs_t:filesystem associate; 16236cd6a6acSopenharmony_ci allow ptmx_t tmpfs_t:filesystem associate; 16246cd6a6acSopenharmony_ci allow ptmx_t tmp_t:filesystem associate; 16256cd6a6acSopenharmony_ci typeattribute ptmx_t mlstrustedobject; 16266cd6a6acSopenharmony_ci typeattribute tty_device_t device_node; 16276cd6a6acSopenharmony_ci allow tty_device_t fs_t:filesystem associate; 16286cd6a6acSopenharmony_ci allow tty_device_t tmpfs_t:filesystem associate; 16296cd6a6acSopenharmony_ci allow tty_device_t tmp_t:filesystem associate; 16306cd6a6acSopenharmony_ci typeattribute tty_device_t ttynode; 16316cd6a6acSopenharmony_ci typeattribute usbtty_device_t device_node; 16326cd6a6acSopenharmony_ci allow usbtty_device_t fs_t:filesystem associate; 16336cd6a6acSopenharmony_ci allow usbtty_device_t tmpfs_t:filesystem associate; 16346cd6a6acSopenharmony_ci allow usbtty_device_t tmp_t:filesystem associate; 16356cd6a6acSopenharmony_ciuser system_u roles { system_r } level s0 range s0 - s0:c0.c255; 16366cd6a6acSopenharmony_ciuser user_u roles { user_r sysadm_r system_r } level s0 range s0 - s0:c0.c255; 16376cd6a6acSopenharmony_ci user root roles { user_r sysadm_r system_r } level s0 range s0 - s0:c0.c255; 16386cd6a6acSopenharmony_ciconstrain process transition 16396cd6a6acSopenharmony_ci ( u1 == u2 16406cd6a6acSopenharmony_ci or t1 == can_change_process_identity 16416cd6a6acSopenharmony_ci); 16426cd6a6acSopenharmony_ciconstrain process transition 16436cd6a6acSopenharmony_ci ( r1 == r2 16446cd6a6acSopenharmony_ci or t1 == can_change_process_role 16456cd6a6acSopenharmony_ci); 16466cd6a6acSopenharmony_ciconstrain process dyntransition 16476cd6a6acSopenharmony_ci ( u1 == u2 and r1 == r2 ); 16486cd6a6acSopenharmony_ciconstrain { dir file lnk_file sock_file fifo_file chr_file blk_file } { create relabelto relabelfrom } 16496cd6a6acSopenharmony_ci ( u1 == u2 or t1 == can_change_object_identity ); 16506cd6a6acSopenharmony_ciconstrain { tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket netlink_kobject_uevent_socket } { create relabelto relabelfrom } 16516cd6a6acSopenharmony_ci ( u1 == u2 or t1 == can_change_object_identity ); 16526cd6a6acSopenharmony_cisid port system_u:object_r:port_t:s0 16536cd6a6acSopenharmony_cisid node system_u:object_r:node_t:s0 16546cd6a6acSopenharmony_cisid netif system_u:object_r:netif_t:s0 16556cd6a6acSopenharmony_cisid devnull system_u:object_r:null_device_t:s0 16566cd6a6acSopenharmony_cisid file system_u:object_r:file_t:s0 16576cd6a6acSopenharmony_cisid fs system_u:object_r:fs_t:s0 16586cd6a6acSopenharmony_cisid kernel system_u:system_r:kernel_t:s0 16596cd6a6acSopenharmony_cisid sysctl system_u:object_r:sysctl_t:s0 16606cd6a6acSopenharmony_cisid unlabeled system_u:object_r:unlabeled_t:s0 16616cd6a6acSopenharmony_cisid any_socket system_u:object_r:unlabeled_t:s0 16626cd6a6acSopenharmony_cisid file_labels system_u:object_r:unlabeled_t:s0 16636cd6a6acSopenharmony_cisid icmp_socket system_u:object_r:unlabeled_t:s0 16646cd6a6acSopenharmony_cisid igmp_packet system_u:object_r:unlabeled_t:s0 16656cd6a6acSopenharmony_cisid init system_u:object_r:unlabeled_t:s0 