(filecon "/etc/rc\.d/rc" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/etc/rc\.d/rc\.[^/]+" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/etc/rc\.d/init\.d/.*" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/etc/sysconfig/network-scripts/ifup-ipsec" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/etc/X11/prefdm" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/etc/vmware/init\.d/vmware" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/etc/x11/startDM\.sh" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/dev/initctl" pipe (system_u object_r initctl_t (systemlow systemlow)))
(filecon "/lib/systemd/systemd" file (system_u object_r init_exec_t (systemlow systemlow)))
(filecon "/lib/rc/init\.d(/.*)?" any (system_u object_r initrc_state_t (systemlow systemlow)))
(filecon "/sbin/init(ng)?" file (system_u object_r init_exec_t (systemlow systemlow)))
(filecon "/sbin/upstart" file (system_u object_r init_exec_t (systemlow systemlow)))
(filecon "/sbin/rc" file (system_u object_r rc_exec_t (systemlow systemlow)))
(filecon "/usr/bin/sepg_ctl" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/usr/lib/systemd/systemd" file (system_u object_r init_exec_t (systemlow systemlow)))
(filecon "/usr/lib/systemd/system-preset(/.*)?" any (system_u object_r systemd_unit_t (systemlow systemlow)))
(filecon "/usr/lib/systemd/user-preset(/.*)?" any (system_u object_r systemd_unit_t (systemlow systemlow)))
(filecon "/usr/lib/systemd/ntp-units\.d" dir (system_u object_r systemd_unit_t (systemlow systemlow)))
(filecon "/usr/lib/systemd/system(/.*)?" any (system_u object_r systemd_unit_t (systemlow systemlow)))
(filecon "/usr/libexec/dcc/start-.*" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/usr/libexec/dcc/stop-.*" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/apachectl" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/open_init_pty" file (system_u object_r initrc_exec_t (systemlow systemlow)))
(filecon "/var/lib/systemd(/.*)?" any (system_u object_r init_var_lib_t (systemlow systemlow)))
(filecon "/var/run/initctl" pipe (system_u object_r initctl_t (systemlow systemlow)))
(filecon "/var/run/utmp" file (system_u object_r initrc_var_run_t (systemlow systemlow)))
(filecon "/var/run/runlevel\.dir" any (system_u object_r initrc_var_run_t (systemlow systemlow)))
(filecon "/var/run/random-seed" file (system_u object_r initrc_var_run_t (systemlow systemlow)))
(filecon "/var/run/setmixer_flag" file (system_u object_r initrc_var_run_t (systemlow systemlow)))
(filecon "/var/run/systemd(/.*)?" any (system_u object_r init_var_run_t (systemlow systemlow)))
(filecon "/var/lib/init\.d(/.*)?" any (system_u object_r initrc_state_t (systemlow systemlow)))
(filecon "/var/run/svscan\.pid" file (system_u object_r initrc_var_run_t (systemlow systemlow)))
(filecon "/lib/rc/console(/.*)?" any (system_u object_r initrc_state_t (systemlow systemlow)))
(filecon "/lib/rc/cache(/.*)?" any (system_u object_r initrc_state_t (systemlow systemlow)))
(filecon "/sbin/openrc" file (system_u object_r rc_exec_t (systemlow systemlow)))
(filecon "/var/lib/ip6?tables(/.*)?" any (system_u object_r initrc_tmp_t (systemlow systemlow)))
(filecon "/var/run/openrc(/.*)?" any (system_u object_r initrc_state_t (systemlow systemlow)))
(typeattribute init_script_domain_type)
(typeattributeset init_script_domain_type (initrc_t ))
(typeattribute init_script_file_type)
(typeattributeset init_script_file_type (initrc_exec_t ))
(typeattribute init_run_all_scripts_domain)
(typeattributeset init_run_all_scripts_domain (init_t initrc_t ))
(typeattribute systemdunit)
(typeattributeset systemdunit (systemd_unit_t ))
(typeattribute daemon)
(typeattribute daemonpidfile)
(typeattribute daemonrundir)
(type init_t)
(roletype object_r init_t)
(type init_exec_t)
(roletype object_r init_exec_t)
(type init_var_run_t)
(roletype object_r init_var_run_t)
(type init_var_lib_t)
(roletype object_r init_var_lib_t)
(type initctl_t)
(roletype object_r initctl_t)
(type initrc_t)
(roletype object_r initrc_t)
(type initrc_exec_t)
(roletype object_r initrc_exec_t)
(type initrc_devpts_t)
(roletype object_r initrc_devpts_t)
(type initrc_lock_t)
(roletype object_r initrc_lock_t)
(type initrc_state_t)
(roletype object_r initrc_state_t)
(type initrc_tmp_t)
(roletype object_r initrc_tmp_t)
(type initrc_var_log_t)
(roletype object_r initrc_var_log_t)
(type initrc_var_run_t)
(roletype object_r initrc_var_run_t)
(type systemd_unit_t)
(roletype object_r systemd_unit_t)
(type rc_exec_t)
(roletype object_r rc_exec_t)
(typeattribute init_script_readable)
(boolean init_upstart false)
(roleattributeset cil_gen_require system_r)
