-
Notifications
You must be signed in to change notification settings - Fork 48
/
Copy pathtest_basic.cri.cil
257 lines (257 loc) · 26.7 KB
/
test_basic.cri.cil
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
(block my_container
(blockinherit container)
(blockinherit net_container)
(blockinherit home_container)
(allow process abrt_retrace_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process abrt_retrace_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process abrt_retrace_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process abrt_retrace_spool_t ( sock_file ( append getattr open read write )))
(allow process abrt_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process abrt_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process abrt_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process abrt_var_cache_t ( sock_file ( append getattr open read write )))
(allow process antivirus_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process antivirus_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process antivirus_db_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process antivirus_db_t ( sock_file ( append getattr open read write )))
(allow process asterisk_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process asterisk_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process asterisk_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process asterisk_spool_t ( sock_file ( append getattr open read write )))
(allow process audit_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process audit_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process audit_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process audit_spool_t ( sock_file ( append getattr open read write )))
(allow process bacula_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process bacula_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process bacula_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process bacula_spool_t ( sock_file ( append getattr open read write )))
(allow process callweaver_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process callweaver_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process callweaver_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process callweaver_spool_t ( sock_file ( append getattr open read write )))
(allow process courier_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process courier_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process courier_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process courier_spool_t ( sock_file ( append getattr open read write )))
(allow process cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process cron_spool_t ( sock_file ( append getattr open read write )))
(allow process ctdbd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process ctdbd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process ctdbd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process ctdbd_spool_t ( sock_file ( append getattr open read write )))
(allow process device_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process device_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process device_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process device_t ( sock_file ( append getattr open read write )))
(allow process devlog_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process devlog_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process devlog_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process devlog_t ( sock_file ( append getattr open read write )))
(allow process dkim_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process dkim_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process dkim_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process dkim_milter_data_t ( sock_file ( append getattr open read write )))
(allow process dovecot_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process dovecot_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process dovecot_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process dovecot_spool_t ( sock_file ( append getattr open read write )))
(allow process etc_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process etc_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process etc_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process etc_t ( sock_file ( append getattr open read write )))
(allow process exim_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process exim_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process exim_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process exim_spool_t ( sock_file ( append getattr open read write )))
(allow process getty_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process getty_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process getty_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process getty_var_run_t ( sock_file ( append getattr open read write )))
(allow process httpd_sys_rw_content_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process httpd_sys_rw_content_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process httpd_sys_rw_content_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process httpd_sys_rw_content_t ( sock_file ( append getattr open read write )))
(allow process ld_so_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process ld_so_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process ld_so_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process ld_so_t ( sock_file ( append getattr open read write )))
(allow process lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process lib_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process lib_t ( sock_file ( append getattr open read write )))
(allow process locale_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process locale_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process locale_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process locale_t ( sock_file ( append getattr open read write )))
(allow process lpd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process lpd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process lpd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process lpd_var_run_t ( sock_file ( append getattr open read write )))
(allow process mail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process mail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process mail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process mail_spool_t ( sock_file ( append getattr open read write )))
(allow process mailman_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process mailman_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process mailman_data_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process mailman_data_t ( sock_file ( append getattr open read write )))
(allow process mqueue_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process mqueue_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process mqueue_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process mqueue_spool_t ( sock_file ( append getattr open read write )))
(allow process mscan_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process mscan_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process mscan_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process mscan_spool_t ( sock_file ( append getattr open read write )))
(allow process nagios_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process nagios_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process nagios_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process nagios_spool_t ( sock_file ( append getattr open read write )))
(allow process news_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process news_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process news_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process news_spool_t ( sock_file ( append getattr open read write )))
(allow process plymouthd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process plymouthd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process plymouthd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process plymouthd_spool_t ( sock_file ( append getattr open read write )))
(allow process plymouthd_var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process plymouthd_var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process plymouthd_var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process plymouthd_var_log_t ( sock_file ( append getattr open read write )))
(allow process postfix_private_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process postfix_private_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process postfix_private_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process postfix_private_t ( sock_file ( append getattr open read write )))
(allow process postfix_public_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process postfix_public_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process postfix_public_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process postfix_public_t ( sock_file ( append getattr open read write )))
