(typealias setrans_var_run_t)
(typealiasactual setrans_var_run_t setrans_runtime_t)
(type setrans_t)
(roletype object_r setrans_t)
(type setrans_exec_t)
(roletype object_r setrans_exec_t)
(type setrans_initrc_exec_t)
(roletype object_r setrans_initrc_exec_t)
(type setrans_runtime_t)
(roletype object_r setrans_runtime_t)
(type setrans_unit_t)
(roletype object_r setrans_unit_t)
(roleattributeset cil_gen_require system_r)
(roletype system_r setrans_t)
(typeattributeset cil_gen_require initrc_t)
(typeattributeset cil_gen_require daemon)
(typeattributeset daemon (setrans_t ))
(typeattributeset cil_gen_require domain)
(typeattributeset domain (setrans_t ))
(typeattributeset cil_gen_require security_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require selinux_config_t)
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (setrans_exec_t setrans_initrc_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (setrans_exec_t setrans_initrc_exec_t ))
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (setrans_exec_t setrans_initrc_exec_t setrans_runtime_t setrans_unit_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (setrans_exec_t setrans_initrc_exec_t setrans_runtime_t setrans_unit_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (setrans_exec_t setrans_initrc_exec_t setrans_runtime_t setrans_unit_t ))
(typeattributeset cil_gen_require init_script_file_type)
(typeattributeset init_script_file_type (setrans_initrc_exec_t ))
(typeattributeset cil_gen_require init_run_all_scripts_domain)
(typeattributeset cil_gen_require pidfile)
(typeattributeset pidfile (setrans_runtime_t ))
(typeattributeset cil_gen_require mlstrustedobject)
(typeattributeset mlstrustedobject (setrans_runtime_t ))
(typeattributeset cil_gen_require systemdunit)
(typeattributeset systemdunit (setrans_unit_t ))
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require etc_runtime_t)
(typeattributeset cil_gen_require mlsfileread)
(typeattributeset mlsfileread (setrans_t ))
(typeattributeset cil_gen_require mlsfilewrite)
(typeattributeset mlsfilewrite (setrans_t ))
(typeattributeset cil_gen_require mlsnetrecvall)
(typeattributeset mlsnetrecvall (setrans_t ))
(typeattributeset cil_gen_require mlsnetwrite)
(typeattributeset mlsnetwrite (setrans_t ))
(typeattributeset cil_gen_require mlsprocread)
(typeattributeset mlsprocread (setrans_t ))
(typeattributeset cil_gen_require mlsnetread)
(typeattributeset mlsnetread (setrans_t ))
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require tty_device_t)
(typeattributeset cil_gen_require initrc_devpts_t)
(typeattributeset cil_gen_require local_login_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require locale_t)
(allow setrans_t setrans_exec_t (file (entrypoint)))
(allow setrans_t setrans_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t setrans_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t setrans_t (process (transition)))
(dontaudit initrc_t setrans_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t setrans_exec_t process setrans_t)
(allow setrans_t initrc_t (fd (use)))
(allow setrans_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow setrans_t initrc_t (process (sigchld)))
(allow initrc_t setrans_initrc_exec_t (file (entrypoint)))
(allow initrc_t setrans_initrc_exec_t (file (ioctl read getattr lock map execute open)))
(allow init_run_all_scripts_domain setrans_initrc_exec_t (file (ioctl read getattr map execute open)))
(allow init_run_all_scripts_domain initrc_t (process (transition)))
(dontaudit init_run_all_scripts_domain initrc_t (process (noatsecure siginh rlimitinh)))
(typetransition init_run_all_scripts_domain setrans_initrc_exec_t process initrc_t)
(allow initrc_t init_run_all_scripts_domain (fd (use)))
(allow initrc_t init_run_all_scripts_domain (fifo_file (ioctl read write getattr lock append)))
(allow initrc_t init_run_all_scripts_domain (process (sigchld)))
(allow setrans_t self (capability (sys_resource)))
(allow setrans_t self (process (sigchld sigkill sigstop signull signal getcap setcap setrlimit)))
(allow setrans_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow setrans_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow setrans_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow setrans_t self (context (contains)))
(allow setrans_t setrans_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow setrans_t bin_t (dir (getattr open search)))
(allow setrans_t bin_t (lnk_file (read getattr)))
(allow setrans_t usr_t (dir (getattr open search)))
(allow setrans_t setrans_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow setrans_t setrans_runtime_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow setrans_t setrans_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow setrans_t setrans_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow setrans_t setrans_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow setrans_t setrans_runtime_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow setrans_t var_t (dir (getattr open search)))
(allow setrans_t var_run_t (lnk_file (read getattr)))
(allow setrans_t var_run_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition setrans_t var_run_t dir setrans_runtime_t)
(typetransition setrans_t var_run_t file setrans_runtime_t)
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t sysctl_t (dir (getattr open search)))
(allow setrans_t sysctl_kernel_t (dir (getattr open search)))
(allow setrans_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t sysctl_t (dir (getattr open search)))