(roletype system_r init_t)
(roletype system_r initrc_t)
(typeattributeset cil_gen_require domain)
(typeattributeset domain (init_t initrc_t ))
(typeattributeset cil_gen_require security_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require selinux_config_t)
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (init_exec_t initrc_exec_t shell_exec_t rc_exec_t bin_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (init_exec_t initrc_exec_t shell_exec_t rc_exec_t bin_t ))
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (init_exec_t init_var_run_t init_var_lib_t initctl_t initrc_exec_t shell_exec_t initrc_devpts_t initrc_lock_t initrc_state_t initrc_tmp_t initrc_var_log_t initrc_var_run_t systemd_unit_t rc_exec_t bin_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (init_exec_t init_var_run_t init_var_lib_t initctl_t initrc_exec_t shell_exec_t initrc_devpts_t initrc_lock_t initrc_state_t initrc_tmp_t initrc_var_log_t initrc_var_run_t systemd_unit_t rc_exec_t bin_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (init_exec_t init_var_run_t init_var_lib_t initctl_t initrc_exec_t shell_exec_t initrc_devpts_t initrc_lock_t initrc_state_t initrc_tmp_t initrc_var_log_t initrc_var_run_t systemd_unit_t rc_exec_t bin_t ))
(typeattributeset cil_gen_require kernel_t)
(typeattributeset cil_gen_require pidfile)
(typeattributeset pidfile (init_var_run_t initrc_var_run_t ))
(typeattributeset cil_gen_require mlstrustedobject)
(typeattributeset mlstrustedobject (initctl_t ))
(typeattributeset cil_gen_require shell_exec_t)
(typeattributeset cil_gen_require ptynode)
(typeattributeset ptynode (initrc_devpts_t ))
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require device_node)
(typeattributeset device_node (initrc_devpts_t ))
(typeattributeset cil_gen_require lockfile)
(typeattributeset lockfile (initrc_lock_t ))
(typeattributeset cil_gen_require tmpfile)
(typeattributeset tmpfile (initrc_tmp_t ))
(typeattributeset cil_gen_require tmp_t)
(typeattributeset cil_gen_require polymember)
(typeattributeset polymember (initrc_tmp_t ))
(typeattributeset cil_gen_require logfile)
(typeattributeset logfile (initrc_var_log_t ))
(typeattributeset cil_gen_require tmpfs_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require unlabeled_t)
(typeattributeset cil_gen_require chroot_exec_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require etc_runtime_t)
(typeattributeset cil_gen_require root_t)
(typeattributeset cil_gen_require inotifyfs_t)
(typeattributeset cil_gen_require ramfs_t)
(typeattributeset cil_gen_require mcssetcats)
(typeattributeset mcssetcats (init_t initrc_t ))
(typeattributeset cil_gen_require mcskillall)
(typeattributeset mcskillall (init_t initrc_t ))
(typeattributeset cil_gen_require mlsfileread)
(typeattributeset mlsfileread (init_t initrc_t ))
(typeattributeset cil_gen_require mlsfilewrite)
(typeattributeset mlsfilewrite (init_t initrc_t ))
(typeattributeset cil_gen_require mlsprocwrite)
(typeattributeset mlsprocwrite (init_t initrc_t ))
(typeattributeset cil_gen_require mlsfduse)
(typeattributeset mlsfduse (init_t ))
(typeattributeset cil_gen_require secure_mode_policyload_t)
(typeattributeset cil_gen_require boolean_type)
(typeattributeset cil_gen_require ttynode)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require tty_device_t)
(typeattributeset cil_gen_require ld_so_cache_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_var_run_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require var_log_t)
(typeattributeset cil_gen_require locale_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require set_curr_context)
(typeattributeset set_curr_context (kernel_t ))
(typeattributeset cil_gen_require proc_net_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require sysctl_vm_t)
(typeattributeset cil_gen_require sysctl_fs_t)
(typeattributeset cil_gen_require autofs_device_t)
(typeattributeset cil_gen_require event_device_t)
(typeattributeset cil_gen_require sysfs_types)
(typeattributeset cil_gen_require urandom_device_t)
(typeattributeset cil_gen_require kmsg_device_t)
(typeattributeset cil_gen_require var_lib_t)
(typeattributeset cil_gen_require var_lock_t)
(typeattributeset cil_gen_require modules_object_t)
(typeattributeset cil_gen_require cgroup_t)
(typeattributeset cil_gen_require autofs_t)
(typeattributeset cil_gen_require hugetlbfs_t)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require pstore_t)
(typeattributeset cil_gen_require mlsnetwrite)
(typeattributeset mlsnetwrite (init_t ))
(typeattributeset cil_gen_require adjtime_t)
(typeattributeset cil_gen_require default_context_t)
(typeattributeset cil_gen_require file_context_t)
