|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
e02c61 |
/.* gen_context(system_u:object_r:default_t,s0)
|
|
Chris PeBenito |
e02c61 |
/ -d gen_context(system_u:object_r:root_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/\.journal <<none>>
|
|
Chris PeBenito |
1c1ac6 |
/initrd\.img.* -l gen_context(system_u:object_r:boot_t,s0)
|
|
Chris PeBenito |
1c1ac6 |
/vmlinuz.* -l gen_context(system_u:object_r:boot_t,s0)
|
|
Chris PeBenito |
9c6feb |
|
|
Chris PeBenito |
0907bd |
ifdef(`distro_redhat',`
|
|
Chris PeBenito |
e02c61 |
/\.autofsck -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/\.autorelabel -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
465510 |
/\.suspended -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/fastboot -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/forcefsck -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/fsckoptions -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/halt -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/poweroff -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
0907bd |
')
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
9c6feb |
ifdef(`distro_suse',`
|
|
Chris PeBenito |
693d4a |
/success -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
9c6feb |
')
|
|
Chris PeBenito |
9c6feb |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /boot
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/boot -d gen_context(system_u:object_r:boot_t,s0)
|
|
Chris PeBenito |
abc73a |
/boot/.* gen_context(system_u:object_r:boot_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/boot/\.journal <<none>>
|
|
Chris PeBenito |
e070dd |
/boot/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/boot/lost\+found/.* <<none>>
|
|
Chris PeBenito |
1c1ac6 |
/boot/System\.map(-.*)? -- gen_context(system_u:object_r:system_map_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
9c6feb |
# /emul
|
|
Chris PeBenito |
9c6feb |
#
|
|
Chris PeBenito |
abc73a |
/emul -d gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
abc73a |
/emul/.* gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
9c6feb |
|
|
Chris PeBenito |
9c6feb |
#
|
|
Chris PeBenito |
f8ec0a |
# /etc
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/etc -d gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
abc73a |
/etc/.* gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/\.fstab\.hal\..+ -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/asound\.state -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
a3cf80 |
/etc/blkid(/.*)? gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/fstab\.REVOKE -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/HOSTNAME -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
693d4a |
/etc/ioctl\.save -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/issue -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/issue\.net -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/localtime -l gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/mtab -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/motd -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/nohotplug -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/nologin.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
eac818 |
/etc/reader.conf -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
693d4a |
/etc/smartd\.conf.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
|
|
Chris PeBenito |
ef5ca0 |
/etc/cups/client\.conf -- gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
ef5ca0 |
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/etc/ipsec\.d/examples(/.*)? gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
11633b |
|
|
Chris PeBenito |
e02c61 |
/etc/network/ifstate -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
eeb255 |
|
|
Chris PeBenito |
e02c61 |
/etc/ptal/ptal-printd-like -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/etc/sysconfig/hwconf -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/sysconfig/iptables\.save -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/sysconfig/firstboot -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
ifdef(`distro_gentoo', `
|
|
Chris PeBenito |
e02c61 |
/etc/profile\.env -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/csh\.env -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
e02c61 |
/etc/env\.d/.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
f8ec0a |
')
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
9c6feb |
ifdef(`distro_redhat',`
|
|
Chris PeBenito |
9c6feb |
/etc/rhgb(/.*)? -d gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
9c6feb |
')
|
|
Chris PeBenito |
9c6feb |
|
|
Chris PeBenito |
9c6feb |
ifdef(`distro_suse',`
|
|
Chris PeBenito |
9c6feb |
/etc/defkeymap\.map -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
9c6feb |
/etc/init\.d/\.depend.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
|
|
Chris PeBenito |
9c6feb |
')
|
|
Chris PeBenito |
9c6feb |
|
|
Chris PeBenito |
9c6feb |
#
|
|
Chris PeBenito |
9c6feb |
# HOME_ROOT
|
|
Chris PeBenito |
9c6feb |
# expanded by genhomedircon
|
|
Chris PeBenito |
9c6feb |
#
|
|
Chris PeBenito |
e070dd |
HOME_ROOT -d gen_context(system_u:object_r:home_root_t,s0-mls_systemhigh)
|
|
Chris PeBenito |
5d3156 |
HOME_ROOT/\.journal <<none>>
|
|
Chris PeBenito |
e070dd |
HOME_ROOT/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
bf080a |
HOME_ROOT/lost\+found/.* <<none>>
|
|
Chris PeBenito |
5d3156 |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /initrd
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# initrd mount point, only used during boot
|
|
Chris PeBenito |
e02c61 |
/initrd -d gen_context(system_u:object_r:root_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
1c1ac6 |
# /lib(64)?
|
|
Chris PeBenito |
1c1ac6 |
#
|
|
Chris PeBenito |
abc73a |
/lib/modules(/.*)? gen_context(system_u:object_r:modules_object_t,s0)
|
|
Chris PeBenito |
abc73a |
/lib64/modules(/.*)? gen_context(system_u:object_r:modules_object_t,s0)
|
|
Chris PeBenito |
1c1ac6 |
|
|
Chris PeBenito |
1c1ac6 |
#
|
|
Chris PeBenito |
f8ec0a |
# /lost+found
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
e070dd |
/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/lost\+found/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /media
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# Mount points; do not relabel subdirectories, since
