Changeset View
Changeset View
Standalone View
Standalone View
autotests/reference/test.te.ref
- This file was added.
1 | <Comment># Sample SELinux Policy</Comment><br/> | ||||
---|---|---|---|---|---|
2 | <Normal Text></Normal Text><br/> | ||||
3 | <Documentation>## </Documentation><Doc. Element Tag><summary></Doc. Element Tag><br/> | ||||
4 | <Documentation>## Sample SELinux Policy</Documentation><br/> | ||||
5 | <Documentation>## </Documentation><Doc. Element Tag></summary></Doc. Element Tag><br/> | ||||
6 | <Documentation>## </Documentation><Doc. Element Tag><desc></Doc. Element Tag><br/> | ||||
7 | <Documentation>## </Documentation><Doc. Element Tag><p></Doc. Element Tag><br/> | ||||
8 | <Documentation>## This module is not functional,</Documentation><br/> | ||||
9 | <Documentation>## but only to test the syntax highlighting.</Documentation><br/> | ||||
10 | <Documentation>## </Documentation><Doc. Element Tag></p></Doc. Element Tag><br/> | ||||
11 | <Documentation>## </Documentation><Doc. Element Tag></desc></Doc. Element Tag><br/> | ||||
12 | <Documentation>## </Documentation><Doc. Element Tag><required</Doc. Element Tag><Doc. Attribute> val</Doc. Attribute><Documentation>=</Documentation><Doc. Value>"true"</Doc. Value><Doc. Element Tag>></Doc. Element Tag><br/> | ||||
13 | <Documentation>## Depended on by other required modules.</Documentation><br/> | ||||
14 | <Documentation>## </Documentation><Doc. Element Tag></required></Doc. Element Tag><br/> | ||||
15 | <Normal Text></Normal Text><br/> | ||||
16 | <Policy Config. Statements>policycap</Policy Config. Statements><Normal Text> </Normal Text><Policy Capability>open_perms</Policy Capability><Symbol>;</Symbol><br/> | ||||
17 | <Statements>module</Statements><Normal Text> myapp </Normal Text><Number>1.0</Number><Symbol>;</Symbol><br/> | ||||
18 | <Normal Text></Normal Text><br/> | ||||
19 | <Statements>require</Statements><Normal Text> </Normal Text><Operator>{</Operator><br/> | ||||
20 | <Normal Text> </Normal Text><Statements>type</Statements><Normal Text> httpd_t</Normal Text><Symbol>;</Symbol><br/> | ||||
21 | <Normal Text> </Normal Text><Statements>type</Statements><Normal Text> httpd_sys_content_t</Normal Text><Symbol>;</Symbol><br/> | ||||
22 | <Normal Text> </Normal Text><Statements>type</Statements><Normal Text> initrc_t</Normal Text><Symbol>;</Symbol><br/> | ||||
23 | <Normal Text> </Normal Text><Statements>class</Statements><Normal Text> sock_file </Normal Text><AV Permissions>write</AV Permissions><Symbol>;</Symbol><br/> | ||||
24 | <Normal Text> </Normal Text><Statements>class</Statements><Normal Text> unix_stream_socket </Normal Text><AV Permissions>connectto</AV Permissions><Symbol>;</Symbol><br/> | ||||
25 | <Operator>}</Operator><br/> | ||||
26 | <Normal Text></Normal Text><br/> | ||||
27 | <Access Keys>allow</Access Keys><Normal Text> httpd_t httpd_sys_content_t</Normal Text><Symbol>:</Symbol><Class>sock_file</Class><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Symbol>;</Symbol><br/> | ||||
28 | <Access Keys>allow</Access Keys><Normal Text> httpd_t initrc_t</Normal Text><Symbol>:</Symbol><Class>unix_stream_socket</Class><Normal Text> </Normal Text><AV Permissions>connectto</AV Permissions><Symbol>;</Symbol><br/> | ||||
29 | <Normal Text></Normal Text><br/> | ||||
30 | <Comment># Refpolicy</Comment><br/> | ||||
31 | <Refpolicy Keywords>tunable_policy</Refpolicy Keywords><Normal Text>(</Normal Text><Text Quoted>`allow_execmem'</Text Quoted><Symbol>,</Symbol><Default M4 Quote>`</Default M4 Quote><br/> | ||||