(typeattributeset cil_gen_require systemd_kmod_conf_t)
(typeattributeset cil_gen_require systemd_logind_t)
(typeattributeset cil_gen_require udev_t)
(typeattributeset cil_gen_require insmod_t)
(typeattributeset cil_gen_require insmod_exec_t)
(typeattributeset cil_gen_require wtmp_t)
(typeattributeset cil_gen_require bsdpty_device_t)
(typeattributeset cil_gen_require ptmx_t)
(typeattributeset cil_gen_require proc_mdstat_t)
(typeattributeset cil_gen_require sysctl_type)
(typeattributeset cil_gen_require proc_kmsg_t)
(typeattributeset cil_gen_require boot_t)
(typeattributeset cil_gen_require system_map_t)
(typeattributeset cil_gen_require netlabel_peer_t)
(typeattributeset cil_gen_require netif_type)
(typeattributeset cil_gen_require node_type)
(typeattributeset cil_gen_require port_type)
(typeattributeset cil_gen_require client_packet_type)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require usbfs_t)
(typeattributeset cil_gen_require framebuf_device_t)
(typeattributeset cil_gen_require clock_device_t)
(typeattributeset cil_gen_require sound_device_t)
(typeattributeset cil_gen_require lvm_control_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset cil_gen_require var_spool_t)
(typeattributeset cil_gen_require default_t)
(typeattributeset cil_gen_require binfmt_misc_fs_t)
(typeattributeset cil_gen_require filesystem_type)
(typeattributeset cil_gen_require mcsptraceall)
(typeattributeset mcsptraceall (initrc_t ))
(typeattributeset cil_gen_require mlsprocread)
(typeattributeset mlsprocread (initrc_t ))
(typeattributeset cil_gen_require privrangetrans)
(typeattributeset privrangetrans (initrc_t ))
(typeattributeset cil_gen_require mlsfdshare)
(typeattributeset mlsfdshare (initrc_t ))
(typeattributeset cil_gen_require fixed_disk_device_t)
(typeattributeset cil_gen_require removable_device_t)
(typeattributeset cil_gen_require lastlog_t)
(typeattributeset cil_gen_require pam_var_run_t)
(typeattributeset cil_gen_require pam_var_console_t)
(typeattributeset cil_gen_require nsswitch_domain)
(typeattributeset nsswitch_domain (initrc_t ))
(typeattributeset cil_gen_require lib_t)
(typeattributeset cil_gen_require ld_so_t)
(typeattributeset cil_gen_require auditd_etc_t)
(typeattributeset cil_gen_require cert_t)
(typeattributeset cil_gen_require modules_conf_t)
(typeattributeset cil_gen_require user_home_dir_t)
(typeattributeset cil_gen_require user_home_t)
(typeattributeset cil_gen_require home_root_t)
(typeattributeset cil_gen_require user_tty_device_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require proc_kcore_t)
(typeattributeset cil_gen_require null_device_t)
(typeattributeset cil_gen_require zero_device_t)
(typeattributeset cil_gen_require mountpoint)
(typeattributeset mountpoint (initrc_state_t ))
(typeattributeset cil_gen_require net_conf_t)
(typeattributeset cil_gen_require can_setenforce)
(typeattributeset can_setenforce (initrc_t ))
(typeattributeset cil_gen_require power_unit_t)
(allow init_t init_exec_t (file (entrypoint)))
(allow init_t init_exec_t (file (ioctl read getattr lock execute open)))
(allow kernel_t init_exec_t (file (read getattr execute open)))
(allow kernel_t init_t (process (transition)))
(dontaudit kernel_t init_t (process (noatsecure siginh rlimitinh)))
(typetransition kernel_t init_exec_t process init_t)
(allow init_t kernel_t (fd (use)))
(allow init_t kernel_t (fifo_file (ioctl read write getattr lock append open)))
(allow init_t kernel_t (process (sigchld)))
(allow initrc_t initrc_exec_t (file (entrypoint)))
(allow initrc_t initrc_exec_t (file (ioctl read getattr lock execute open)))
(allow init_t initrc_t (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow init_t initrc_t (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow init_t init_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow init_t init_var_run_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t init_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t shell_exec_t (file (entrypoint)))
(allow initrc_t shell_exec_t (file (ioctl read getattr lock execute open)))
(allow initrc_devpts_t devpts_t (filesystem (associate)))
(allow initrc_var_log_t tmp_t (filesystem (associate)))
(allow initrc_var_log_t tmpfs_t (filesystem (associate)))
(allow initrc_t rc_exec_t (file (entrypoint)))
(allow initrc_t rc_exec_t (file (ioctl read getattr lock execute open)))
(allow init_t self (capability (chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap)))
(allow init_t self (fifo_file (ioctl read write getattr lock append open)))
(allow init_t init_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
(allow init_t initrc_t (unix_stream_socket (connectto)))