|
|
Chris PeBenito |
f8ec0a |
# we don't want to change any removable media by default.
|
|
Chris PeBenito |
13d7ce |
/media(/[^/]*) -l gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
e02c61 |
/media(/[^/]*)? -d gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/media/[^/]*/.* <<none>>
|
|
Chris PeBenito |
d9845a |
/media/\.hal-.* -- gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
a52492 |
# /misc
|
|
Chris PeBenito |
a52492 |
#
|
|
Chris PeBenito |
a52492 |
/misc -d gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
a52492 |
|
|
Chris PeBenito |
a52492 |
#
|
|
Chris PeBenito |
f8ec0a |
# /mnt
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
13d7ce |
/mnt(/[^/]*) -l gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
e02c61 |
/mnt(/[^/]*)? -d gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/mnt/[^/]*/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
51a89c |
# /net
|
|
Chris PeBenito |
51a89c |
#
|
|
Chris PeBenito |
51a89c |
/net -d gen_context(system_u:object_r:mnt_t,s0)
|
|
Chris PeBenito |
51a89c |
|
|
Chris PeBenito |
51a89c |
#
|
|
Chris PeBenito |
f8ec0a |
# /opt
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/opt -d gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
abc73a |
/opt/.* gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
abc73a |
/opt/(.*/)?var/lib(64)?(/.*)? gen_context(system_u:object_r:var_lib_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /proc
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/proc -d <<none>>
|
|
Chris PeBenito |
abc73a |
/proc/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /selinux
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/selinux -d <<none>>
|
|
Chris PeBenito |
abc73a |
/selinux/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
cff75c |
# /srv
|
|
Chris PeBenito |
cff75c |
#
|
|
Chris PeBenito |
abc73a |
/srv -d gen_context(system_u:object_r:var_t,s0)
|
|
Chris PeBenito |
abc73a |
/srv/.* gen_context(system_u:object_r:var_t,s0)
|
|
Chris PeBenito |
cff75c |
|
|
Chris PeBenito |
cff75c |
#
|
|
Chris PeBenito |
f8ec0a |
# /sys
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/sys -d <<none>>
|
|
Chris PeBenito |
abc73a |
/sys/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /tmp
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
e070dd |
/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
|
|
Chris PeBenito |
f8ec0a |
/tmp/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
/tmp/\.journal <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e070dd |
/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/tmp/lost\+found/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /usr
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/usr -d gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
abc73a |
/usr/.* gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/usr/\.journal <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
b0d224 |
/usr/doc(/.*)?/lib(/.*)? gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
b0d224 |
|
|
Chris PeBenito |
e02c61 |
/usr/etc(/.*)? gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/usr/inclu.e(/.*)? gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
/usr/local/\.journal <<none>>
|
|
Chris PeBenito |
dd3163 |
|
|
Chris PeBenito |
e02c61 |
/usr/local/etc(/.*)? gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
dd3163 |
|
|
Chris PeBenito |
e070dd |
/usr/local/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/usr/local/lost\+found/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/usr/local/src(/.*)? gen_context(system_u:object_r:src_t,s0)
|
|
Chris PeBenito |
dd3163 |
|
|
Chris PeBenito |
e070dd |
/usr/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/usr/lost\+found/.* <<none>>
|
|
Chris PeBenito |
cff75c |
|
|
Chris PeBenito |
e02c61 |
/usr/share(/.*)?/lib(64)?(/.*)? gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/usr/src(/.*)? gen_context(system_u:object_r:src_t,s0)
|
|
Chris PeBenito |
abc73a |
/usr/src/kernels/.+/lib(/.*)? gen_context(system_u:object_r:usr_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e070dd |
/usr/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
|
|
Chris PeBenito |
f8ec0a |
/usr/tmp/.* <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
f8ec0a |
# /var
|
|
Chris PeBenito |
f8ec0a |
#
|
|
Chris PeBenito |
abc73a |
/var -d gen_context(system_u:object_r:var_t,s0)
|
|
Chris PeBenito |
abc73a |
/var/.* gen_context(system_u:object_r:var_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/var/\.journal <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/var/db/.*\.db -- gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/var/ftp/etc(/.*)? gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/var/lib(/.*)? gen_context(system_u:object_r:var_lib_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
dd3163 |
/var/lib/nfs/rpc_pipefs(/.*)? <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e02c61 |
/var/lock(/.*)? gen_context(system_u:object_r:var_lock_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e070dd |
/var/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/var/lost\+found/.* <<none>>
|
|
Chris PeBenito |
dd3163 |
|
|
Chris PeBenito |
e070dd |
/var/run -d gen_context(system_u:object_r:var_run_t,s0-mls_systemhigh)
|
|
Chris PeBenito |
bf080a |
/var/run/.* gen_context(system_u:object_r:var_run_t,s0)
|
|
Chris PeBenito |
f8ec0a |
/var/run/.*\.*pid <<none>>
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
46112f |
/var/spool(/.*)? gen_context(system_u:object_r:var_spool_t,s0)
|
|
Chris PeBenito |
46112f |
/var/spool/postfix/etc(/.*)? gen_context(system_u:object_r:etc_t,s0)
|
|
Chris PeBenito |
f8ec0a |
|
|
Chris PeBenito |
e070dd |
/var/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
|
|
Chris PeBenito |
f8ec0a |
/var/tmp/.* <<none>>
|
|
Chris PeBenito |
e070dd |
/var/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
|
|
Chris PeBenito |
cff75c |
/var/tmp/lost\+found/.* <<none>>
|
|
Chris PeBenito |
e02c61 |
/var/tmp/vi\.recover -d gen_context(system_u:object_r:tmp_t,s0)
|