#

# Authors:  Stephen Smalley <sds@epoch.ncsc.mil> and Timothy Fraser  

#

############################################

#

# Security types

#

# 

# security_t is the target type when checking

# the permissions in the security class.  It is also

# applied to selinuxfs inodes.

#

type security_t, mount_point, fs_type, mlstrustedobject;

dontaudit domain security_t:dir search;

dontaudit domain security_t:file { getattr read };

#

# policy_config_t is the type of /etc/security/selinux/*

# the security server policy configuration.

#

type policy_config_t, file_type, secadmfile;

# Since libselinux attempts to read these by default, most domains 

# do not need it.

dontaudit domain selinux_config_t:dir search;

dontaudit domain selinux_config_t:file { getattr read };

#

# policy_src_t is the type of the policy source

# files.

#

type policy_src_t, file_type, secadmfile;

#

# default_context_t is the type applied to 

# /etc/selinux/*/contexts/*

#

type default_context_t, file_type, login_contexts, secadmfile;

#

# file_context_t is the type applied to 

# /etc/selinux/*/contexts/files

#

type file_context_t, file_type, secadmfile;

#

# no_access_t is the type for objects that should

# only be accessed administratively. 

#

type no_access_t, file_type, sysadmfile;

#

# selinux_config_t is the type applied to 

# /etc/selinux/config

#

type selinux_config_t, file_type, secadmfile;