(allow init_t init_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_run_t (lnk_file (read getattr)))
(allow init_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition init_t var_run_t file init_var_run_t)
(allow init_t initctl_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t device_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition init_t device_t fifo_file initctl_t)
(allow initctl_t device_t (filesystem (associate)))
(allow initctl_t tmpfs_t (filesystem (associate)))
(allow initctl_t tmp_t (filesystem (associate)))
(allow init_t initrc_var_run_t (file (ioctl read write getattr setattr lock append open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_t (file (ioctl read getattr lock open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_t (lnk_file (read getattr)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_t (dir (ioctl read getattr lock search open)))
(allow kernel_t init_t (process (share)))
(dontaudit init_t unlabeled_t (dir (getattr search open)))
(allow init_t bin_t (dir (getattr search open)))
(allow init_t bin_t (lnk_file (read getattr)))
(allow init_t chroot_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
(allow init_t self (capability (sys_chroot)))
(allow init_t bin_t (dir (getattr search open)))
(allow init_t bin_t (lnk_file (read getattr)))
(allow init_t bin_t (dir (getattr search open)))
(allow init_t bin_t (dir (ioctl read getattr lock search open)))
(allow init_t bin_t (file (ioctl read getattr lock execute execute_no_trans open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (file (ioctl read getattr lock open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (lnk_file (read getattr)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (ioctl read getattr lock search open)))
(allow init_t device_t (chr_file (ioctl read write getattr lock append open)))
(allow init_t domain (process (getpgid)))
(allow init_t domain (process (sigkill)))
(allow init_t self (capability (kill)))
(allow init_t domain (process (signal)))
(allow init_t domain (process (signull)))
(allow init_t domain (process (sigstop)))
(allow init_t domain (process (sigchld)))
(allow init_t etc_t (dir (ioctl read getattr lock search open)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t etc_t (file (ioctl read getattr lock open)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t etc_t (lnk_file (read getattr)))
(allow init_t var_run_t (lnk_file (read getattr)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_run_t (dir (ioctl read getattr lock search open)))
(allow init_t var_run_t (dir (getattr search open)))
(allow init_t var_run_t (file (ioctl read write getattr lock append open)))
(allow init_t etc_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t etc_runtime_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t etc_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t etc_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition init_t etc_t file etc_runtime_t)
(allow init_t etc_t (dir (ioctl read getattr lock search open)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t etc_t (lnk_file (read getattr)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t etc_t (file (ioctl read getattr execute execute_no_trans open)))
(dontaudit init_t root_t (file (read write)))
(dontaudit init_t root_t (chr_file (read write)))
(allow init_t inotifyfs_t (dir (ioctl read getattr lock search open)))
(allow init_t ramfs_t (dir (getattr search open)))
(allow init_t ramfs_t (sock_file (write getattr append open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t security_t (dir (ioctl read getattr lock search open)))
(allow init_t init_typeattr_1 (file (ioctl read write getattr lock append open)))
(allow init_t secure_mode_policyload_t (file (ioctl read getattr lock open)))
(allow init_t security_t (security (setbool)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_t (dir (ioctl read getattr lock search open)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_t (lnk_file (read getattr)))
(allow init_t devpts_t (dir (ioctl read getattr lock search open)))
(allow init_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow init_t devpts_t (chr_file (ioctl read write getattr lock append open)))
(allow init_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow init_t console_device_t (chr_file (ioctl read write getattr lock append open)))
(allow init_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(allow init_t etc_t (dir (ioctl read getattr lock search open)))
(allow init_t initrc_exec_t (file (read getattr execute open)))
(allow init_t initrc_t (process (transition)))
(dontaudit init_t initrc_t (process (noatsecure siginh rlimitinh)))
