#

# Multi-Level Security translation table for SELinux

# 

# Uncomment the following to disable translation libary

# disable=1

#

# Objects can be labeled with one of 16 levels and be categorized with 0-1023 

# categories defined by the admin.

# Objects can be in more than one category at a time.

# Users can modify this table to translate the MLS labels for different purpose.

#

# Assumptions: using below MLS labels.

#  SystemLow

#  SystemHigh

#  Unclassified 

#  Secret with compartments A and B.

# 

# SystemLow and SystemHigh

s0=SystemLow

s15:c0.c1023=SystemHigh

s0-s15:c0.c1023=SystemLow-SystemHigh

# Unclassified level

s1=Unclassified

# Secret level with compartments

s2=Secret

s2:c0=A

s2:c1=B

# ranges for Unclassified

s0-s1=SystemLow-Unclassified

s1-s2=Unclassified-Secret

s1-s15:c0.c1023=Unclassified-SystemHigh

# ranges for Secret with compartments

s0-s2=SystemLow-Secret

s0-s2:c0=SystemLow-Secret:A

s0-s2:c1=SystemLow-Secret:B

s0-s2:c0,c1=SystemLow-Secret:AB

s1-s2:c0=Unclassified-Secret:A

s1-s2:c1=Unclassified-Secret:B

s1-s2:c0,c1=Unclassified-Secret:AB

s2-s2:c0=Secret-Secret:A

s2-s2:c1=Secret-Secret:B

s2-s2:c0,c1=Secret-Secret:AB

s2-s15:c0.c1023=Secret-SystemHigh

s2:c0-s2:c0,c1=Secret:A-Secret:AB

s2:c0-s15:c0.c1023=Secret:A-SystemHigh

s2:c1-s2:c0,c1=Secret:B-Secret:AB

s2:c1-s15:c0.c1023=Secret:B-SystemHigh

s2:c0,c1-s15:c0.c1023=Secret:AB-SystemHigh