16666cd6a6acSopenharmony_cisid kmod system_u:object_r:unlabeled_t:s0 16676cd6a6acSopenharmony_cisid netmsg system_u:object_r:unlabeled_t:s0 16686cd6a6acSopenharmony_cisid policy system_u:object_r:unlabeled_t:s0 16696cd6a6acSopenharmony_cisid scmp_packet system_u:object_r:unlabeled_t:s0 16706cd6a6acSopenharmony_cisid sysctl_modprobe system_u:object_r:unlabeled_t:s0 16716cd6a6acSopenharmony_cisid sysctl_fs system_u:object_r:unlabeled_t:s0 16726cd6a6acSopenharmony_cisid sysctl_kernel system_u:object_r:unlabeled_t:s0 16736cd6a6acSopenharmony_cisid sysctl_net system_u:object_r:unlabeled_t:s0 16746cd6a6acSopenharmony_cisid sysctl_net_unix system_u:object_r:unlabeled_t:s0 16756cd6a6acSopenharmony_cisid sysctl_vm system_u:object_r:unlabeled_t:s0 16766cd6a6acSopenharmony_cisid sysctl_dev system_u:object_r:unlabeled_t:s0 16776cd6a6acSopenharmony_cisid tcp_socket system_u:object_r:unlabeled_t:s0 16786cd6a6acSopenharmony_cisid security system_u:object_r:security_t:s0 16796cd6a6acSopenharmony_cifs_use_xattr ext2 system_u:object_r:fs_t:s0; 16806cd6a6acSopenharmony_cifs_use_xattr ext3 system_u:object_r:fs_t:s0; 16816cd6a6acSopenharmony_cifs_use_xattr gfs system_u:object_r:fs_t:s0; 16826cd6a6acSopenharmony_cifs_use_xattr jfs system_u:object_r:fs_t:s0; 16836cd6a6acSopenharmony_cifs_use_xattr reiserfs system_u:object_r:fs_t:s0; 16846cd6a6acSopenharmony_cifs_use_xattr xfs system_u:object_r:fs_t:s0; 16856cd6a6acSopenharmony_cifs_use_task pipefs system_u:object_r:fs_t:s0; 16866cd6a6acSopenharmony_cifs_use_task sockfs system_u:object_r:fs_t:s0; 16876cd6a6acSopenharmony_cifs_use_trans mqueue system_u:object_r:tmpfs_t:s0; 16886cd6a6acSopenharmony_cifs_use_trans shm system_u:object_r:tmpfs_t:s0; 16896cd6a6acSopenharmony_cifs_use_trans tmpfs system_u:object_r:tmpfs_t:s0; 16906cd6a6acSopenharmony_cifs_use_trans devpts system_u:object_r:devpts_t:s0; 16916cd6a6acSopenharmony_cigenfscon proc /mtrr system_u:object_r:mtrr_device_t:s0 16926cd6a6acSopenharmony_cigenfscon sysfs / system_u:object_r:sysfs_t:s0 16936cd6a6acSopenharmony_cigenfscon usbfs / system_u:object_r:usbfs_t:s0 16946cd6a6acSopenharmony_cigenfscon usbdevfs / system_u:object_r:usbfs_t:s0 16956cd6a6acSopenharmony_cigenfscon rootfs / system_u:object_r:root_t:s0 16966cd6a6acSopenharmony_cigenfscon bdev / system_u:object_r:bdev_t:s0 16976cd6a6acSopenharmony_cigenfscon binfmt_misc / system_u:object_r:binfmt_misc_fs_t:s0 16986cd6a6acSopenharmony_cigenfscon capifs / system_u:object_r:capifs_t:s0 16996cd6a6acSopenharmony_cigenfscon configfs / system_u:object_r:configfs_t:s0 17006cd6a6acSopenharmony_cigenfscon eventpollfs / system_u:object_r:eventpollfs_t:s0 17016cd6a6acSopenharmony_cigenfscon futexfs / system_u:object_r:futexfs_t:s0 17026cd6a6acSopenharmony_cigenfscon hugetlbfs / system_u:object_r:hugetlbfs_t:s0 17036cd6a6acSopenharmony_cigenfscon inotifyfs / system_u:object_r:inotifyfs_t:s0 17046cd6a6acSopenharmony_cigenfscon nfsd / system_u:object_r:nfsd_fs_t:s0 17056cd6a6acSopenharmony_cigenfscon ramfs / system_u:object_r:ramfs_t:s0 17066cd6a6acSopenharmony_cigenfscon romfs / system_u:object_r:romfs_t:s0 17076cd6a6acSopenharmony_cigenfscon