16cd6a6acSopenharmony_cimodule my_module 1.0; 26cd6a6acSopenharmony_ci 36cd6a6acSopenharmony_cirequire { 46cd6a6acSopenharmony_ci bool allow_ypbind, secure_mode, allow_execstack; 56cd6a6acSopenharmony_ci type system_t, sysadm_t; 66cd6a6acSopenharmony_ci class file {read write}; 76cd6a6acSopenharmony_ci attribute attr_check_base_2, attr_check_base_3; 86cd6a6acSopenharmony_ci attribute attr_check_base_optional_2; 96cd6a6acSopenharmony_ci} 106cd6a6acSopenharmony_ci 116cd6a6acSopenharmony_cibool module_1_bool true; 126cd6a6acSopenharmony_ci 136cd6a6acSopenharmony_ciif (module_1_bool && allow_ypbind && secure_mode && allow_execstack) { 146cd6a6acSopenharmony_ci allow system_t sysadm_t : file { read write }; 156cd6a6acSopenharmony_ci} 166cd6a6acSopenharmony_ci 176cd6a6acSopenharmony_cioptional { 186cd6a6acSopenharmony_ci bool module_1_bool_2 false; 196cd6a6acSopenharmony_ci require { 206cd6a6acSopenharmony_ci bool optional_bool_1, optional_bool_2; 216cd6a6acSopenharmony_ci class file { execute ioctl }; 226cd6a6acSopenharmony_ci } 236cd6a6acSopenharmony_ci if (optional_bool_1 && optional_bool_2 || module_1_bool_2) { 246cd6a6acSopenharmony_ci allow system_t sysadm_t : file {execute ioctl}; 256cd6a6acSopenharmony_ci } 266cd6a6acSopenharmony_ci} 276cd6a6acSopenharmony_ci# Type - attribute mapping test 286cd6a6acSopenharmony_citype module_t; 296cd6a6acSopenharmony_ciattribute attr_check_mod_1; 306cd6a6acSopenharmony_ciattribute attr_check_mod_2; 316cd6a6acSopenharmony_ciattribute attr_check_mod_3; 326cd6a6acSopenharmony_ciattribute attr_check_mod_4; 336cd6a6acSopenharmony_ciattribute attr_check_mod_5; 346cd6a6acSopenharmony_ciattribute attr_check_mod_6; 356cd6a6acSopenharmony_ciattribute attr_check_mod_7; 366cd6a6acSopenharmony_ciattribute attr_check_mod_8; 376cd6a6acSopenharmony_ciattribute attr_check_mod_9; 386cd6a6acSopenharmony_ciattribute attr_check_mod_10; 396cd6a6acSopenharmony_ciattribute attr_check_mod_11; 406cd6a6acSopenharmony_cioptional { 416cd6a6acSopenharmony_ci require { 426cd6a6acSopenharmony_ci type base_t; 436cd6a6acSopenharmony_ci } 446cd6a6acSopenharmony_ci attribute attr_check_mod_optional_1; 456cd6a6acSopenharmony_ci attribute attr_check_mod_optional_2; 466cd6a6acSopenharmony_ci attribute attr_check_mod_optional_3; 476cd6a6acSopenharmony_ci attribute attr_check_mod_optional_4; 486cd6a6acSopenharmony_ci attribute attr_check_mod_optional_5; 496cd6a6acSopenharmony_ci attribute attr_check_mod_optional_6; 506cd6a6acSopenharmony_ci attribute attr_check_mod_optional_7; 516cd6a6acSopenharmony_ci} 526cd6a6acSopenharmony_cioptional { 536cd6a6acSopenharmony_ci require { 546cd6a6acSopenharmony_ci type does_not_exist_t; 556cd6a6acSopenharmony_ci } 566cd6a6acSopenharmony_ci attribute attr_check_mod_optional_disabled_4; 576cd6a6acSopenharmony_ci attribute attr_check_mod_optional_disabled_7; 586cd6a6acSopenharmony_ci} 596cd6a6acSopenharmony_citype attr_check_base_2_1_t, attr_check_base_2; 606cd6a6acSopenharmony_citype attr_check_base_2_2_t; 