32 | <Normal Text> </Normal Text><Path>/usr/share/holas</Path><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>/</RegExp Brackets Content><Special Char>.*</Special Char><RegExp Brackets>)</RegExp Brackets><Special Char>?</Special Char><Reserved Keywords> --</Reserved Keywords><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>holas_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts>s0</File Contexts><Symbol>,</Symbol><File Contexts>fdf</File Contexts><Symbol>,</Symbol><File Contexts>df</File Contexts><Normal Text>)</Normal Text><Symbol>;</Symbol><br/> | ||||
33 | <Default M4 Quote>'</Default M4 Quote><Normal Text>)</Normal Text><br/> | ||||
34 | <Comment># M4 Macros</Comment><br/> | ||||
35 | <M4 Built-in Keywords>regexp</M4 Built-in Keywords><Normal Text>(</Normal Text><Text Quoted>`GNUs not Unix'</Text Quoted><Normal Text>, </Normal Text><Default M4 Quote>`</Default M4 Quote><Escape Char>\w\(\w</Escape Char><Special Char>+</Special Char><Escape Char>\)</Escape Char><Special Char>$</Special Char><Default M4 Quote>'</Default M4 Quote><Normal Text>, </Normal Text><Default M4 Quote>`</Default M4 Quote><Special Char>***</Special Char><Normal Text> </Normal Text><Escape Char>\&</Escape Char><Normal Text> </Normal Text><Special Char>***</Special Char><Normal Text> </Normal Text><Escape Char>\1</Escape Char><Normal Text> </Normal Text><Special Char>***</Special Char><Default M4 Quote>'</Default M4 Quote><Normal Text>)</Normal Text><br/> | ||||
36 | <M4 Built-in Keywords>ifdef</M4 Built-in Keywords><Normal Text>(</Normal Text><Text Quoted>`distro_ubuntu'</Text Quoted><Symbol>,</Symbol><Default M4 Quote>`</Default M4 Quote><br/> | ||||
37 | <Normal Text> </Normal Text><Function>unconfined_domain</Function><Normal Text>(chkpwd_t)</Normal Text><br/> | ||||
38 | <Default M4 Quote>'</Default M4 Quote><Normal Text>)</Normal Text><br/> | ||||
39 | <Normal Text></Normal Text><br/> | ||||
40 | <Statements>dominance</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><Function>gen_dominance</Function><Normal Text>(</Normal Text><Number>0</Number><Symbol>,</Symbol><M4 Built-in Keywords>decr</M4 Built-in Keywords><Normal Text>(</Normal Text><M4 Special Arguments>$1</M4 Special Arguments><Normal Text>)) </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
41 | <Access Keys>neverallow</Access Keys><Normal Text> </Normal Text><Input Selector>user</Input Selector><Symbol>=</Symbol><Normal Text>_isolated </Normal Text><Input Selector>domain</Input Selector><Symbol>=</Symbol><RegExp Brackets>((</RegExp Brackets><Special Char of Brackets>?!</Special Char of Brackets><RegExp Brackets Content>isolated_app</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Special Char>.</Special Char><RegExp Brackets>)</RegExp Brackets><Special Char>*</Special Char><br/> | ||||
42 | <Normal Text></Normal Text><br/> | ||||
43 | <Access Keys>allow</Access Keys><Normal Text> consoletype_t </Normal Text><Special Keys>self</Special Keys><Symbol>:</Symbol><Class>capability</Class><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>sys_admin</AV Permissions><Normal Text> </Normal Text><AV Permissions>sys_tty_config</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
44 | <Access Keys>allow</Access Keys><Normal Text> consoletype_t </Normal Text><Special Keys>self</Special Keys><Symbol>:</Symbol><Class>msg</Class><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>send</AV Permissions><Normal Text> </Normal Text><AV Permissions>receive</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
45 | <Normal Text></Normal Text><br/> | ||||
46 | <Comment># sample for administrative user</Comment><br/> | ||||
47 | <Statements>user</Statements><Normal Text> jadmin </Normal Text><Statements>roles</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> staff_r sysadm_r </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
48 | <Comment># sample for regular user</Comment><br/> | ||||
49 | <Statements>user</Statements><Normal Text> jdoe </Normal Text><Statements>roles</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> user_r </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
