Differential D15089 Diff 40763 autotests/reference/test.te.ref

Changeset View

Standalone View

View Options

autotests/reference/test.te.ref

  • This file was added.
1<Comment># Sample SELinux Policy</Comment><br/>
2<Normal Text></Normal Text><br/>
3<Documentation>## </Documentation><Doc. Element Tag><summary></Doc. Element Tag><br/>
4<Documentation>## Sample SELinux Policy</Documentation><br/>
5<Documentation>## </Documentation><Doc. Element Tag></summary></Doc. Element Tag><br/>
6<Documentation>## </Documentation><Doc. Element Tag><desc></Doc. Element Tag><br/>
7<Documentation>## </Documentation><Doc. Element Tag><p></Doc. Element Tag><br/>
8<Documentation>## This module is not functional,</Documentation><br/>
9<Documentation>## but only to test the syntax highlighting.</Documentation><br/>
10<Documentation>## </Documentation><Doc. Element Tag></p></Doc. Element Tag><br/>
11<Documentation>## </Documentation><Doc. Element Tag></desc></Doc. Element Tag><br/>
12<Documentation>## </Documentation><Doc. Element Tag><required</Doc. Element Tag><Doc. Attribute> val</Doc. Attribute><Documentation>=</Documentation><Doc. Value>"true"</Doc. Value><Doc. Element Tag>></Doc. Element Tag><br/>
13<Documentation>## Depended on by other required modules.</Documentation><br/>
14<Documentation>## </Documentation><Doc. Element Tag></required></Doc. Element Tag><br/>
15<Normal Text></Normal Text><br/>
16<Policy Config. Statements>policycap</Policy Config. Statements><Normal Text> </Normal Text><Policy Capability>open_perms</Policy Capability><Symbol>;</Symbol><br/>
17<Statements>module</Statements><Normal Text> myapp </Normal Text><Number>1.0</Number><Symbol>;</Symbol><br/>
18<Normal Text></Normal Text><br/>
19<Statements>require</Statements><Normal Text> </Normal Text><Operator>{</Operator><br/>
20<Normal Text> </Normal Text><Statements>type</Statements><Normal Text> httpd_t</Normal Text><Symbol>;</Symbol><br/>
21<Normal Text> </Normal Text><Statements>type</Statements><Normal Text> httpd_sys_content_t</Normal Text><Symbol>;</Symbol><br/>
22<Normal Text> </Normal Text><Statements>type</Statements><Normal Text> initrc_t</Normal Text><Symbol>;</Symbol><br/>
23<Normal Text> </Normal Text><Statements>class</Statements><Normal Text> sock_file </Normal Text><AV Permissions>write</AV Permissions><Symbol>;</Symbol><br/>
24<Normal Text> </Normal Text><Statements>class</Statements><Normal Text> unix_stream_socket </Normal Text><AV Permissions>connectto</AV Permissions><Symbol>;</Symbol><br/>
25<Operator>}</Operator><br/>
26<Normal Text></Normal Text><br/>
27<Access Keys>allow</Access Keys><Normal Text> httpd_t httpd_sys_content_t</Normal Text><Symbol>:</Symbol><Class>sock_file</Class><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Symbol>;</Symbol><br/>
28<Access Keys>allow</Access Keys><Normal Text> httpd_t initrc_t</Normal Text><Symbol>:</Symbol><Class>unix_stream_socket</Class><Normal Text> </Normal Text><AV Permissions>connectto</AV Permissions><Symbol>;</Symbol><br/>
29<Normal Text></Normal Text><br/>
30<Comment># Refpolicy</Comment><br/>
31<Refpolicy Keywords>tunable_policy</Refpolicy Keywords><Normal Text>(</Normal Text><Text Quoted>`allow_execmem'</Text Quoted><Symbol>,</Symbol><Default M4 Quote>`</Default M4 Quote><br/>
32<Normal Text> </Normal Text><Path>/usr/share/holas</Path><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>/</RegExp Brackets Content><Special Char>.*</Special Char><RegExp Brackets>)</RegExp Brackets><Special Char>?</Special Char><Reserved Keywords> --</Reserved Keywords><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>holas_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts>s0</File Contexts><Symbol>,</Symbol><File Contexts>fdf</File Contexts><Symbol>,</Symbol><File Contexts>df</File Contexts><Normal Text>)</Normal Text><Symbol>;</Symbol><br/>
33<Default M4 Quote>'</Default M4 Quote><Normal Text>)</Normal Text><br/>
34<Comment># M4 Macros</Comment><br/>