(allow setrans_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (file (ioctl read getattr lock open)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (lnk_file (read getattr)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (dir (ioctl read getattr lock open search)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t domain (dir (ioctl read getattr lock open search)))
(allow setrans_t domain (dir (getattr open search)))
(allow setrans_t domain (file (ioctl read getattr lock open)))
(allow setrans_t domain (dir (getattr open search)))
(allow setrans_t domain (lnk_file (read getattr)))
(dontaudit setrans_t domain (dir (getattr open search)))
(allow setrans_t domain (process (getattr)))
(allow setrans_t domain (process (getsession)))
(allow setrans_t etc_t (dir (ioctl read getattr lock open search)))
(allow setrans_t etc_t (dir (getattr open search)))
(allow setrans_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow setrans_t etc_t (dir (getattr open search)))
(allow setrans_t etc_runtime_t (lnk_file (read getattr)))
(allow setrans_t sysfs_t (dir (getattr open search)))
(allow setrans_t sysfs_t (dir (getattr open search)))
(allow setrans_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow setrans_t security_t (dir (ioctl read getattr lock open search)))
(allow setrans_t security_t (file (ioctl read write getattr map open)))
(allow setrans_t security_t (security (compute_av)))
(dontaudit setrans_t devpts_t (chr_file (ioctl read write getattr)))
(dontaudit setrans_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(dontaudit setrans_t initrc_devpts_t (chr_file (ioctl read write getattr lock append open)))
(dontaudit setrans_t local_login_t (fd (use)))
(allow setrans_t devlog_t (sock_file (write getattr append open)))
(allow setrans_t var_run_t (lnk_file (read getattr)))
(allow setrans_t var_t (dir (getattr open search)))
(allow setrans_t var_run_t (dir (getattr open search)))
(allow setrans_t init_runtime_t (dir (getattr open search)))
(allow setrans_t syslogd_runtime_t (dir (getattr open search)))
(allow setrans_t syslogd_t (unix_dgram_socket (sendto)))
(allow setrans_t syslogd_t (unix_stream_socket (connectto)))
(allow setrans_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow setrans_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow setrans_t device_t (dir (getattr open search)))
(allow setrans_t device_t (dir (ioctl read getattr lock open search)))
(allow setrans_t device_t (dir (getattr open search)))
(allow setrans_t device_t (lnk_file (read getattr)))
(allow setrans_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit setrans_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow setrans_t etc_t (dir (getattr open search)))
(allow setrans_t etc_t (lnk_file (read getattr)))
(allow setrans_t usr_t (dir (getattr open search)))
(allow setrans_t locale_t (dir (ioctl read getattr lock open search)))
(allow setrans_t locale_t (dir (getattr open search)))
(allow setrans_t locale_t (file (ioctl read getattr lock open)))
(allow setrans_t locale_t (dir (getattr open search)))
(allow setrans_t locale_t (lnk_file (read getattr)))
(allow setrans_t locale_t (file (map)))
(allow setrans_t security_t (filesystem (getattr)))
(allow setrans_t sysfs_t (filesystem (getattr)))
(allow setrans_t sysfs_t (dir (getattr open search)))
(allow setrans_t sysfs_t (dir (getattr open search)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (file (ioctl read getattr lock open)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (lnk_file (read getattr)))
(allow setrans_t proc_t (dir (getattr open search)))
(allow setrans_t proc_t (dir (ioctl read getattr lock open search)))
(allow setrans_t etc_t (dir (getattr open search)))
(allow setrans_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow setrans_t selinux_config_t (dir (getattr open search)))
(allow setrans_t selinux_config_t (file (ioctl read getattr lock open)))
(allow setrans_t selinux_config_t (dir (getattr open search)))
(allow setrans_t selinux_config_t (lnk_file (read getattr)))
(optional setrans_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow setrans_t init_t (process (sigchld)))
    (allow setrans_t init_t (process (signull)))
)
(optional setrans_optional_3
    (typeattributeset cil_gen_require rpm_t)
    (allow setrans_t rpm_t (fd (use)))
    (allow setrans_t rpm_t (fifo_file (ioctl read getattr lock open)))
)
(optional setrans_optional_4
    (typeattributeset cil_gen_require security_t)
    (typeattributeset cil_gen_require sysfs_t)
    (dontaudit setrans_t security_t (filesystem (getattr)))
    (dontaudit setrans_t sysfs_t (filesystem (getattr)))
    (dontaudit setrans_t sysfs_t (dir (getattr open search)))
    (dontaudit setrans_t security_t (dir (getattr open search)))
    (dontaudit setrans_t security_t (file (ioctl read getattr lock open)))
    (optional setrans_optional_5
        (typeattributeset cil_gen_require selinux_config_t)
        (dontaudit setrans_t selinux_config_t (dir (getattr open search)))
        (dontaudit setrans_t selinux_config_t (file (ioctl read getattr lock open)))
        (optional setrans_optional_6
            (typeattributeset cil_gen_require rpm_script_t)
            (allow setrans_t rpm_script_t (fd (use)))
        )
    )
)
(filecon "/etc/rc\.d/init\.d/mcstrans" file (system_u object_r setrans_initrc_exec_t ((s0) (s0))))
(filecon "/run/setrans(/.*)?" any (system_u object_r setrans_runtime_t ((s0) (s0))))
(filecon "/usr/bin/mcstransd" file (system_u object_r setrans_exec_t ((s0) (s0))))
(filecon "/usr/lib/systemd/system/mcstrans.*\.service" file (system_u object_r setrans_unit_t ((s0) (s0))))
(filecon "/usr/sbin/mcstransd" file (system_u object_r setrans_exec_t ((s0) (s0))))
