Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /
Chris PeBenito f8ec0a
#
Chris PeBenito e02c61
/.*				gen_context(system_u:object_r:default_t,s0)
Chris PeBenito e02c61
/			-d	gen_context(system_u:object_r:root_t,s0)
Chris PeBenito f8ec0a
/\.journal			<<none>>
Chris PeBenito 1c1ac6
/initrd\.img.*		-l	gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito 1c1ac6
/vmlinuz.*		-l	gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito 9c6feb
Chris PeBenito 0907bd
ifdef(`distro_redhat',`
Chris PeBenito e02c61
/\.autofsck		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/\.autorelabel		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 465510
/\.suspended		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/fastboot 		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/forcefsck 		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/fsckoptions 		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/halt			--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/poweroff		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 0907bd
')
Chris PeBenito f8ec0a
Chris PeBenito 9c6feb
ifdef(`distro_suse',`
Chris PeBenito 693d4a
/success		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 9c6feb
')
Chris PeBenito 9c6feb
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /boot
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/boot			-d	gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito abc73a
/boot/.*			gen_context(system_u:object_r:boot_t,s0)
Chris PeBenito f8ec0a
/boot/\.journal			<<none>>
Chris PeBenito e070dd
/boot/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/boot/lost\+found/.*		<<none>>
Chris PeBenito 1c1ac6
/boot/System\.map(-.*)?	--	gen_context(system_u:object_r:system_map_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito 9c6feb
# /emul
Chris PeBenito 9c6feb
#
Chris PeBenito abc73a
/emul			-d	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito abc73a
/emul/.*			gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito 9c6feb
Chris PeBenito 9c6feb
#
Chris PeBenito f8ec0a
# /etc
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/etc			-d	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito abc73a
/etc/.*				gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito e02c61
/etc/\.fstab\.hal\..+	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/asound\.state	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito a3cf80
/etc/blkid(/.*)?		gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/fstab\.REVOKE	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/HOSTNAME		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 693d4a
/etc/ioctl\.save	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/issue		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/issue\.net		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/localtime		-l	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito e02c61
/etc/mtab		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/motd		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/nohotplug		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/nologin.*		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito eac818
/etc/reader.conf	-- 	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 693d4a
/etc/smartd\.conf.*	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
Chris PeBenito ef5ca0
/etc/cups/client\.conf	--	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito ef5ca0
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/etc/ipsec\.d/examples(/.*)?	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito 11633b
Chris PeBenito e02c61
/etc/network/ifstate	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito eeb255
Chris PeBenito e02c61
/etc/ptal/ptal-printd-like -- 	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/etc/sysconfig/hwconf	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/sysconfig/iptables\.save -- gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/sysconfig/firstboot --	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
ifdef(`distro_gentoo', `
Chris PeBenito e02c61
/etc/profile\.env	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/csh\.env		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito e02c61
/etc/env\.d/.*		--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito f8ec0a
')
Chris PeBenito f8ec0a
Chris PeBenito 9c6feb
ifdef(`distro_redhat',`
Chris PeBenito 9c6feb
/etc/rhgb(/.*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito 9c6feb
')
Chris PeBenito 9c6feb
Chris PeBenito 9c6feb
ifdef(`distro_suse',`
Chris PeBenito 9c6feb
/etc/defkeymap\.map	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 9c6feb
/etc/init\.d/\.depend.*	--	gen_context(system_u:object_r:etc_runtime_t,s0)
Chris PeBenito 9c6feb
')
Chris PeBenito 9c6feb
Chris PeBenito 9c6feb
#
Chris PeBenito 9c6feb
# HOME_ROOT
Chris PeBenito 9c6feb
# expanded by genhomedircon
Chris PeBenito 9c6feb
#
Chris PeBenito e070dd
HOME_ROOT		-d	gen_context(system_u:object_r:home_root_t,s0-mls_systemhigh)
Chris PeBenito 5d3156
HOME_ROOT/\.journal		<<none>>
Chris PeBenito e070dd
HOME_ROOT/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito bf080a
HOME_ROOT/lost\+found/.*		<<none>>
Chris PeBenito 5d3156
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /initrd
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# initrd mount point, only used during boot
Chris PeBenito e02c61
/initrd			-d	gen_context(system_u:object_r:root_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito 1c1ac6
# /lib(64)?
Chris PeBenito 1c1ac6
#
Chris PeBenito abc73a
/lib/modules(/.*)?		gen_context(system_u:object_r:modules_object_t,s0)
Chris PeBenito abc73a
/lib64/modules(/.*)?		gen_context(system_u:object_r:modules_object_t,s0)
Chris PeBenito 1c1ac6
Chris PeBenito 1c1ac6
#
Chris PeBenito f8ec0a
# /lost+found
Chris PeBenito f8ec0a
#
Chris PeBenito e070dd
/lost\+found		-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/lost\+found/.*			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /media
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# Mount points; do not relabel subdirectories, since