35<M4 Built-in Keywords>regexp</M4 Built-in Keywords><Normal Text>(</Normal Text><Text Quoted>`GNUs not Unix'</Text Quoted><Normal Text>, </Normal Text><Default M4 Quote>`</Default M4 Quote><Escape Char>\w\(\w</Escape Char><Special Char>+</Special Char><Escape Char>\)</Escape Char><Special Char>$</Special Char><Default M4 Quote>'</Default M4 Quote><Normal Text>, </Normal Text><Default M4 Quote>`</Default M4 Quote><Special Char>***</Special Char><Normal Text> </Normal Text><Escape Char>\&</Escape Char><Normal Text> </Normal Text><Special Char>***</Special Char><Normal Text> </Normal Text><Escape Char>\1</Escape Char><Normal Text> </Normal Text><Special Char>***</Special Char><Default M4 Quote>'</Default M4 Quote><Normal Text>)</Normal Text><br/>
36<M4 Built-in Keywords>ifdef</M4 Built-in Keywords><Normal Text>(</Normal Text><Text Quoted>`distro_ubuntu'</Text Quoted><Symbol>,</Symbol><Default M4 Quote>`</Default M4 Quote><br/>
37<Normal Text> </Normal Text><Function>unconfined_domain</Function><Normal Text>(chkpwd_t)</Normal Text><br/>
38<Default M4 Quote>'</Default M4 Quote><Normal Text>)</Normal Text><br/>
39<Normal Text></Normal Text><br/>
40<Statements>dominance</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><Function>gen_dominance</Function><Normal Text>(</Normal Text><Number>0</Number><Symbol>,</Symbol><M4 Built-in Keywords>decr</M4 Built-in Keywords><Normal Text>(</Normal Text><M4 Special Arguments>$1</M4 Special Arguments><Normal Text>)) </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
41<Access Keys>neverallow</Access Keys><Normal Text> </Normal Text><Input Selector>user</Input Selector><Symbol>=</Symbol><Normal Text>_isolated </Normal Text><Input Selector>domain</Input Selector><Symbol>=</Symbol><RegExp Brackets>((</RegExp Brackets><Special Char of Brackets>?!</Special Char of Brackets><RegExp Brackets Content>isolated_app</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Special Char>.</Special Char><RegExp Brackets>)</RegExp Brackets><Special Char>*</Special Char><br/>
42<Normal Text></Normal Text><br/>
43<Access Keys>allow</Access Keys><Normal Text> consoletype_t </Normal Text><Special Keys>self</Special Keys><Symbol>:</Symbol><Class>capability</Class><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>sys_admin</AV Permissions><Normal Text> </Normal Text><AV Permissions>sys_tty_config</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
44<Access Keys>allow</Access Keys><Normal Text> consoletype_t </Normal Text><Special Keys>self</Special Keys><Symbol>:</Symbol><Class>msg</Class><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>send</AV Permissions><Normal Text> </Normal Text><AV Permissions>receive</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
45<Normal Text></Normal Text><br/>
46<Comment># sample for administrative user</Comment><br/>
47<Statements>user</Statements><Normal Text> jadmin </Normal Text><Statements>roles</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> staff_r sysadm_r </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
48<Comment># sample for regular user</Comment><br/>
49<Statements>user</Statements><Normal Text> jdoe </Normal Text><Statements>roles</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> user_r </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
50<Normal Text></Normal Text><br/>
51<Statements>default_user</Statements><Normal Text> process </Normal Text><Reserved Keywords>source</Reserved Keywords><Symbol>;</Symbol><br/>
52<Statements>default_range</Statements><Normal Text> process </Normal Text><Reserved Keywords>source</Reserved Keywords><Normal Text> </Normal Text><Range>low</Range><Symbol>;</Symbol><br/>
53<Normal Text></Normal Text><br/>
54<Statements>sid</Statements><Normal Text> devnull</Normal Text><Symbol>;</Symbol><br/>
55<Statements>sid</Statements><Normal Text> sysctl</Normal Text><Symbol>;</Symbol><br/>
56<Normal Text></Normal Text><br/>