(allow process postfix_spool_bounce_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process postfix_spool_bounce_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process postfix_spool_bounce_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process postfix_spool_bounce_t ( sock_file ( append getattr open read write )))
(allow process postfix_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process postfix_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process postfix_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process postfix_spool_t ( sock_file ( append getattr open read write )))
(allow process postfix_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process postfix_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process postfix_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process postfix_var_run_t ( sock_file ( append getattr open read write )))
(allow process postgrey_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process postgrey_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process postgrey_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process postgrey_spool_t ( sock_file ( append getattr open read write )))
(allow process prelude_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process prelude_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process prelude_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process prelude_spool_t ( sock_file ( append getattr open read write )))
(allow process print_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process print_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process print_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process print_spool_t ( sock_file ( append getattr open read write )))
(allow process public_content_rw_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process public_content_rw_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process public_content_rw_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process public_content_rw_t ( sock_file ( append getattr open read write )))
(allow process pyicqt_var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process pyicqt_var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process pyicqt_var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process pyicqt_var_spool_t ( sock_file ( append getattr open read write )))
(allow process quota_db_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process quota_db_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process quota_db_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process quota_db_t ( sock_file ( append getattr open read write )))
(allow process regex_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process regex_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process regex_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process regex_milter_data_t ( sock_file ( append getattr open read write )))
(allow process rpm_var_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process rpm_var_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process rpm_var_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process rpm_var_cache_t ( sock_file ( append getattr open read write )))
(allow process rwho_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process rwho_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process rwho_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process rwho_spool_t ( sock_file ( append getattr open read write )))
(allow process samba_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process samba_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process samba_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process samba_spool_t ( sock_file ( append getattr open read write )))
(allow process sge_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process sge_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process sge_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process sge_spool_t ( sock_file ( append getattr open read write )))
(allow process smsd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process smsd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process smsd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process smsd_spool_t ( sock_file ( append getattr open read write )))
(allow process snmpd_var_lib_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process snmpd_var_lib_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process snmpd_var_lib_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process snmpd_var_lib_t ( sock_file ( append getattr open read write )))
(allow process spamass_milter_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process spamass_milter_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process spamass_milter_data_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process spamass_milter_data_t ( sock_file ( append getattr open read write )))
(allow process spamd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process spamd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process spamd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process spamd_spool_t ( sock_file ( append getattr open read write )))
(allow process spamd_var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process spamd_var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process spamd_var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process spamd_var_run_t ( sock_file ( append getattr open read write )))
(allow process squid_cache_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process squid_cache_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process squid_cache_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process squid_cache_t ( sock_file ( append getattr open read write )))
(allow process squirrelmail_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process squirrelmail_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process squirrelmail_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process squirrelmail_spool_t ( sock_file ( append getattr open read write )))
(allow process system_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process system_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process system_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process system_cron_spool_t ( sock_file ( append getattr open read write )))
(allow process tetex_data_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process tetex_data_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process tetex_data_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process tetex_data_t ( sock_file ( append getattr open read write )))
(allow process user_cron_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process user_cron_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process user_cron_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process user_cron_spool_t ( sock_file ( append getattr open read write )))
(allow process uucpd_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process uucpd_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process uucpd_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process uucpd_spool_t ( sock_file ( append getattr open read write )))
(allow process var_log_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process var_log_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process var_log_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process var_log_t ( sock_file ( append getattr open read write )))
(allow process var_run_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process var_run_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process var_run_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process var_run_t ( sock_file ( append getattr open read write )))
(allow process var_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process var_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process var_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process var_spool_t ( sock_file ( append getattr open read write )))
(allow process xdm_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process xdm_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process xdm_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process xdm_spool_t ( sock_file ( append getattr open read write )))
(allow process zoneminder_spool_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process zoneminder_spool_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
(allow process zoneminder_spool_t ( fifo_file ( getattr read write append ioctl lock open )))
(allow process zoneminder_spool_t ( sock_file ( append getattr open read write )))
(allow process net_conf_t ( dir ( getattr ioctl lock open read search )))
(allow process net_conf_t ( file ( getattr ioctl lock open read )))
(allow process net_conf_t ( fifo_file ( getattr open read lock ioctl )))
(allow process net_conf_t ( sock_file ( getattr open read )))
)