50 | <Normal Text></Normal Text><br/> | ||||
51 | <Statements>default_user</Statements><Normal Text> process </Normal Text><Reserved Keywords>source</Reserved Keywords><Symbol>;</Symbol><br/> | ||||
52 | <Statements>default_range</Statements><Normal Text> process </Normal Text><Reserved Keywords>source</Reserved Keywords><Normal Text> </Normal Text><Range>low</Range><Symbol>;</Symbol><br/> | ||||
53 | <Normal Text></Normal Text><br/> | ||||
54 | <Statements>sid</Statements><Normal Text> devnull</Normal Text><Symbol>;</Symbol><br/> | ||||
55 | <Statements>sid</Statements><Normal Text> sysctl</Normal Text><Symbol>;</Symbol><br/> | ||||
56 | <Normal Text></Normal Text><br/> | ||||
57 | <Statements>common</Statements><Normal Text> file </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Normal Text> </Normal Text><AV Permissions>create</AV Permissions><Normal Text> </Normal Text><AV Permissions>getattr</AV Permissions><Normal Text> </Normal Text><AV Permissions>setattr</AV Permissions><Normal Text> </Normal Text><AV Permissions>lock</AV Permissions><Normal Text> </Normal Text><AV Permissions>relabelfrom</AV Permissions><Normal Text> </Normal Text><AV Permissions>relabelto</AV Permissions><Normal Text> </Normal Text><AV Permissions>append</AV Permissions><Normal Text> </Normal Text><AV Permissions>map</AV Permissions><Normal Text> </Normal Text><AV Permissions>unlink</AV Permissions><Normal Text> </Normal Text><AV Permissions>link</AV Permissions><Normal Text> </Normal Text><AV Permissions>rename</AV Permissions><Normal Text> </Normal Text><AV Permissions>execute</AV Permissions><Normal Text> </Normal Text><AV Permissions>swapon</AV Permissions><Normal Text> </Normal Text><AV Permissions>quotaon</AV Permissions><Normal Text> </Normal Text><AV Permissions>mounton</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
58 | <Statements>class</Statements><Normal Text> dir </Normal Text><Statements>inherits</Statements><Normal Text> file </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>add_name</AV Permissions><Normal Text> </Normal Text><AV Permissions>remove_name</AV Permissions><Normal Text> </Normal Text><AV Permissions>reparent</AV Permissions><Normal Text> </Normal Text><AV Permissions>search</AV Permissions><Normal Text> </Normal Text><AV Permissions>rmdir</AV Permissions><Normal Text> </Normal Text><AV Permissions>open</AV Permissions><Normal Text> </Normal Text><AV Permissions>audit_access</AV Permissions><Normal Text> </Normal Text><AV Permissions>execmod</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
59 | <Statements>class</Statements><Normal Text> class</Normal Text><Symbol>;</Symbol><br/> | ||||
60 | <Normal Text></Normal Text><br/> | ||||
61 | <Statements>sensitivity</Statements><Normal Text> s0 </Normal Text><Statements>alias</Statements><Normal Text> sens0</Normal Text><Symbol>;</Symbol><br/> | ||||
62 | <Statements>category</Statements><Normal Text> c0 </Normal Text><Statements>alias</Statements><Normal Text> cat0</Normal Text><Symbol>;</Symbol><br/> | ||||
63 | <Normal Text></Normal Text><br/> | ||||
64 | <Statements>mlsconstrain</Statements><Normal Text> dir </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>search</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>lock</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><br/> | ||||
65 | <Normal Text> (( </Normal Text><Special Keys>h1</Special Keys><Normal Text> </Normal Text><Expression Keys>dom</Expression Keys><Normal Text> </Normal Text><Special Keys>h2</Special Keys><Normal Text> ) </Normal Text><Expression Keys>or</Expression Keys><Normal Text> ( </Normal Text><Special Keys>t1</Special Keys><Normal Text> </Normal Text><Boolean Operators>==</Boolean Operators><Normal Text> mcsreadall ) </Normal Text><Expression Keys>or</Expression Keys><br/> | ||||