(typetransition init_t initrc_exec_t process initrc_t)
(allow initrc_t init_t (fd (use)))
(allow initrc_t init_t (fifo_file (ioctl read write getattr lock append open)))
(allow initrc_t init_t (process (sigchld)))
(allow init_t rc_exec_t (file (read getattr execute open)))
(allow init_t initrc_t (process (transition)))
(dontaudit init_t initrc_t (process (noatsecure siginh rlimitinh)))
(typetransition init_t rc_exec_t process initrc_t)
(allow initrc_t init_t (fd (use)))
(allow initrc_t init_t (fifo_file (ioctl read write getattr lock append open)))
(allow initrc_t init_t (process (sigchld)))
(allow init_t etc_t (dir (ioctl read getattr lock search open)))
(allow init_t ld_so_cache_t (file (ioctl read write getattr lock append open)))
(allow init_t devlog_t (sock_file (write getattr append open)))
(allow init_t var_run_t (lnk_file (read getattr)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_run_t (dir (getattr search open)))
(allow init_t init_var_run_t (dir (getattr search open)))
(allow init_t syslogd_var_run_t (dir (getattr search open)))
(allow init_t syslogd_t (unix_dgram_socket (sendto)))
(allow init_t syslogd_t (unix_stream_socket (connectto)))
(allow init_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow init_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_t (dir (ioctl read getattr lock search open)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_t (lnk_file (read getattr)))
(allow init_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit init_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_log_t (dir (ioctl read getattr lock search open)))
(allow init_t var_log_t (dir (getattr search open)))
(allow init_t var_log_t (file (ioctl read write getattr lock append open)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t selinux_config_t (dir (ioctl read getattr lock search open)))
(allow init_t selinux_config_t (dir (getattr search open)))
(allow init_t selinux_config_t (file (ioctl read getattr lock open)))
(allow init_t selinux_config_t (dir (getattr search open)))
(allow init_t selinux_config_t (lnk_file (read getattr)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t etc_t (lnk_file (read getattr)))
(allow init_t usr_t (dir (getattr search open)))
(allow init_t locale_t (dir (ioctl read getattr lock search open)))
(allow init_t locale_t (dir (getattr search open)))
(allow init_t locale_t (file (ioctl read getattr lock open)))
(allow init_t locale_t (dir (getattr search open)))
(allow init_t locale_t (lnk_file (read getattr)))
(allow init_t self (process (getsched setsched setpgid getcap setcap setfscreate setrlimit setsockcreate)))
(allow init_t self (capability2 (block_suspend)))
(allow init_t self (netlink_kobject_uevent_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow init_t self (netlink_route_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_write)))
(allow init_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow init_t init_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t init_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t init_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t init_var_run_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow init_t init_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t init_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t init_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t init_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow init_t systemd_unit_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t systemdunit (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t systemd_unit_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t systemd_unit_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow init_t systemd_unit_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t systemd_unit_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow init_t systemd_unit_t (dir (getattr relabelfrom relabelto)))
(allow kernel_t self (process (setcurrent)))
(allow kernel_t init_t (process (dyntransition)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_net_t (dir (getattr search open)))
(allow init_t proc_net_t (file (ioctl read getattr lock open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_net_t (dir (getattr search open)))
(allow init_t proc_net_t (lnk_file (read getattr)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_net_t (dir (ioctl read getattr lock search open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t sysctl_t (dir (getattr search open)))
(allow init_t sysctl_kernel_t (dir (getattr search open)))
(allow init_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t sysctl_t (dir (getattr search open)))