57<Statements>common</Statements><Normal Text> file </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Normal Text> </Normal Text><AV Permissions>create</AV Permissions><Normal Text> </Normal Text><AV Permissions>getattr</AV Permissions><Normal Text> </Normal Text><AV Permissions>setattr</AV Permissions><Normal Text> </Normal Text><AV Permissions>lock</AV Permissions><Normal Text> </Normal Text><AV Permissions>relabelfrom</AV Permissions><Normal Text> </Normal Text><AV Permissions>relabelto</AV Permissions><Normal Text> </Normal Text><AV Permissions>append</AV Permissions><Normal Text> </Normal Text><AV Permissions>map</AV Permissions><Normal Text> </Normal Text><AV Permissions>unlink</AV Permissions><Normal Text> </Normal Text><AV Permissions>link</AV Permissions><Normal Text> </Normal Text><AV Permissions>rename</AV Permissions><Normal Text> </Normal Text><AV Permissions>execute</AV Permissions><Normal Text> </Normal Text><AV Permissions>swapon</AV Permissions><Normal Text> </Normal Text><AV Permissions>quotaon</AV Permissions><Normal Text> </Normal Text><AV Permissions>mounton</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
58<Statements>class</Statements><Normal Text> dir </Normal Text><Statements>inherits</Statements><Normal Text> file </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>add_name</AV Permissions><Normal Text> </Normal Text><AV Permissions>remove_name</AV Permissions><Normal Text> </Normal Text><AV Permissions>reparent</AV Permissions><Normal Text> </Normal Text><AV Permissions>search</AV Permissions><Normal Text> </Normal Text><AV Permissions>rmdir</AV Permissions><Normal Text> </Normal Text><AV Permissions>open</AV Permissions><Normal Text> </Normal Text><AV Permissions>audit_access</AV Permissions><Normal Text> </Normal Text><AV Permissions>execmod</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
59<Statements>class</Statements><Normal Text> class</Normal Text><Symbol>;</Symbol><br/>
60<Normal Text></Normal Text><br/>
61<Statements>sensitivity</Statements><Normal Text> s0 </Normal Text><Statements>alias</Statements><Normal Text> sens0</Normal Text><Symbol>;</Symbol><br/>
62<Statements>category</Statements><Normal Text> c0 </Normal Text><Statements>alias</Statements><Normal Text> cat0</Normal Text><Symbol>;</Symbol><br/>
63<Normal Text></Normal Text><br/>
64<Statements>mlsconstrain</Statements><Normal Text> dir </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>search</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>lock</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><br/>
65<Normal Text> (( </Normal Text><Special Keys>h1</Special Keys><Normal Text> </Normal Text><Expression Keys>dom</Expression Keys><Normal Text> </Normal Text><Special Keys>h2</Special Keys><Normal Text> ) </Normal Text><Expression Keys>or</Expression Keys><Normal Text> ( </Normal Text><Special Keys>t1</Special Keys><Normal Text> </Normal Text><Boolean Operators>==</Boolean Operators><Normal Text> mcsreadall ) </Normal Text><Expression Keys>or</Expression Keys><br/>
66<Normal Text> (( </Normal Text><Special Keys>t1</Special Keys><Normal Text> </Normal Text><Boolean Operators>!=</Boolean Operators><Normal Text> mcs_constrained_type ) </Normal Text><Expression Keys>and</Expression Keys><Normal Text> (</Normal Text><Special Keys>t2</Special Keys><Normal Text> </Normal Text><Boolean Operators>==</Boolean Operators><Normal Text> domain)))</Normal Text><Symbol>;</Symbol><br/>
67<Normal Text></Normal Text><br/>
68<Statements>attribute_role</Statements><Normal Text> dpkg_roles</Normal Text><Symbol>;</Symbol><br/>
69<Statements>roleattribute</Statements><Normal Text> system_r dpkg_roles</Normal Text><Symbol>;</Symbol><br/>
70<Normal Text></Normal Text><br/>
71<Statements>role</Statements><Normal Text> system_r </Normal Text><Statements>types</Statements><Normal Text> system_t</Normal Text><Symbol>;</Symbol><br/>
72<Statements>role_transition</Statements><Normal Text> hello init_script_file_type system_r</Normal Text><Symbol>;</Symbol><br/>
73<Normal Text></Normal Text><br/>
74<Statements>level</Statements><Normal Text> </Normal Text><MLS/MCS Level/Range>s0</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c0</MLS/MCS Level/Range><Symbol>;</Symbol><br/>
75<Statements>user</Statements><Normal Text> user_u </Normal Text><Statements>roles</Statements><Normal Text> role_r </Normal Text><Statements>level</Statements><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c1</MLS/MCS Level/Range><Normal Text> </Normal Text><Statements>range</Statements><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c1</MLS/MCS Level/Range><Symbol> - </Symbol><MLS/MCS Level/Range>s2</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c2</MLS/MCS Level/Range><Symbol>;</Symbol><br/>