616cd6a6acSopenharmony_citypeattribute attr_check_base_2_2_t attr_check_base_2; 626cd6a6acSopenharmony_citype attr_check_base_3_3_t, attr_check_base_3; 636cd6a6acSopenharmony_citype attr_check_base_3_4_t; 646cd6a6acSopenharmony_citypeattribute attr_check_base_3_4_t attr_check_base_3; 656cd6a6acSopenharmony_cioptional { 666cd6a6acSopenharmony_ci require { 676cd6a6acSopenharmony_ci attribute attr_check_base_5; 686cd6a6acSopenharmony_ci } 696cd6a6acSopenharmony_ci type attr_check_base_5_1_t, attr_check_base_5; 706cd6a6acSopenharmony_ci type attr_check_base_5_2_t; 716cd6a6acSopenharmony_ci typeattribute attr_check_base_5_2_t attr_check_base_5; 726cd6a6acSopenharmony_ci} 736cd6a6acSopenharmony_cioptional { 746cd6a6acSopenharmony_ci require { 756cd6a6acSopenharmony_ci attribute attr_check_base_6; 766cd6a6acSopenharmony_ci } 776cd6a6acSopenharmony_ci type attr_check_base_6_3_t, attr_check_base_6; 786cd6a6acSopenharmony_ci type attr_check_base_6_4_t; 796cd6a6acSopenharmony_ci typeattribute attr_check_base_6_4_t attr_check_base_6; 806cd6a6acSopenharmony_ci} 816cd6a6acSopenharmony_cioptional { 826cd6a6acSopenharmony_ci require { 836cd6a6acSopenharmony_ci type does_not_exist_t; 846cd6a6acSopenharmony_ci attribute attr_check_base_8; 856cd6a6acSopenharmony_ci } 866cd6a6acSopenharmony_ci type attr_check_base_8_1_t, attr_check_base_8; 876cd6a6acSopenharmony_ci type attr_check_base_8_2_t; 886cd6a6acSopenharmony_ci typeattribute attr_check_base_8_2_t attr_check_base_8; 896cd6a6acSopenharmony_ci} 906cd6a6acSopenharmony_cioptional { 916cd6a6acSopenharmony_ci require { 926cd6a6acSopenharmony_ci type does_not_exist_t; 936cd6a6acSopenharmony_ci attribute attr_check_base_9; 946cd6a6acSopenharmony_ci } 956cd6a6acSopenharmony_ci type attr_check_base_9_3_t, attr_check_base_9; 966cd6a6acSopenharmony_ci type attr_check_base_9_4_t; 976cd6a6acSopenharmony_ci typeattribute attr_check_base_9_4_t attr_check_base_9; 986cd6a6acSopenharmony_ci} 996cd6a6acSopenharmony_cioptional { 1006cd6a6acSopenharmony_ci require { 1016cd6a6acSopenharmony_ci type does_not_exist_t; 1026cd6a6acSopenharmony_ci attribute attr_check_base_10; 1036cd6a6acSopenharmony_ci } 1046cd6a6acSopenharmony_ci type attr_check_base_10_3_t, attr_check_base_10; 1056cd6a6acSopenharmony_ci type attr_check_base_10_4_t; 1066cd6a6acSopenharmony_ci typeattribute attr_check_base_10_4_t attr_check_base_10; 1076cd6a6acSopenharmony_ci} 1086cd6a6acSopenharmony_cioptional { 1096cd6a6acSopenharmony_ci require { 1106cd6a6acSopenharmony_ci attribute attr_check_base_11; 1116cd6a6acSopenharmony_ci } 1126cd6a6acSopenharmony_ci type attr_check_base_11_3_t, attr_check_base_11; 1136cd6a6acSopenharmony_ci type attr_check_base_11_4_t; 1146cd6a6acSopenharmony_ci typeattribute attr_check_base_11_4_t attr_check_base_11; 1156cd6a6acSopenharmony_ci} 1166cd6a6acSopenharmony_citype attr_check_base_optional_2_1_t, attr_check_base_optional_2; 1176cd6a6acSopenharmony_citype attr_check_base_optional_2_2_t; 1186cd6a6acSopenharmony_citypeattribute