cramfs / system_u:object_r:romfs_t:s0 17086cd6a6acSopenharmony_cigenfscon rpc_pipefs / system_u:object_r:rpc_pipefs_t:s0 17096cd6a6acSopenharmony_cigenfscon autofs / system_u:object_r:autofs_t:s0 17106cd6a6acSopenharmony_cigenfscon automount / system_u:object_r:autofs_t:s0 17116cd6a6acSopenharmony_cigenfscon cifs / system_u:object_r:cifs_t:s0 17126cd6a6acSopenharmony_cigenfscon smbfs / system_u:object_r:cifs_t:s0 17136cd6a6acSopenharmony_cigenfscon fat / system_u:object_r:dosfs_t:s0 17146cd6a6acSopenharmony_cigenfscon msdos / system_u:object_r:dosfs_t:s0 17156cd6a6acSopenharmony_cigenfscon ntfs / system_u:object_r:dosfs_t:s0 17166cd6a6acSopenharmony_cigenfscon vfat / system_u:object_r:dosfs_t:s0 17176cd6a6acSopenharmony_cigenfscon iso9660 / system_u:object_r:iso9660_t:s0 17186cd6a6acSopenharmony_cigenfscon udf / system_u:object_r:iso9660_t:s0 17196cd6a6acSopenharmony_cigenfscon nfs / system_u:object_r:nfs_t:s0 17206cd6a6acSopenharmony_cigenfscon nfs4 / system_u:object_r:nfs_t:s0 17216cd6a6acSopenharmony_cigenfscon afs / system_u:object_r:nfs_t:s0 17226cd6a6acSopenharmony_cigenfscon hfsplus / system_u:object_r:nfs_t:s0 17236cd6a6acSopenharmony_cigenfscon debugfs / system_u:object_r:debugfs_t:s0 17246cd6a6acSopenharmony_cigenfscon proc / system_u:object_r:proc_t:s0 17256cd6a6acSopenharmony_cigenfscon proc /sysvipc system_u:object_r:proc_t:s0 17266cd6a6acSopenharmony_cigenfscon proc /kmsg system_u:object_r:proc_kmsg_t:s0 17276cd6a6acSopenharmony_cigenfscon proc /kcore system_u:object_r:proc_kcore_t:s0 17286cd6a6acSopenharmony_cigenfscon proc /mdstat system_u:object_r:proc_mdstat_t:s0 17296cd6a6acSopenharmony_cigenfscon proc /net system_u:object_r:proc_net_t:s0 17306cd6a6acSopenharmony_cigenfscon proc /xen system_u:object_r:proc_xen_t:s0 17316cd6a6acSopenharmony_cigenfscon proc /sys system_u:object_r:sysctl_t:s0 17326cd6a6acSopenharmony_cigenfscon proc /irq system_u:object_r:sysctl_irq_t:s0 17336cd6a6acSopenharmony_cigenfscon proc /net/rpc system_u:object_r:sysctl_rpc_t:s0 17346cd6a6acSopenharmony_cigenfscon proc /sys/fs system_u:object_r:sysctl_fs_t:s0 17356cd6a6acSopenharmony_cigenfscon proc /sys/kernel system_u:object_r:sysctl_kernel_t:s0 17366cd6a6acSopenharmony_cigenfscon proc /sys/kernel/modprobe system_u:object_r:sysctl_modprobe_t:s0 17376cd6a6acSopenharmony_cigenfscon proc /sys/kernel/hotplug system_u:object_r:sysctl_hotplug_t:s0 17386cd6a6acSopenharmony_cigenfscon proc /sys/net system_u:object_r:sysctl_net_t:s0 17396cd6a6acSopenharmony_cigenfscon proc /sys/net/unix system_u:object_r:sysctl_net_unix_t:s0 17406cd6a6acSopenharmony_cigenfscon proc /sys/vm system_u:object_r:sysctl_vm_t:s0 17416cd6a6acSopenharmony_cigenfscon proc /sys/dev system_u:object_r:sysctl_dev_t:s0 17426cd6a6acSopenharmony_cigenfscon selinuxfs / system_u:object_r:security_t:s0 17436cd6a6acSopenharmony_ciportcon udp 7007 system_u:object_r:afs_bos_port_t:s0 17446cd6a6acSopenharmony_ciportcon tcp 2040 system_u:object_r:afs_fs_port_t:s0 17456cd6a6acSopenharmony_ciportcon udp 7000 system_u:object_r:afs_fs_port_t:s0 17466cd6a6acSopenharmony_ciportcon udp 7005 system_u:object_r:afs_fs_port_t:s0 