76<Statements>range_transition</Statements><Normal Text> initrc_t auditd_exec_t</Normal Text><Symbol>:</Symbol><Class>process</Class><Normal Text> </Normal Text><MLS/MCS Level/Range>s15</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c0</MLS/MCS Level/Range><Symbol>.</Symbol><MLS/MCS Level/Range>c255</MLS/MCS Level/Range><Symbol> - </Symbol><MLS/MCS Level/Range>s20</MLS/MCS Level/Range><Symbol>;</Symbol><br/>
77<Statements>range_transition</Statements><Normal Text> source target</Normal Text><Symbol>:</Symbol><Class>class</Class><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Symbol> - </Symbol><MLS/MCS Level/Range>s2</MLS/MCS Level/Range><Normal Text> dsd</Normal Text><Symbol>;</Symbol><br/>
78<Statements>range_transition</Statements><Normal Text> source target</Normal Text><Symbol>:</Symbol><Class>class</Class><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Normal Text> </Normal Text><Symbol>;</Symbol><br/>
79<Normal Text></Normal Text><br/>
80<Statements>attribute</Statements><Normal Text> filesystem_type</Normal Text><Symbol>;</Symbol><br/>
81<Statements>type</Statements><Normal Text> dhcp_etc_t</Normal Text><Symbol>;</Symbol><br/>
82<Statements>typealias</Statements><Normal Text> dhcp_etc_t </Normal Text><Statements>ALIAS</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> etc_dhcp_t etc_dhcpc_t etc_dhcpd_t </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
83<Normal Text></Normal Text><br/>
84<Statements>bool</Statements><Normal Text> le_boolean </Normal Text><Booleans>true</Booleans><Symbol>;</Symbol><br/>
85<Statements>TUNABLE</Statements><Normal Text> allow_java_execstack </Normal Text><Booleans>false</Booleans><Symbol>;</Symbol><br/>
86<Normal Text></Normal Text><br/>
87<Statements>type_transition</Statements><Normal Text> root_xdrawable_t input_xevent_t</Normal Text><Symbol>:</Symbol><Class>x_event</Class><Normal Text> root_input_xevent_t</Normal Text><Symbol>;</Symbol><br/>
88<Access Keys>AUDITALLOW</Access Keys><Normal Text> xserver_t </Normal Text><Operator>{</Operator><Normal Text> root_xdrawable_t x_domain </Normal Text><Operator>}</Operator><Symbol>:</Symbol><Class>x_drawable</Class><Normal Text> </Normal Text><AV Permissions>send</AV Permissions><Symbol>;</Symbol><br/>
89<Normal Text></Normal Text><br/>
90<Statements>optional</Statements><Normal Text> </Normal Text><Operator>{</Operator><br/>
91<Normal Text> </Normal Text><Access Keys>neverallow</Access Keys><Normal Text> untrusted_app </Normal Text><Special Char>*</Special Char><Symbol>:</Symbol><Operator>{</Operator><Normal Text> netlink_route_socket netlink_selinux_socket </Normal Text><Operator>}</Operator><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Symbol>;</Symbol><br/>
92<Normal Text> </Normal Text><Access Keys>neverallowxperm</Access Keys><Normal Text> shell domain</Normal Text><Symbol>:</Symbol><Operator>{</Operator><Normal Text> rawip_socket tcp_socket udp_socket </Normal Text><Operator>}</Operator><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> priv_sock_ioctls</Normal Text><Symbol>;</Symbol><br/>
93<Operator>}</Operator><Symbol>;</Symbol><br/>
94<Normal Text></Normal Text><br/>
95<Statements>if</Statements><Normal Text> le_boolean </Normal Text><Operator>{</Operator><br/>
96<Normal Text> </Normal Text><Access Keys>DONTAUDIT</Access Keys><Normal Text> untrusted_app asec_public_file</Normal Text><Symbol>:</Symbol><Class>file</Class><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>execute</AV Permissions><Normal Text> </Normal Text><AV Permissions>execmod</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/>
97<Operator>}</Operator><Normal Text> </Normal Text><Statements>else</Statements><Normal Text> </Normal Text><Operator>{</Operator><br/>
98<Normal Text> </Normal Text><Access Keys>ALLOW</Access Keys><Normal Text> untrusted_app perfprofd_data_file</Normal Text><Symbol>:</Symbol><Class>file</Class><Normal Text> r_file_perms</Normal Text><Symbol>;</Symbol><br/>