66 | <Normal Text> (( </Normal Text><Special Keys>t1</Special Keys><Normal Text> </Normal Text><Boolean Operators>!=</Boolean Operators><Normal Text> mcs_constrained_type ) </Normal Text><Expression Keys>and</Expression Keys><Normal Text> (</Normal Text><Special Keys>t2</Special Keys><Normal Text> </Normal Text><Boolean Operators>==</Boolean Operators><Normal Text> domain)))</Normal Text><Symbol>;</Symbol><br/> | ||||
67 | <Normal Text></Normal Text><br/> | ||||
68 | <Statements>attribute_role</Statements><Normal Text> dpkg_roles</Normal Text><Symbol>;</Symbol><br/> | ||||
69 | <Statements>roleattribute</Statements><Normal Text> system_r dpkg_roles</Normal Text><Symbol>;</Symbol><br/> | ||||
70 | <Normal Text></Normal Text><br/> | ||||
71 | <Statements>role</Statements><Normal Text> system_r </Normal Text><Statements>types</Statements><Normal Text> system_t</Normal Text><Symbol>;</Symbol><br/> | ||||
72 | <Statements>role_transition</Statements><Normal Text> hello init_script_file_type system_r</Normal Text><Symbol>;</Symbol><br/> | ||||
73 | <Normal Text></Normal Text><br/> | ||||
74 | <Statements>level</Statements><Normal Text> </Normal Text><MLS/MCS Level/Range>s0</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c0</MLS/MCS Level/Range><Symbol>;</Symbol><br/> | ||||
75 | <Statements>user</Statements><Normal Text> user_u </Normal Text><Statements>roles</Statements><Normal Text> role_r </Normal Text><Statements>level</Statements><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c1</MLS/MCS Level/Range><Normal Text> </Normal Text><Statements>range</Statements><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c1</MLS/MCS Level/Range><Symbol> - </Symbol><MLS/MCS Level/Range>s2</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c2</MLS/MCS Level/Range><Symbol>;</Symbol><br/> | ||||
76 | <Statements>range_transition</Statements><Normal Text> initrc_t auditd_exec_t</Normal Text><Symbol>:</Symbol><Class>process</Class><Normal Text> </Normal Text><MLS/MCS Level/Range>s15</MLS/MCS Level/Range><Symbol>:</Symbol><MLS/MCS Level/Range>c0</MLS/MCS Level/Range><Symbol>.</Symbol><MLS/MCS Level/Range>c255</MLS/MCS Level/Range><Symbol> - </Symbol><MLS/MCS Level/Range>s20</MLS/MCS Level/Range><Symbol>;</Symbol><br/> | ||||
77 | <Statements>range_transition</Statements><Normal Text> source target</Normal Text><Symbol>:</Symbol><Class>class</Class><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Symbol> - </Symbol><MLS/MCS Level/Range>s2</MLS/MCS Level/Range><Normal Text> dsd</Normal Text><Symbol>;</Symbol><br/> | ||||
78 | <Statements>range_transition</Statements><Normal Text> source target</Normal Text><Symbol>:</Symbol><Class>class</Class><Normal Text> </Normal Text><MLS/MCS Level/Range>s1</MLS/MCS Level/Range><Normal Text> </Normal Text><Symbol>;</Symbol><br/> | ||||
79 | <Normal Text></Normal Text><br/> | ||||
80 | <Statements>attribute</Statements><Normal Text> filesystem_type</Normal Text><Symbol>;</Symbol><br/> | ||||
81 | <Statements>type</Statements><Normal Text> dhcp_etc_t</Normal Text><Symbol>;</Symbol><br/> | ||||
82 | <Statements>typealias</Statements><Normal Text> dhcp_etc_t </Normal Text><Statements>ALIAS</Statements><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> etc_dhcp_t etc_dhcpc_t etc_dhcpd_t </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
83 | <Normal Text></Normal Text><br/> | ||||
84 | <Statements>bool</Statements><Normal Text> le_boolean </Normal Text><Booleans>true</Booleans><Symbol>;</Symbol><br/> | ||||
85 | <Statements>TUNABLE</Statements><Normal Text> allow_java_execstack </Normal Text><Booleans>false</Booleans><Symbol>;</Symbol><br/> | ||||
86 | <Normal Text></Normal Text><br/> | ||||