attr_check_base_optional_2_2_t attr_check_base_optional_2; 1196cd6a6acSopenharmony_cioptional { 1206cd6a6acSopenharmony_ci require { 1216cd6a6acSopenharmony_ci attribute attr_check_base_optional_5; 1226cd6a6acSopenharmony_ci } 1236cd6a6acSopenharmony_ci type attr_check_base_optional_5_1_t, attr_check_base_optional_5; 1246cd6a6acSopenharmony_ci type attr_check_base_optional_5_2_t; 1256cd6a6acSopenharmony_ci typeattribute attr_check_base_optional_5_2_t attr_check_base_optional_5; 1266cd6a6acSopenharmony_ci} 1276cd6a6acSopenharmony_ci#optional { 1286cd6a6acSopenharmony_ci# require { 1296cd6a6acSopenharmony_ci# attribute attr_check_base_optional_6; 1306cd6a6acSopenharmony_ci# } 1316cd6a6acSopenharmony_ci# type attr_check_base_optional_6_3_t, attr_check_base_optional_6; 1326cd6a6acSopenharmony_ci# type attr_check_base_optional_6_4_t; 1336cd6a6acSopenharmony_ci# typeattribute attr_check_base_optional_6_4_t attr_check_base_optional_6; 1346cd6a6acSopenharmony_ci#} 1356cd6a6acSopenharmony_cioptional { 1366cd6a6acSopenharmony_ci require { 1376cd6a6acSopenharmony_ci type does_not_exist_t; 1386cd6a6acSopenharmony_ci attribute attr_check_base_optional_8; 1396cd6a6acSopenharmony_ci } 1406cd6a6acSopenharmony_ci type attr_check_base_optional_8_1_t, attr_check_base_optional_8; 1416cd6a6acSopenharmony_ci type attr_check_base_optional_8_2_t; 1426cd6a6acSopenharmony_ci typeattribute attr_check_base_optional_8_2_t attr_check_base_optional_8; 1436cd6a6acSopenharmony_ci} 1446cd6a6acSopenharmony_citype attr_check_mod_2_1_t, attr_check_mod_2; 1456cd6a6acSopenharmony_citype attr_check_mod_2_2_t; 1466cd6a6acSopenharmony_citypeattribute attr_check_mod_2_2_t attr_check_mod_2; 1476cd6a6acSopenharmony_cioptional { 1486cd6a6acSopenharmony_ci require { 1496cd6a6acSopenharmony_ci attribute attr_check_mod_5; 1506cd6a6acSopenharmony_ci } 1516cd6a6acSopenharmony_ci type attr_check_mod_5_1_t, attr_check_mod_5; 1526cd6a6acSopenharmony_ci type attr_check_mod_5_2_t; 1536cd6a6acSopenharmony_ci typeattribute attr_check_mod_5_2_t attr_check_mod_5; 1546cd6a6acSopenharmony_ci} 1556cd6a6acSopenharmony_cioptional { 1566cd6a6acSopenharmony_ci require { 1576cd6a6acSopenharmony_ci attribute attr_check_mod_6; 1586cd6a6acSopenharmony_ci } 1596cd6a6acSopenharmony_ci type attr_check_mod_6_3_t, attr_check_mod_6; 1606cd6a6acSopenharmony_ci type attr_check_mod_6_4_t; 1616cd6a6acSopenharmony_ci typeattribute attr_check_mod_6_4_t attr_check_mod_6; 1626cd6a6acSopenharmony_ci} 1636cd6a6acSopenharmony_cioptional { 1646cd6a6acSopenharmony_ci require { 1656cd6a6acSopenharmony_ci type does_not_exist_t; 1666cd6a6acSopenharmony_ci } 1676cd6a6acSopenharmony_ci type attr_check_mod_8_1_t, attr_check_mod_8; 1686cd6a6acSopenharmony_ci type attr_check_mod_8_2_t; 1696cd6a6acSopenharmony_ci typeattribute attr_check_mod_8_2_t attr_check_mod_8; 1706cd6a6acSopenharmony_ci} 1716cd6a6acSopenharmony_cioptional { 1726cd6a6acSopenharmony_ci require { 1736cd6a6acSopenharmony_ci type does_not_exist_t; 1746cd6a6acSopenharmony_ci } 