(allow init_t sysctl_kernel_t (dir (ioctl read getattr lock search open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t sysctl_t (dir (getattr search open)))
(allow init_t sysctl_vm_t (dir (getattr search open)))
(allow init_t sysctl_vm_t (file (ioctl read getattr lock open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t sysctl_t (dir (getattr search open)))
(allow init_t sysctl_vm_t (dir (ioctl read getattr lock search open)))
(allow init_t kernel_t (unix_dgram_socket (sendto)))
(allow init_t kernel_t (unix_stream_socket (connectto)))
(allow init_t proc_t (filesystem (getattr)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t sysctl_t (dir (getattr search open)))
(allow init_t sysctl_fs_t (dir (getattr search open)))
(allow init_t sysctl_fs_t (file (ioctl read getattr lock open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t sysctl_t (dir (getattr search open)))
(allow init_t sysctl_fs_t (dir (ioctl read getattr lock search open)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t autofs_device_t (chr_file (ioctl read write getattr lock append open)))
(allow init_t device_t (dir (ioctl read getattr lock search open)))
(allow init_t device_t (dir (ioctl write getattr lock add_name search open)))
(allow init_t device_t (dir (create getattr)))
(allow init_t self (capability (mknod)))
(allow init_t device_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t event_device_t (chr_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (dir (getattr relabelfrom)))
(allow init_t device_t (dir (getattr relabelfrom)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (file (getattr relabelfrom)))
(allow init_t device_t (file (getattr relabelfrom)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (lnk_file (getattr relabelfrom)))
(allow init_t device_t (lnk_file (getattr relabelfrom)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (fifo_file (getattr relabelfrom)))
(allow init_t device_t (fifo_file (getattr relabelfrom)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (sock_file (getattr relabelfrom)))
(allow init_t device_t (sock_file (getattr relabelfrom)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (blk_file (getattr relabelfrom relabelto)))
(allow init_t device_t (blk_file (getattr relabelfrom relabelto)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_node (chr_file (getattr relabelfrom relabelto)))
(allow init_t device_t (chr_file (getattr relabelfrom relabelto)))
(allow init_t sysfs_types (dir (ioctl read getattr lock relabelfrom relabelto search open)))
(allow init_t sysfs_types (file (getattr relabelfrom relabelto)))
(allow init_t sysfs_types (lnk_file (getattr relabelfrom relabelto)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t kmsg_device_t (chr_file (ioctl write getattr lock append open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t proc_t (dir (getattr search open)))
(allow init_t domain (dir (ioctl read getattr lock search open)))
(allow init_t domain (dir (getattr search open)))
(allow init_t domain (file (ioctl read getattr lock open)))
(allow init_t domain (dir (getattr search open)))
(allow init_t domain (lnk_file (read getattr)))
(allow init_t var_run_t (lnk_file (read getattr)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t pidfile (dir (ioctl read getattr lock search open)))
(allow init_t pidfile (dir (getattr search open)))
(allow init_t pidfile (file (ioctl read getattr lock open)))
(allow init_t usr_t (dir (ioctl read getattr lock search open)))
(allow init_t var_t (dir (ioctl read getattr lock search open)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_lib_t (dir (ioctl read getattr lock search open)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_lock_t (lnk_file (read getattr)))
(allow init_t lockfile (dir (getattr search open)))
(allow init_t lockfile (dir (getattr relabelfrom relabelto)))
(allow init_t root_t (dir (mounton)))
(allow init_t var_run_t (lnk_file (read getattr)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_run_t (dir (getattr search open)))
(allow init_t pidfile (dir (getattr search open)))
(allow init_t pidfile (dir (getattr relabelfrom relabelto)))
(allow init_t pidfile (dir (getattr search open)))
(allow init_t pidfile (file (getattr relabelfrom relabelto)))
(allow init_t pidfile (dir (getattr search open)))
(allow init_t pidfile (lnk_file (getattr relabelfrom relabelto)))
(allow init_t var_lock_t (lnk_file (read getattr)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_lock_t (dir (getattr search open)))
(allow init_t lockfile (dir (ioctl read getattr lock search open)))
(allow init_t lockfile (dir (getattr search open)))