87 | <Statements>type_transition</Statements><Normal Text> root_xdrawable_t input_xevent_t</Normal Text><Symbol>:</Symbol><Class>x_event</Class><Normal Text> root_input_xevent_t</Normal Text><Symbol>;</Symbol><br/> | ||||
88 | <Access Keys>AUDITALLOW</Access Keys><Normal Text> xserver_t </Normal Text><Operator>{</Operator><Normal Text> root_xdrawable_t x_domain </Normal Text><Operator>}</Operator><Symbol>:</Symbol><Class>x_drawable</Class><Normal Text> </Normal Text><AV Permissions>send</AV Permissions><Symbol>;</Symbol><br/> | ||||
89 | <Normal Text></Normal Text><br/> | ||||
90 | <Statements>optional</Statements><Normal Text> </Normal Text><Operator>{</Operator><br/> | ||||
91 | <Normal Text> </Normal Text><Access Keys>neverallow</Access Keys><Normal Text> untrusted_app </Normal Text><Special Char>*</Special Char><Symbol>:</Symbol><Operator>{</Operator><Normal Text> netlink_route_socket netlink_selinux_socket </Normal Text><Operator>}</Operator><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Symbol>;</Symbol><br/> | ||||
92 | <Normal Text> </Normal Text><Access Keys>neverallowxperm</Access Keys><Normal Text> shell domain</Normal Text><Symbol>:</Symbol><Operator>{</Operator><Normal Text> rawip_socket tcp_socket udp_socket </Normal Text><Operator>}</Operator><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> priv_sock_ioctls</Normal Text><Symbol>;</Symbol><br/> | ||||
93 | <Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
94 | <Normal Text></Normal Text><br/> | ||||
95 | <Statements>if</Statements><Normal Text> le_boolean </Normal Text><Operator>{</Operator><br/> | ||||
96 | <Normal Text> </Normal Text><Access Keys>DONTAUDIT</Access Keys><Normal Text> untrusted_app asec_public_file</Normal Text><Symbol>:</Symbol><Class>file</Class><Normal Text> </Normal Text><Operator>{</Operator><Normal Text> </Normal Text><AV Permissions>execute</AV Permissions><Normal Text> </Normal Text><AV Permissions>execmod</AV Permissions><Normal Text> </Normal Text><Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
97 | <Operator>}</Operator><Normal Text> </Normal Text><Statements>else</Statements><Normal Text> </Normal Text><Operator>{</Operator><br/> | ||||
98 | <Normal Text> </Normal Text><Access Keys>ALLOW</Access Keys><Normal Text> untrusted_app perfprofd_data_file</Normal Text><Symbol>:</Symbol><Class>file</Class><Normal Text> r_file_perms</Normal Text><Symbol>;</Symbol><br/> | ||||
99 | <Normal Text> </Normal Text><Access Keys>allow</Access Keys><Normal Text> untrusted_app perfprofd_data_file</Normal Text><Symbol>:</Symbol><Class>dir</Class><Normal Text> r_dir_perms</Normal Text><Symbol>;</Symbol><br/> | ||||
100 | <Operator>}</Operator><Symbol>;</Symbol><br/> | ||||
101 | <Normal Text></Normal Text><br/> | ||||
102 | <Statements>sid</Statements><Normal Text> devnull </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>null_device_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><br/> | ||||
103 | <Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>sysfs</Filesystem><Normal Text> </Normal Text><Path>/devices/system/cpu/online</Path><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>cpu_online_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts>s0</File Contexts><Normal Text>)</Normal Text><br/> | ||||
104 | <Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>rootfs</Filesystem><Normal Text> </Normal Text><Path>/</Path><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>root_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts>s0</File Contexts><Normal Text>)</Normal Text><br/> | ||||
105 | <Normal Text></Normal Text><br/> | ||||
106 | <Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>proc</Filesystem><Normal Text> </Normal Text><Path>/cpuinfo</Path><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>proc_cpuinfo</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><br/> | ||||
