1*2d543d20SAndroid Build Coastguard Worker; This is a dummy policy which main aim is to be compatible with test.log 2*2d543d20SAndroid Build Coastguard Worker 3*2d543d20SAndroid Build Coastguard Worker; Define one category and one sensitivity in order to make things work 4*2d543d20SAndroid Build Coastguard Worker(mls true) 5*2d543d20SAndroid Build Coastguard Worker(category c0) 6*2d543d20SAndroid Build Coastguard Worker(categoryorder (c0)) 7*2d543d20SAndroid Build Coastguard Worker(sensitivity s0) 8*2d543d20SAndroid Build Coastguard Worker(sensitivityorder (s0)) 9*2d543d20SAndroid Build Coastguard Worker(sensitivitycategory s0 (c0)) 10*2d543d20SAndroid Build Coastguard Worker 11*2d543d20SAndroid Build Coastguard Worker; Define some users and roles 12*2d543d20SAndroid Build Coastguard Worker(user system_u) 13*2d543d20SAndroid Build Coastguard Worker(user root) 14*2d543d20SAndroid Build Coastguard Worker(user unconfined_u) 15*2d543d20SAndroid Build Coastguard Worker(role system_r) 16*2d543d20SAndroid Build Coastguard Worker(role unconfined_r) 17*2d543d20SAndroid Build Coastguard Worker(userrole root system_r) 18*2d543d20SAndroid Build Coastguard Worker(userrole system_u system_r) 19*2d543d20SAndroid Build Coastguard Worker(userrole unconfined_u unconfined_r) 20*2d543d20SAndroid Build Coastguard Worker(userlevel system_u (s0)) 21*2d543d20SAndroid Build Coastguard Worker(userlevel root (s0)) 22*2d543d20SAndroid Build Coastguard Worker(userlevel unconfined_u (s0)) 23*2d543d20SAndroid Build Coastguard Worker(userrange system_u ((s0)(s0 (c0)))) 24*2d543d20SAndroid Build Coastguard Worker(userrange root ((s0)(s0 (c0)))) 25*2d543d20SAndroid Build Coastguard Worker(userrange unconfined_u ((s0)(s0 (c0)))) 26*2d543d20SAndroid Build Coastguard Worker 27*2d543d20SAndroid Build Coastguard Worker; Define domain types 28*2d543d20SAndroid Build Coastguard Worker(type automount_t) 29*2d543d20SAndroid Build Coastguard Worker(type ftpd_t) 30*2d543d20SAndroid Build Coastguard Worker(type httpd_t) 31*2d543d20SAndroid Build Coastguard Worker(type kernel_t) 32*2d543d20SAndroid Build Coastguard Worker(type nsplugin_t) 33*2d543d20SAndroid Build Coastguard Worker(type postfix_local_t) 34*2d543d20SAndroid Build Coastguard Worker(type qemu_t) 35*2d543d20SAndroid Build Coastguard Worker(type smbd_t) 36*2d543d20SAndroid Build Coastguard Worker 37*2d543d20SAndroid Build Coastguard Worker(roletype system_r automount_t) 38*2d543d20SAndroid Build Coastguard Worker(roletype system_r ftpd_t) 39*2d543d20SAndroid Build Coastguard Worker(roletype system_r httpd_t) 40*2d543d20SAndroid Build Coastguard Worker(roletype system_r kernel_t) 41*2d543d20SAndroid Build Coastguard Worker(roletype system_r postfix_local_t) 42*2d543d20SAndroid Build Coastguard Worker(roletype system_r qemu_t) 43*2d543d20SAndroid Build Coastguard Worker(roletype system_r smbd_t) 44*2d543d20SAndroid Build Coastguard Worker(roletype unconfined_r nsplugin_t) 45*2d543d20SAndroid Build Coastguard Worker 46*2d543d20SAndroid Build Coastguard Worker; Define file types 47*2d543d20SAndroid Build Coastguard Worker(type automount_lock_t) 48*2d543d20SAndroid Build Coastguard Worker(type default_t) 49*2d543d20SAndroid Build Coastguard Worker(type fixed_disk_device_t) 50*2d543d20SAndroid Build Coastguard Worker(type home_root_t) 51*2d543d20SAndroid Build Coastguard Worker(type httpd_sys_content_t) 52*2d543d20SAndroid Build Coastguard Worker(type httpd_sys_script_exec_t) 53*2d543d20SAndroid Build Coastguard Worker(type mail_spool_t) 54*2d543d20SAndroid Build Coastguard Worker(type ssh_home_t) 55*2d543d20SAndroid Build Coastguard Worker(type usr_t) 56*2d543d20SAndroid Build Coastguard Worker(type var_t) 57*2d543d20SAndroid Build Coastguard Worker 58*2d543d20SAndroid Build Coastguard Worker; Define port types 59*2d543d20SAndroid Build Coastguard Worker(type mysqld_port_t) 60*2d543d20SAndroid Build Coastguard Worker(type reserved_port_t) 61*2d543d20SAndroid Build Coastguard Worker 62*2d543d20SAndroid Build Coastguard Worker; Define initial SID 63*2d543d20SAndroid Build Coastguard Worker(sid kernel) 64*2d543d20SAndroid Build Coastguard Worker(sidorder (kernel)) 65*2d543d20SAndroid Build Coastguard Worker(sidcontext kernel (system_u system_r kernel_t ((s0) (s0)))) 66*2d543d20SAndroid Build Coastguard Worker 67*2d543d20SAndroid Build Coastguard Worker; Define classes 68*2d543d20SAndroid Build Coastguard Worker(class blk_file (getattr open read write)) 69*2d543d20SAndroid Build Coastguard Worker(class dir (append open search)) 70*2d543d20SAndroid Build Coastguard Worker(class file (execute execute_no_trans getattr open read write)) 71*2d543d20SAndroid Build Coastguard Worker(class tcp_socket (ioctl name_bind name_connect)) 72*2d543d20SAndroid Build Coastguard Worker(classorder (blk_file file dir tcp_socket)) 73*2d543d20SAndroid Build Coastguard Worker 74*2d543d20SAndroid Build Coastguard Worker; The policy compiler requires at least one rule 75*2d543d20SAndroid Build Coastguard Worker(allow kernel_t default_t (file (open read write))) 76