17476cd6a6acSopenharmony_ciportcon udp 7004 system_u:object_r:afs_ka_port_t:s0 17486cd6a6acSopenharmony_ciportcon udp 7002 system_u:object_r:afs_pt_port_t:s0 17496cd6a6acSopenharmony_ciportcon udp 7003 system_u:object_r:afs_vl_port_t:s0 17506cd6a6acSopenharmony_ciportcon udp 10080 system_u:object_r:amanda_port_t:s0 17516cd6a6acSopenharmony_ciportcon tcp 10080 system_u:object_r:amanda_port_t:s0 17526cd6a6acSopenharmony_ciportcon udp 10081 system_u:object_r:amanda_port_t:s0 17536cd6a6acSopenharmony_ciportcon tcp 10081 system_u:object_r:amanda_port_t:s0 17546cd6a6acSopenharmony_ciportcon tcp 10082 system_u:object_r:amanda_port_t:s0 17556cd6a6acSopenharmony_ciportcon tcp 10083 system_u:object_r:amanda_port_t:s0 17566cd6a6acSopenharmony_ciportcon tcp 10024 system_u:object_r:amavisd_recv_port_t:s0 17576cd6a6acSopenharmony_ciportcon tcp 10025 system_u:object_r:amavisd_send_port_t:s0 17586cd6a6acSopenharmony_ciportcon tcp 1720 system_u:object_r:asterisk_port_t:s0 17596cd6a6acSopenharmony_ciportcon udp 2427 system_u:object_r:asterisk_port_t:s0 17606cd6a6acSopenharmony_ciportcon udp 2727 system_u:object_r:asterisk_port_t:s0 17616cd6a6acSopenharmony_ciportcon udp 4569 system_u:object_r:asterisk_port_t:s0 17626cd6a6acSopenharmony_ciportcon udp 5060 system_u:object_r:asterisk_port_t:s0 17636cd6a6acSopenharmony_ciportcon tcp 113 system_u:object_r:auth_port_t:s0 17646cd6a6acSopenharmony_ciportcon tcp 179 system_u:object_r:bgp_port_t:s0 17656cd6a6acSopenharmony_ciportcon udp 179 system_u:object_r:bgp_port_t:s0 17666cd6a6acSopenharmony_ciportcon tcp 3310 system_u:object_r:clamd_port_t:s0 17676cd6a6acSopenharmony_ciportcon udp 4041 system_u:object_r:clockspeed_port_t:s0 17686cd6a6acSopenharmony_ciportcon udp 512 system_u:object_r:comsat_port_t:s0 17696cd6a6acSopenharmony_ciportcon tcp 2401 system_u:object_r:cvs_port_t:s0 17706cd6a6acSopenharmony_ciportcon udp 2401 system_u:object_r:cvs_port_t:s0 17716cd6a6acSopenharmony_ciportcon udp 6276 system_u:object_r:dcc_port_t:s0 17726cd6a6acSopenharmony_ciportcon udp 6277 system_u:object_r:dcc_port_t:s0 17736cd6a6acSopenharmony_ciportcon tcp 1178 system_u:object_r:dbskkd_port_t:s0 17746cd6a6acSopenharmony_ciportcon udp 68 system_u:object_r:dhcpc_port_t:s0 17756cd6a6acSopenharmony_ciportcon udp 67 system_u:object_r:dhcpd_port_t:s0 17766cd6a6acSopenharmony_ciportcon tcp 647 system_u:object_r:dhcpd_port_t:s0 17776cd6a6acSopenharmony_ciportcon udp 647 system_u:object_r:dhcpd_port_t:s0 17786cd6a6acSopenharmony_ciportcon tcp 847 system_u:object_r:dhcpd_port_t:s0 17796cd6a6acSopenharmony_ciportcon udp 847 system_u:object_r:dhcpd_port_t:s0 17806cd6a6acSopenharmony_ciportcon tcp 2628 system_u:object_r:dict_port_t:s0 17816cd6a6acSopenharmony_ciportcon tcp 3632 system_u:object_r:distccd_port_t:s0 17826cd6a6acSopenharmony_ciportcon udp 53 system_u:object_r:dns_port_t:s0 17836cd6a6acSopenharmony_ciportcon tcp 53 system_u:object_r:dns_port_t:s0 17846cd6a6acSopenharmony_ciportcon tcp 79 system_u:object_r:fingerd_port_t:s0 17856cd6a6acSopenharmony_ciportcon tcp 20 system_u:object_r:ftp_data_port_t:s0 17866cd6a6acSopenharmony_ciportcon tcp 21 