107 | <Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>selinuxfs</Filesystem><Normal Text> </Normal Text><Path>/</Path><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>selinuxfs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><br/> | ||||
108 | <Statements>fs_use_trans</Statements><Normal Text> </Normal Text><Filesystem>devtmpfs</Filesystem><Normal Text> </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>device_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
109 | <Statements>fs_use_task</Statements><Normal Text> </Normal Text><Filesystem>pipefs</Filesystem><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>pipefs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
110 | <Statements>fs_use_xattr</Statements><Normal Text> </Normal Text><Filesystem>xfs</Filesystem><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>labeledfs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
111 | <Statements>fs_use_xattr</Statements><Normal Text> </Normal Text><Filesystem>btrfs</Filesystem><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>labeledfs</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
112 | <Normal Text></Normal Text><br/> | ||||
113 | <Statements>portcon</Statements><Normal Text> tcp </Normal Text><Number>80</Number><Normal Text> </Normal Text><File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>http_port</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
114 | <Statements>portcon</Statements><Normal Text> udp </Normal Text><Number>1024</Number><Symbol>-</Symbol><Number>65535</Number><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>unreserved_port_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><File Contexts> s0</File Contexts><Normal Text>)</Normal Text><Symbol>;</Symbol><br/> | ||||
115 | <Statements>netifcon</Statements><Normal Text> </Normal Text><M4 Special Arguments>$2</M4 Special Arguments><Normal Text> </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><M4 Special Arguments>$1</M4 Special Arguments><Symbol>,</Symbol><M4 Special Arguments>$3</M4 Special Arguments><Normal Text>) </Normal Text><Refpolicy Keywords>gen_context</Refpolicy Keywords><Normal Text>(</Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>unlabeled_t</File Contexts (Type Enforcement)><Symbol>,</Symbol><M4 Special Arguments>$3</M4 Special Arguments><Normal Text>)</Normal Text><Symbol>;</Symbol><br/> | ||||
116 | <Normal Text></Normal Text><br/> | ||||
117 | <Statements>nodecon</Statements><Normal Text> </Normal Text><IP Address>2001:0DB8:AC10:FE01::</IP Address><Normal Text> </Normal Text><IP Address>2001:0DE0:DA88:2222::</IP Address><Normal Text> </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>hello_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
118 | <Statements>nodecon</Statements><Normal Text> ipv4 </Normal Text><IP Address>127.0.0.2</IP Address><Normal Text> </Normal Text><IP Address>255.255.255.255</IP Address><Normal Text> </Normal Text><File Contexts>system_u</File Contexts><Symbol>:</Symbol><File Contexts>object_r</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>node_t</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>;</Symbol><br/> | ||||
119 | <Normal Text></Normal Text><br/> | ||||
120 | <M4 Preprocessor>#line 118</M4 Preprocessor><br/> | ||||
121 | <Normal Text></Normal Text><br/> | ||||
122 | <Comment># Regular Expressions</Comment><br/> | ||||
123 | <M4 Built-in Keywords>regexp</M4 Built-in Keywords><Normal Text>(</Normal Text><Default M4 Quote>`</Default M4 Quote><Normal Text>Hello</Normal Text><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>!</RegExp Brackets Content><Special Char of Brackets>|</Special Char of Brackets><Escape Char>\^\^</Escape Char><RegExp Brackets>)</RegExp Brackets><Special Char>+</Special Char><Default M4 Quote>'</Default M4 Quote><Normal Text>, </Normal Text><Default M4 Quote>`</Default M4 Quote><br/> | ||||