99<Normal Text> </Normal Text><Access Keys>allow</Access Keys><Normal Text> untrusted_app perfprofd_data_file</Normal Text><Symbol>:</Symbol><Class>dir</Class><Normal Text> r_dir_perms</Normal Text><Symbol>;</Symbol><br/>
100<Operator>}</Operator><Symbol>;</Symbol><br/>
101<Normal Text></Normal Text><br/>
102<Statements>sid</Statements><Normal Text> devnull </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>null_device_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><br/>
103<Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>sysfs</Filesystem><Normal Text> </Normal Text><Path>/devices/system/cpu/online</Path><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>cpu_online_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts>s0</File Contexts><Normal Text>)</Normal Text><br/>
104<Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>rootfs</Filesystem><Normal Text> </Normal Text><Path>/</Path><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>root_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts>s0</File Contexts><Normal Text>)</Normal Text><br/>
105<Normal Text></Normal Text><br/>
106<Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>proc</Filesystem><Normal Text> </Normal Text><Path>/cpuinfo</Path><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>proc_cpuinfo</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><br/>
107<Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>selinuxfs</Filesystem><Normal Text> </Normal Text><Path>/</Path><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>selinuxfs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><br/>
108<Statements>fs_use_trans</Statements><Normal Text> </Normal Text><Filesystem>devtmpfs</Filesystem><Normal Text> </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>device_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
109<Statements>fs_use_task</Statements><Normal Text> </Normal Text><Filesystem>pipefs</Filesystem><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>pipefs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
110<Statements>fs_use_xattr</Statements><Normal Text> </Normal Text><Filesystem>xfs</Filesystem><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>labeledfs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
111<Statements>fs_use_xattr</Statements><Normal Text> </Normal Text><Filesystem>btrfs</Filesystem><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>labeledfs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
112<Normal Text></Normal Text><br/>
113<Statements>portcon</Statements><Normal Text> tcp </Normal Text><Number>80</Number><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>http_port</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
114<Statements>portcon</Statements><Normal Text> udp </Normal Text><Number>1024</Number><Symbol>-</Symbol><Number>65535</Number><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>unreserved_port_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts> s0</File Contexts><Normal Text>)</Normal Text><Symbol>;</Symbol><br/>
115<Statements>netifcon</Statements><Normal Text> </Normal Text><M4 Special Arguments>$2</M4 Special Arguments><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><M4 Special Arguments>$1</M4 Special Arguments><Symbol>,</Symbol><M4 Special Arguments>$3</M4 Special Arguments><Normal Text>) </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>unlabeled_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><M4 Special Arguments>$3</M4 Special Arguments><Normal Text>)</Normal Text><Symbol>;</Symbol><br/>
116<Normal Text></Normal Text><br/>
117<Statements>nodecon</Statements><Normal Text> </Normal Text><IP Address>2001:0DB8:AC10:FE01::</IP Address><Normal Text> </Normal Text><IP Address>2001:0DE0:DA88:2222::</IP Address><Normal Text> </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>hello_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
118<Statements>nodecon</Statements><Normal Text> ipv4 </Normal Text><IP Address>127.0.0.2</IP Address><Normal Text> </Normal Text><IP Address>255.255.255.255</IP Address><Normal Text> </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>node_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/>