Chris PeBenito f8ec0a
# we don't want to change any removable media by default.
Chris PeBenito 13d7ce
/media(/[^/]*)		-l	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito e02c61
/media(/[^/]*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito f8ec0a
/media/[^/]*/.*			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito a52492
# /misc
Chris PeBenito a52492
#
Chris PeBenito a52492
/misc			-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito a52492
Chris PeBenito a52492
#
Chris PeBenito f8ec0a
# /mnt
Chris PeBenito f8ec0a
#
Chris PeBenito 13d7ce
/mnt(/[^/]*)		-l	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito e02c61
/mnt(/[^/]*)?		-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito f8ec0a
/mnt/[^/]*/.*			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito 51a89c
# /net
Chris PeBenito 51a89c
#
Chris PeBenito 51a89c
/net			-d	gen_context(system_u:object_r:mnt_t,s0)
Chris PeBenito 51a89c
Chris PeBenito 51a89c
#
Chris PeBenito f8ec0a
# /opt
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/opt			-d	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito abc73a
/opt/.*				gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito abc73a
/opt/(.*/)?var/lib(64)?(/.*)?	gen_context(system_u:object_r:var_lib_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /proc
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/proc			-d	<<none>>
Chris PeBenito abc73a
/proc/.*			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /selinux
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/selinux		-d	<<none>>
Chris PeBenito abc73a
/selinux/.*			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito cff75c
# /srv
Chris PeBenito cff75c
#
Chris PeBenito abc73a
/srv			-d	gen_context(system_u:object_r:var_t,s0)
Chris PeBenito abc73a
/srv/.*				gen_context(system_u:object_r:var_t,s0)
Chris PeBenito cff75c
Chris PeBenito cff75c
#
Chris PeBenito f8ec0a
# /sys
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/sys			-d	<<none>>
Chris PeBenito abc73a
/sys/.*				<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /tmp
Chris PeBenito f8ec0a
#
Chris PeBenito e070dd
/tmp			-d	gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
Chris PeBenito f8ec0a
/tmp/.*				<<none>>
Chris PeBenito f8ec0a
/tmp/\.journal			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito e070dd
/tmp/lost\+found	-d		gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/tmp/lost\+found/.*		<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /usr
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/usr			-d	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito abc73a
/usr/.*				gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0a
/usr/\.journal			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito b0d224
/usr/doc(/.*)?/lib(/.*)?		gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito b0d224
Chris PeBenito e02c61
/usr/etc(/.*)?			gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/usr/inclu.e(/.*)?		gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
/usr/local/\.journal		<<none>>
Chris PeBenito dd3163
Chris PeBenito e02c61
/usr/local/etc(/.*)?		gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito dd3163
Chris PeBenito e070dd
/usr/local/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/usr/local/lost\+found/.*	<<none>>
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/usr/local/src(/.*)?		gen_context(system_u:object_r:src_t,s0)
Chris PeBenito dd3163
Chris PeBenito e070dd
/usr/lost\+found		-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/usr/lost\+found/.*		<<none>>
Chris PeBenito cff75c
Chris PeBenito e02c61
/usr/share(/.*)?/lib(64)?(/.*)?	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/usr/src(/.*)?			gen_context(system_u:object_r:src_t,s0)
Chris PeBenito abc73a
/usr/src/kernels/.+/lib(/.*)?	gen_context(system_u:object_r:usr_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e070dd
/usr/tmp			-d	gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
Chris PeBenito f8ec0a
/usr/tmp/.*			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito f8ec0a
#
Chris PeBenito f8ec0a
# /var
Chris PeBenito f8ec0a
#
Chris PeBenito abc73a
/var			-d	gen_context(system_u:object_r:var_t,s0)
Chris PeBenito abc73a
/var/.*				gen_context(system_u:object_r:var_t,s0)
Chris PeBenito f8ec0a
/var/\.journal			<<none>>
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/var/db/.*\.db		--	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/var/ftp/etc(/.*)?		gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/var/lib(/.*)?			gen_context(system_u:object_r:var_lib_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito dd3163
/var/lib/nfs/rpc_pipefs(/.*)?	<<none>>
Chris PeBenito f8ec0a
Chris PeBenito e02c61
/var/lock(/.*)?			gen_context(system_u:object_r:var_lock_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e070dd
/var/lost\+found		-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/var/lost\+found/.*		<<none>>
Chris PeBenito dd3163
Chris PeBenito e070dd
/var/run			-d	gen_context(system_u:object_r:var_run_t,s0-mls_systemhigh)
Chris PeBenito bf080a
/var/run/.*			gen_context(system_u:object_r:var_run_t,s0)
Chris PeBenito f8ec0a
/var/run/.*\.*pid		<<none>>
Chris PeBenito f8ec0a
Chris PeBenito 46112f
/var/spool(/.*)?			gen_context(system_u:object_r:var_spool_t,s0)
Chris PeBenito 46112f
/var/spool/postfix/etc(/.*)?	gen_context(system_u:object_r:etc_t,s0)
Chris PeBenito f8ec0a
Chris PeBenito e070dd
/var/tmp			-d	gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
Chris PeBenito f8ec0a
/var/tmp/.*			<<none>>
Chris PeBenito e070dd
/var/tmp/lost\+found	-d	gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
Chris PeBenito cff75c
/var/tmp/lost\+found/.*		<<none>>
Chris PeBenito e02c61
/var/tmp/vi\.recover	-d	gen_context(system_u:object_r:tmp_t,s0)