#

# Define the labeling behavior for inodes in particular filesystem types.

# This information was formerly hardcoded in the SELinux module.

# Use xattrs for the following filesystem types.

# Requires that a security xattr handler exist for the filesystem.

fs_use_xattr ext2 system_u:object_r:fs_t;

fs_use_xattr ext3 system_u:object_r:fs_t;

fs_use_xattr xfs system_u:object_r:fs_t;

fs_use_xattr jfs system_u:object_r:fs_t;

# Use the allocating task SID to label inodes in the following filesystem

# types, and label the filesystem itself with the specified context.

# This is appropriate for pseudo filesystems that represent objects

# like pipes and sockets, so that these objects are labeled with the same

# type as the creating task.  

fs_use_task pipefs system_u:object_r:fs_t;

fs_use_task sockfs system_u:object_r:fs_t;

# Use a transition SID based on the allocating task SID and the

# filesystem SID to label inodes in the following filesystem types,

# and label the filesystem itself with the specified context.

# This is appropriate for pseudo filesystems like devpts and tmpfs

# where we want to label objects with a derived type.

fs_use_trans devpts system_u:object_r:devpts_t;

fs_use_trans tmpfs system_u:object_r:tmpfs_t;

fs_use_trans shm system_u:object_r:tmpfs_t;

# The separate genfs_contexts configuration can be used for filesystem 

# types that cannot support persistent label mappings or use

# one of the fixed label schemes specified here.