system_u:object_r:ftp_port_t:s0 17876cd6a6acSopenharmony_ciportcon udp 1718 system_u:object_r:gatekeeper_port_t:s0 17886cd6a6acSopenharmony_ciportcon udp 1719 system_u:object_r:gatekeeper_port_t:s0 17896cd6a6acSopenharmony_ciportcon tcp 1721 system_u:object_r:gatekeeper_port_t:s0 17906cd6a6acSopenharmony_ciportcon tcp 7000 system_u:object_r:gatekeeper_port_t:s0 17916cd6a6acSopenharmony_ciportcon tcp 1213 system_u:object_r:giftd_port_t:s0 17926cd6a6acSopenharmony_ciportcon tcp 70 system_u:object_r:gopher_port_t:s0 17936cd6a6acSopenharmony_ciportcon udp 70 system_u:object_r:gopher_port_t:s0 17946cd6a6acSopenharmony_ciportcon tcp 3128 system_u:object_r:http_cache_port_t:s0 17956cd6a6acSopenharmony_ciportcon udp 3130 system_u:object_r:http_cache_port_t:s0 17966cd6a6acSopenharmony_ciportcon tcp 8080 system_u:object_r:http_cache_port_t:s0 17976cd6a6acSopenharmony_ciportcon tcp 8118 system_u:object_r:http_cache_port_t:s0 17986cd6a6acSopenharmony_ciportcon tcp 80 system_u:object_r:http_port_t:s0 17996cd6a6acSopenharmony_ciportcon tcp 443 system_u:object_r:http_port_t:s0 18006cd6a6acSopenharmony_ciportcon tcp 488 system_u:object_r:http_port_t:s0 18016cd6a6acSopenharmony_ciportcon tcp 8008 system_u:object_r:http_port_t:s0 18026cd6a6acSopenharmony_ciportcon tcp 9050 system_u:object_r:http_port_t:s0 18036cd6a6acSopenharmony_ciportcon tcp 5335 system_u:object_r:howl_port_t:s0 18046cd6a6acSopenharmony_ciportcon udp 5353 system_u:object_r:howl_port_t:s0 18056cd6a6acSopenharmony_ciportcon tcp 50000 system_u:object_r:hplip_port_t:s0 18066cd6a6acSopenharmony_ciportcon tcp 50002 system_u:object_r:hplip_port_t:s0 18076cd6a6acSopenharmony_ciportcon tcp 9010 system_u:object_r:i18n_input_port_t:s0 18086cd6a6acSopenharmony_ciportcon tcp 5323 system_u:object_r:imaze_port_t:s0 18096cd6a6acSopenharmony_ciportcon udp 5323 system_u:object_r:imaze_port_t:s0 18106cd6a6acSopenharmony_ciportcon tcp 7 system_u:object_r:inetd_child_port_t:s0 18116cd6a6acSopenharmony_ciportcon udp 7 system_u:object_r:inetd_child_port_t:s0 18126cd6a6acSopenharmony_ciportcon tcp 9 system_u:object_r:inetd_child_port_t:s0 18136cd6a6acSopenharmony_ciportcon udp 9 system_u:object_r:inetd_child_port_t:s0 18146cd6a6acSopenharmony_ciportcon tcp 13 system_u:object_r:inetd_child_port_t:s0 18156cd6a6acSopenharmony_ciportcon udp 13 system_u:object_r:inetd_child_port_t:s0 18166cd6a6acSopenharmony_ciportcon tcp 19 system_u:object_r:inetd_child_port_t:s0 18176cd6a6acSopenharmony_ciportcon udp 19 system_u:object_r:inetd_child_port_t:s0 18186cd6a6acSopenharmony_ciportcon tcp 37 system_u:object_r:inetd_child_port_t:s0 18196cd6a6acSopenharmony_ciportcon udp 37 system_u:object_r:inetd_child_port_t:s0 18206cd6a6acSopenharmony_ciportcon tcp 512 system_u:object_r:inetd_child_port_t:s0 18216cd6a6acSopenharmony_ciportcon tcp 543 system_u:object_r:inetd_child_port_t:s0 18226cd6a6acSopenharmony_ciportcon tcp 544 system_u:object_r:inetd_child_port_t:s0 18236cd6a6acSopenharmony_ciportcon tcp 891 system_u:object_r:inetd_child_port_t:s0 18246cd6a6acSopenharmony_ciportcon udp 891 system_u:object_r:inetd_child_port_t:s0 18256cd6a6acSopenharmony_ciportcon