119<Normal Text></Normal Text><br/>
120<M4 Preprocessor>#line 118</M4 Preprocessor><br/>
121<Normal Text></Normal Text><br/>
122<Comment># Regular Expressions</Comment><br/>
123<M4 Built-in Keywords>regexp</M4 Built-in Keywords><Normal Text>(</Normal Text><Default M4 Quote>`</Default M4 Quote><Normal Text>Hello</Normal Text><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>!</RegExp Brackets Content><Special Char of Brackets>|</Special Char of Brackets><Escape Char>\^\^</Escape Char><RegExp Brackets>)</RegExp Brackets><Special Char>+</Special Char><Default M4 Quote>'</Default M4 Quote><Normal Text>, </Normal Text><Default M4 Quote>`</Default M4 Quote><br/>
124<Normal Text> </Normal Text><Special Char>^</Special Char><Escape Char>\s</Escape Char><Special Char>*</Special Char><RegExp Brackets>(</RegExp Brackets><Special Char of Brackets>?<hello></Special Char of Brackets><Escape Char>\.</Escape Char><RegExp Brackets>)</RegExp Brackets><br/>
125<Normal Text> </Normal Text><RegExp Brackets>(</RegExp Brackets><br/>
126<RegExp Brackets Content> hello</RegExp Brackets Content><RegExp Brackets>[</RegExp Brackets><Special Char of Brackets>^</Special Char of Brackets><Escape Char>\s\x12</Escape Char><RegExp Brackets Content>/</RegExp Brackets Content><RegExp Brackets>][</RegExp Brackets><RegExp Brackets Content>1-9</RegExp Brackets Content><RegExp Brackets>]</RegExp Brackets><Special Char>*</Special Char><Special Char of Brackets>|</Special Char of Brackets><RegExp Brackets Content> </RegExp Brackets Content><Comment> # Hello</Comment><br/>
127<RegExp Brackets Content> bye</RegExp Brackets Content><br/>
128<RegExp Brackets Content> </RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Escape Char>\s</Escape Char><Special Char>*$</Special Char><br/>
129<Default M4 Quote>'</Default M4 Quote><Normal Text>) </Normal Text><br/>
130<Text Quoted>"aa/aa</Text Quoted><RegExp Brackets>(</RegExp Brackets><Special Char of Brackets>?=</Special Char of Brackets><RegExp Brackets Content>sdf sdf</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>ds</Text Quoted><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>aa aa</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>df</Text Quoted><RegExp Brackets>[</RegExp Brackets><Special Char of Brackets>^</Special Char of Brackets><RegExp Brackets Content> a</RegExp Brackets Content><RegExp Brackets>]</RegExp Brackets><Text Quoted>"</Text Quoted><br/>
131<Text Quoted>"ope</Text Quoted><Text Quoted Open>n</Text Quoted Open><br/>
132<Text Quoted>"text\"</Text Quoted><Normal Text>aaa</Normal Text><br/>
133<Text Quoted>"filename\s\w\%(?=aa)aa"</Text Quoted><br/>
134<Text Quoted>"/path</Text Quoted><Escape Char>\s\w</Escape Char><RegExp Brackets>(</RegExp Brackets><Special Char of Brackets>?=</Special Char of Brackets><RegExp Brackets Content>aa</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>aa"</Text Quoted><br/>
135<Normal Text></Normal Text><br/>
136<File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>sen</File Contexts><Symbol>:</Symbol><File Contexts>cat</File Contexts><Symbol>:</Symbol><Normal Text>other</Normal Text><br/>
137<File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>sen</File Contexts><Symbol>:</Symbol><File Contexts>cat</File Contexts><Symbol> - </Symbol><File Contexts>sen</File Contexts><Symbol>:</Symbol><File Contexts>cat</File Contexts><Symbol>:</Symbol><Normal Text>other</Normal Text><br/>
138<File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>.</Symbol><File Contexts>s1</File Contexts><Symbol>:</Symbol><File Contexts>c0</File Contexts><Symbol> , </Symbol><File Contexts>c1</File Contexts><Symbol> - </Symbol><File Contexts>s2</File Contexts><Symbol>.</Symbol><File Contexts>s3</File Contexts><Symbol>:</Symbol><File Contexts>c2</File Contexts><Symbol>.</Symbol><File Contexts>c3</File Contexts><Symbol>,</Symbol><File Contexts>c4</File Contexts><Symbol>:</Symbol><Normal Text>other</Normal Text><br/>
139<File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>,</Symbol><Normal Text>other</Normal Text><br/>