1756cd6a6acSopenharmony_ci type attr_check_mod_9_3_t, attr_check_mod_9; 1766cd6a6acSopenharmony_ci type attr_check_mod_9_4_t; 1776cd6a6acSopenharmony_ci typeattribute attr_check_mod_9_4_t attr_check_mod_9; 1786cd6a6acSopenharmony_ci} 1796cd6a6acSopenharmony_cioptional { 1806cd6a6acSopenharmony_ci require { 1816cd6a6acSopenharmony_ci type does_not_exist_t; 1826cd6a6acSopenharmony_ci } 1836cd6a6acSopenharmony_ci type attr_check_mod_10_3_t, attr_check_mod_10; 1846cd6a6acSopenharmony_ci type attr_check_mod_10_4_t; 1856cd6a6acSopenharmony_ci typeattribute attr_check_mod_10_4_t attr_check_mod_10; 1866cd6a6acSopenharmony_ci} 1876cd6a6acSopenharmony_cioptional { 1886cd6a6acSopenharmony_ci require { 1896cd6a6acSopenharmony_ci type base_t; 1906cd6a6acSopenharmony_ci } 1916cd6a6acSopenharmony_ci type attr_check_mod_11_3_t, attr_check_mod_11; 1926cd6a6acSopenharmony_ci type attr_check_mod_11_4_t; 1936cd6a6acSopenharmony_ci typeattribute attr_check_mod_11_4_t attr_check_mod_11; 1946cd6a6acSopenharmony_ci} 1956cd6a6acSopenharmony_ci#optional { 1966cd6a6acSopenharmony_ci# require { 1976cd6a6acSopenharmony_ci# attribute attr_check_mod_optional_5; 1986cd6a6acSopenharmony_ci# } 1996cd6a6acSopenharmony_ci# type attr_check_mod_optional_5_1_t, attr_check_mod_optional_5; 2006cd6a6acSopenharmony_ci# type attr_check_mod_optional_5_2_t; 2016cd6a6acSopenharmony_ci# typeattribute attr_check_mod_optional_5_2_t attr_check_mod_optional_5; 2026cd6a6acSopenharmony_ci#} 2036cd6a6acSopenharmony_ci#optional { 2046cd6a6acSopenharmony_ci# require { 2056cd6a6acSopenharmony_ci# attribute attr_check_mod_optional_6; 2066cd6a6acSopenharmony_ci# } 2076cd6a6acSopenharmony_ci# type attr_check_mod_optional_6_3_t, attr_check_mod_optional_6; 2086cd6a6acSopenharmony_ci# type attr_check_mod_optional_6_4_t; 2096cd6a6acSopenharmony_ci# typeattribute attr_check_mod_optional_6_4_t attr_check_mod_optional_6; 2106cd6a6acSopenharmony_ci#} 2116cd6a6acSopenharmony_cioptional { 2126cd6a6acSopenharmony_ci require { 2136cd6a6acSopenharmony_ci attribute attr_check_base_optional_disabled_5; 2146cd6a6acSopenharmony_ci } 2156cd6a6acSopenharmony_ci type attr_check_base_optional_disabled_5_1_t, attr_check_base_optional_disabled_5; 2166cd6a6acSopenharmony_ci type attr_check_base_optional_disabled_5_2_t; 2176cd6a6acSopenharmony_ci typeattribute attr_check_base_optional_disabled_5_2_t attr_check_base_optional_disabled_5; 2186cd6a6acSopenharmony_ci} 2196cd6a6acSopenharmony_cioptional { 2206cd6a6acSopenharmony_ci require { 2216cd6a6acSopenharmony_ci type does_not_exist_t; 2226cd6a6acSopenharmony_ci attribute attr_check_base_optional_disabled_8; 2236cd6a6acSopenharmony_ci } 2246cd6a6acSopenharmony_ci type attr_check_base_optional_disabled_8_1_t, attr_check_base_optional_disabled_8; 2256cd6a6acSopenharmony_ci type attr_check_base_optional_disabled_8_2_t; 2266cd6a6acSopenharmony_ci typeattribute attr_check_base_optional_disabled_8_2_t attr_check_base_optional_disabled_8; 2276cd6a6acSopenharmony_ci} 2286cd6a6acSopenharmony_ci 229