tcp 892 system_u:object_r:inetd_child_port_t:s0 18266cd6a6acSopenharmony_ciportcon udp 892 system_u:object_r:inetd_child_port_t:s0 18276cd6a6acSopenharmony_ciportcon tcp 2105 system_u:object_r:inetd_child_port_t:s0 18286cd6a6acSopenharmony_ciportcon tcp 5666 system_u:object_r:inetd_child_port_t:s0 18296cd6a6acSopenharmony_ciportcon tcp 119 system_u:object_r:innd_port_t:s0 18306cd6a6acSopenharmony_ciportcon tcp 631 system_u:object_r:ipp_port_t:s0 18316cd6a6acSopenharmony_ciportcon udp 631 system_u:object_r:ipp_port_t:s0 18326cd6a6acSopenharmony_ciportcon tcp 6667 system_u:object_r:ircd_port_t:s0 18336cd6a6acSopenharmony_ciportcon udp 500 system_u:object_r:isakmp_port_t:s0 18346cd6a6acSopenharmony_ciportcon tcp 5222 system_u:object_r:jabber_client_port_t:s0 18356cd6a6acSopenharmony_ciportcon tcp 5223 system_u:object_r:jabber_client_port_t:s0 18366cd6a6acSopenharmony_ciportcon tcp 5269 system_u:object_r:jabber_interserver_port_t:s0 18376cd6a6acSopenharmony_ciportcon tcp 464 system_u:object_r:kerberos_admin_port_t:s0 18386cd6a6acSopenharmony_ciportcon udp 464 system_u:object_r:kerberos_admin_port_t:s0 18396cd6a6acSopenharmony_ciportcon tcp 749 system_u:object_r:kerberos_admin_port_t:s0 18406cd6a6acSopenharmony_ciportcon tcp 4444 system_u:object_r:kerberos_master_port_t:s0 18416cd6a6acSopenharmony_ciportcon udp 4444 system_u:object_r:kerberos_master_port_t:s0 18426cd6a6acSopenharmony_ciportcon tcp 88 system_u:object_r:kerberos_port_t:s0 18436cd6a6acSopenharmony_ciportcon udp 88 system_u:object_r:kerberos_port_t:s0 18446cd6a6acSopenharmony_ciportcon tcp 750 system_u:object_r:kerberos_port_t:s0 18456cd6a6acSopenharmony_ciportcon udp 750 system_u:object_r:kerberos_port_t:s0 18466cd6a6acSopenharmony_ciportcon udp 517 system_u:object_r:ktalkd_port_t:s0 18476cd6a6acSopenharmony_ciportcon udp 518 system_u:object_r:ktalkd_port_t:s0 18486cd6a6acSopenharmony_ciportcon tcp 389 system_u:object_r:ldap_port_t:s0 18496cd6a6acSopenharmony_ciportcon udp 389 system_u:object_r:ldap_port_t:s0 18506cd6a6acSopenharmony_ciportcon tcp 636 system_u:object_r:ldap_port_t:s0 18516cd6a6acSopenharmony_ciportcon udp 636 system_u:object_r:ldap_port_t:s0 18526cd6a6acSopenharmony_ciportcon tcp 2000 system_u:object_r:mail_port_t:s0 18536cd6a6acSopenharmony_ciportcon tcp 1234 system_u:object_r:monopd_port_t:s0 18546cd6a6acSopenharmony_ciportcon tcp 3306 system_u:object_r:mysqld_port_t:s0 18556cd6a6acSopenharmony_ciportcon tcp 1241 system_u:object_r:nessus_port_t:s0 18566cd6a6acSopenharmony_ciportcon udp 137 system_u:object_r:nmbd_port_t:s0 18576cd6a6acSopenharmony_ciportcon udp 138 system_u:object_r:nmbd_port_t:s0 18586cd6a6acSopenharmony_ciportcon udp 139 system_u:object_r:nmbd_port_t:s0 18596cd6a6acSopenharmony_ciportcon udp 123 system_u:object_r:ntp_port_t:s0 18606cd6a6acSopenharmony_ciportcon udp 5000 system_u:object_r:openvpn_port_t:s0 18616cd6a6acSopenharmony_ciportcon tcp 5988 system_u:object_r:pegasus_http_port_t:s0 18626cd6a6acSopenharmony_ciportcon tcp 5989 system_u:object_r:pegasus_https_port_t:s0 18636cd6a6acSopenharmony_ciportcon tcp 106 system_u:object_r:pop_port_t:s0 