124 | <Normal Text> </Normal Text><Special Char>^</Special Char><Escape Char>\s</Escape Char><Special Char>*</Special Char><RegExp Brackets>(</RegExp Brackets><Special Char of Brackets>?<hello></Special Char of Brackets><Escape Char>\.</Escape Char><RegExp Brackets>)</RegExp Brackets><br/> | ||||
125 | <Normal Text> </Normal Text><RegExp Brackets>(</RegExp Brackets><br/> | ||||
126 | <RegExp Brackets Content> hello</RegExp Brackets Content><RegExp Brackets>[</RegExp Brackets><Special Char of Brackets>^</Special Char of Brackets><Escape Char>\s\x12</Escape Char><RegExp Brackets Content>/</RegExp Brackets Content><RegExp Brackets>][</RegExp Brackets><RegExp Brackets Content>1-9</RegExp Brackets Content><RegExp Brackets>]</RegExp Brackets><Special Char>*</Special Char><Special Char of Brackets>|</Special Char of Brackets><RegExp Brackets Content> </RegExp Brackets Content><Comment> # Hello</Comment><br/> | ||||
127 | <RegExp Brackets Content> bye</RegExp Brackets Content><br/> | ||||
128 | <RegExp Brackets Content> </RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Escape Char>\s</Escape Char><Special Char>*$</Special Char><br/> | ||||
129 | <Default M4 Quote>'</Default M4 Quote><Normal Text>) </Normal Text><br/> | ||||
130 | <Text Quoted>"aa/aa</Text Quoted><RegExp Brackets>(</RegExp Brackets><Special Char of Brackets>?=</Special Char of Brackets><RegExp Brackets Content>sdf sdf</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>ds</Text Quoted><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>aa aa</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>df</Text Quoted><RegExp Brackets>[</RegExp Brackets><Special Char of Brackets>^</Special Char of Brackets><RegExp Brackets Content> a</RegExp Brackets Content><RegExp Brackets>]</RegExp Brackets><Text Quoted>"</Text Quoted><br/> | ||||
131 | <Text Quoted>"ope</Text Quoted><Text Quoted Open>n</Text Quoted Open><br/> | ||||
132 | <Text Quoted>"text\"</Text Quoted><Normal Text>aaa</Normal Text><br/> | ||||
133 | <Text Quoted>"filename\s\w\%(?=aa)aa"</Text Quoted><br/> | ||||
134 | <Text Quoted>"/path</Text Quoted><Escape Char>\s\w</Escape Char><RegExp Brackets>(</RegExp Brackets><Special Char of Brackets>?=</Special Char of Brackets><RegExp Brackets Content>aa</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>aa"</Text Quoted><br/> | ||||
135 | <Normal Text></Normal Text><br/> | ||||
136 | <File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>sen</File Contexts><Symbol>:</Symbol><File Contexts>cat</File Contexts><Symbol>:</Symbol><Normal Text>other</Normal Text><br/> | ||||
137 | <File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>sen</File Contexts><Symbol>:</Symbol><File Contexts>cat</File Contexts><Symbol> - </Symbol><File Contexts>sen</File Contexts><Symbol>:</Symbol><File Contexts>cat</File Contexts><Symbol>:</Symbol><Normal Text>other</Normal Text><br/> | ||||
138 | <File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>.</Symbol><File Contexts>s1</File Contexts><Symbol>:</Symbol><File Contexts>c0</File Contexts><Symbol> , </Symbol><File Contexts>c1</File Contexts><Symbol> - </Symbol><File Contexts>s2</File Contexts><Symbol>.</Symbol><File Contexts>s3</File Contexts><Symbol>:</Symbol><File Contexts>c2</File Contexts><Symbol>.</Symbol><File Contexts>c3</File Contexts><Symbol>,</Symbol><File Contexts>c4</File Contexts><Symbol>:</Symbol><Normal Text>other</Normal Text><br/> | ||||
139 | <File Contexts>u</File Contexts><Symbol>:</Symbol><File Contexts>role</File Contexts><Symbol>:</Symbol><File Contexts (Type Enforcement)>type</File Contexts (Type Enforcement)><Symbol>:</Symbol><File Contexts>s0</File Contexts><Symbol>,</Symbol><Normal Text>other</Normal Text><br/> |