18646cd6a6acSopenharmony_ciportcon tcp 109 system_u:object_r:pop_port_t:s0 18656cd6a6acSopenharmony_ciportcon tcp 110 system_u:object_r:pop_port_t:s0 18666cd6a6acSopenharmony_ciportcon tcp 143 system_u:object_r:pop_port_t:s0 18676cd6a6acSopenharmony_ciportcon tcp 220 system_u:object_r:pop_port_t:s0 18686cd6a6acSopenharmony_ciportcon tcp 993 system_u:object_r:pop_port_t:s0 18696cd6a6acSopenharmony_ciportcon tcp 995 system_u:object_r:pop_port_t:s0 18706cd6a6acSopenharmony_ciportcon tcp 1109 system_u:object_r:pop_port_t:s0 18716cd6a6acSopenharmony_ciportcon udp 111 system_u:object_r:portmap_port_t:s0 18726cd6a6acSopenharmony_ciportcon tcp 111 system_u:object_r:portmap_port_t:s0 18736cd6a6acSopenharmony_ciportcon tcp 5432 system_u:object_r:postgresql_port_t:s0 18746cd6a6acSopenharmony_ciportcon tcp 60000 system_u:object_r:postgrey_port_t:s0 18756cd6a6acSopenharmony_ciportcon tcp 515 system_u:object_r:printer_port_t:s0 18766cd6a6acSopenharmony_ciportcon tcp 5703 system_u:object_r:ptal_port_t:s0 18776cd6a6acSopenharmony_ciportcon udp 4011 system_u:object_r:pxe_port_t:s0 18786cd6a6acSopenharmony_ciportcon udp 24441 system_u:object_r:pyzor_port_t:s0 18796cd6a6acSopenharmony_ciportcon udp 1646 system_u:object_r:radacct_port_t:s0 18806cd6a6acSopenharmony_ciportcon udp 1813 system_u:object_r:radacct_port_t:s0 18816cd6a6acSopenharmony_ciportcon udp 1645 system_u:object_r:radius_port_t:s0 18826cd6a6acSopenharmony_ciportcon udp 1812 system_u:object_r:radius_port_t:s0 18836cd6a6acSopenharmony_ciportcon tcp 2703 system_u:object_r:razor_port_t:s0 18846cd6a6acSopenharmony_ciportcon tcp 513 system_u:object_r:rlogind_port_t:s0 18856cd6a6acSopenharmony_ciportcon tcp 953 system_u:object_r:rndc_port_t:s0 18866cd6a6acSopenharmony_ciportcon udp 520 system_u:object_r:router_port_t:s0 18876cd6a6acSopenharmony_ciportcon tcp 514 system_u:object_r:rsh_port_t:s0 18886cd6a6acSopenharmony_ciportcon tcp 873 system_u:object_r:rsync_port_t:s0 18896cd6a6acSopenharmony_ciportcon udp 873 system_u:object_r:rsync_port_t:s0 18906cd6a6acSopenharmony_ciportcon tcp 137-139 system_u:object_r:smbd_port_t:s0 18916cd6a6acSopenharmony_ciportcon tcp 445 system_u:object_r:smbd_port_t:s0 18926cd6a6acSopenharmony_ciportcon tcp 25 system_u:object_r:smtp_port_t:s0 18936cd6a6acSopenharmony_ciportcon tcp 465 system_u:object_r:smtp_port_t:s0 18946cd6a6acSopenharmony_ciportcon tcp 587 system_u:object_r:smtp_port_t:s0 18956cd6a6acSopenharmony_ciportcon udp 161 system_u:object_r:snmp_port_t:s0 18966cd6a6acSopenharmony_ciportcon udp 162 system_u:object_r:snmp_port_t:s0 18976cd6a6acSopenharmony_ciportcon tcp 199 system_u:object_r:snmp_port_t:s0 18986cd6a6acSopenharmony_ciportcon tcp 783 system_u:object_r:spamd_port_t:s0 18996cd6a6acSopenharmony_ciportcon tcp 22 system_u:object_r:ssh_port_t:s0 19006cd6a6acSopenharmony_ciportcon tcp 8000 system_u:object_r:soundd_port_t:s0 19016cd6a6acSopenharmony_ciportcon tcp 9433 system_u:object_r:soundd_port_t:s0 19026cd6a6acSopenharmony_ciportcon tcp 901 system_u:object_r:swat_port_t:s0 19036cd6a6acSopenharmony_ciportcon udp 514 system_u:object_r:syslogd_port_t:s0 19046cd6a6acSopenharmony_ciportcon tcp 23 system_u:object_r:telnetd_port_t:s0 19056cd6a6acSopenharmony_ciportcon udp 69 system_u:object_r:tftp_port_t:s0 19066cd6a6acSopenharmony_ciportcon tcp 8081 system_u:object_r:transproxy_port_t:s0 19076cd6a6acSopenharmony_ciportcon tcp 540 system_u:object_r:uucpd_port_t:s0 19086cd6a6acSopenharmony_ciportcon tcp 5900 system_u:object_r:vnc_port_t:s0 19096cd6a6acSopenharmony_ciportcon tcp 6001 system_u:object_r:xserver_port_t:s0 19106cd6a6acSopenharmony_ciportcon tcp 6002 system_u:object_r:xserver_port_t:s0 19116cd6a6acSopenharmony_ciportcon tcp 6003 system_u:object_r:xserver_port_t:s0 19126cd6a6acSopenharmony_ciportcon tcp 6004 system_u:object_r:xserver_port_t:s0 19136cd6a6acSopenharmony_ciportcon tcp 6005 system_u:object_r:xserver_port_t:s0 19146cd6a6acSopenharmony_ciportcon tcp 6006 system_u:object_r:xserver_port_t:s0 19156cd6a6acSopenharmony_ciportcon tcp 6007 system_u:object_r:xserver_port_t:s0 19166cd6a6acSopenharmony_ciportcon tcp 6008 system_u:object_r:xserver_port_t:s0 19176cd6a6acSopenharmony_ciportcon tcp 6009 system_u:object_r:xserver_port_t:s0 19186cd6a6acSopenharmony_ciportcon tcp 6010 system_u:object_r:xserver_port_t:s0 19196cd6a6acSopenharmony_ciportcon tcp 6011 system_u:object_r:xserver_port_t:s0 19206cd6a6acSopenharmony_ciportcon tcp 6012 system_u:object_r:xserver_port_t:s0 19216cd6a6acSopenharmony_ciportcon tcp 6013 system_u:object_r:xserver_port_t:s0 19226cd6a6acSopenharmony_ciportcon tcp 6014 system_u:object_r:xserver_port_t:s0 19236cd6a6acSopenharmony_ciportcon tcp 6015 system_u:object_r:xserver_port_t:s0 19246cd6a6acSopenharmony_ciportcon tcp 6016 system_u:object_r:xserver_port_t:s0 19256cd6a6acSopenharmony_ciportcon tcp 6017 system_u:object_r:xserver_port_t:s0 19266cd6a6acSopenharmony_ciportcon tcp 6018 system_u:object_r:xserver_port_t:s0 19276cd6a6acSopenharmony_ciportcon tcp 6019 system_u:object_r:xserver_port_t:s0 19286cd6a6acSopenharmony_ciportcon tcp 8002 system_u:object_r:xen_port_t:s0 19296cd6a6acSopenharmony_ciportcon tcp 2601 system_u:object_r:zebra_port_t:s0 19306cd6a6acSopenharmony_ciportcon tcp 8021 system_u:object_r:zope_port_t:s0 19316cd6a6acSopenharmony_ciportcon tcp 1-1023 system_u:object_r:reserved_port_t:s0 19326cd6a6acSopenharmony_ciportcon udp 1-1023 system_u:object_r:reserved_port_t:s0 19336cd6a6acSopenharmony_cinodecon :: ffff:ffff:ffff:ffff:ffff:ffff:: system_u:object_r:compat_ipv4_node_t:s0 19346cd6a6acSopenharmony_cinodecon 0.0.0.0 255.255.255.255 system_u:object_r:inaddr_any_node_t:s0 19356cd6a6acSopenharmony_cinodecon fe80:: ffff:ffff:ffff:ffff:: system_u:object_r:link_local_node_t:s0 19366cd6a6acSopenharmony_cinodecon 127.0.0.1 255.255.255.255 system_u:object_r:lo_node_t:s0 19376cd6a6acSopenharmony_cinodecon ::ffff:0000:0000 ffff:ffff:ffff:ffff:ffff:ffff:: system_u:object_r:mapped_ipv4_node_t:s0 19386cd6a6acSopenharmony_cinodecon ff00:: ff00:: system_u:object_r:multicast_node_t:s0 19396cd6a6acSopenharmony_cinodecon fec0:: ffc0:: system_u:object_r:site_local_node_t:s0 19406cd6a6acSopenharmony_cinodecon :: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff system_u:object_r:unspec_node_t:s0 1941