(allow init_t lockfile (file (ioctl read getattr lock open)))
(allow init_t lockfile (dir (getattr search open)))
(allow init_t lockfile (lnk_file (read getattr)))
(allow init_t modules_object_t (dir (getattr search open)))
(allow init_t modules_object_t (dir (getattr search open)))
(allow init_t modules_object_t (lnk_file (read getattr)))
(allow init_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow init_t tmp_t (dir (mounton)))
(allow init_t cgroup_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t cgroup_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t cgroup_t (dir (getattr search open)))
(allow init_t cgroup_t (dir (getattr relabelfrom relabelto)))
(allow init_t cgroup_t (dir (getattr search open)))
(allow init_t cgroup_t (file (ioctl read write getattr lock append open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t autofs_t (dir (ioctl read getattr lock search open)))
(allow init_t autofs_t (filesystem (mount)))
(allow init_t hugetlbfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t hugetlbfs_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow init_t tmpfs_t (filesystem (getattr)))
(allow init_t tmpfs_t (dir (getattr search open)))
(allow init_t tmpfs_t (file (ioctl read getattr lock open)))
(allow init_t cgroup_t (dir (getattr search open)))
(allow init_t cgroup_t (file (ioctl read getattr lock open)))
(allow init_t cgroup_t (dir (getattr search open)))
(allow init_t cgroup_t (lnk_file (read getattr)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(dontaudit init_t fs_t (filesystem (getattr)))
(allow init_t tmpfs_t (dir (getattr search open)))
(allow init_t tmpfs_t (dir (getattr relabelfrom relabelto)))
(allow init_t tmpfs_t (dir (getattr search open)))
(allow init_t tmpfs_t (file (getattr relabelfrom relabelto)))
(allow init_t autofs_t (filesystem (unmount)))
(allow init_t pstore_t (dir (getattr search open)))
(allow init_t pstore_t (file (getattr)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t security_t (dir (ioctl read getattr lock search open)))
(allow init_t security_t (file (ioctl read write getattr lock append open)))
(allow init_t security_t (security (compute_create)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t sysfs_t (dir (getattr search open)))
(allow init_t security_t (dir (ioctl read getattr lock search open)))
(allow init_t security_t (file (ioctl read write getattr lock append open)))
(allow init_t security_t (security (compute_av)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_t (dir (ioctl read getattr lock search open)))
(allow init_t device_t (dir (getattr search open)))
(allow init_t device_t (lnk_file (read getattr)))
(allow init_t devpts_t (dir (getattr relabelfrom relabelto)))
(allow init_t etc_t (dir (ioctl read getattr lock search open)))
(allow init_t adjtime_t (file (ioctl read getattr lock open)))
(allow init_t syslogd_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow init_t syslogd_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow init_t var_run_t (lnk_file (read getattr)))
(allow init_t var_t (dir (getattr search open)))
(allow init_t var_run_t (dir (getattr search open)))
(allow init_t self (capability (audit_write)))
(allow init_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow init_t devlog_t (sock_file (getattr relabelto)))
(allow init_t etc_t (dir (getattr search open)))
(allow init_t selinux_config_t (dir (getattr search open)))
(allow init_t default_context_t (dir (getattr search open)))
(allow init_t file_context_t (dir (getattr search open)))
(allow init_t file_context_t (file (ioctl read getattr lock open)))
(allow init_t systemd_kmod_conf_t (file (getattr relabelto)))
(allow init_t systemd_logind_t (dbus (send_msg)))
(allow systemd_logind_t init_t (dbus (send_msg)))
(allow init_t udev_t (netlink_kobject_uevent_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow init_t self (process (getcap setcap)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t rc_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
(allow initrc_t self (process (getsched setsched getpgid setpgid setrlimit)))
(allow initrc_t self (capability (chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_rawio sys_chroot sys_ptrace sys_pacct sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap)))
(allow initrc_t self (capability2 (block_suspend)))
(dontaudit initrc_t self (capability (sys_module)))
(allow initrc_t self (passwd (rootok)))
(allow initrc_t self (key (view read write search link setattr create)))
(allow initrc_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow initrc_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown connectto)))
(allow initrc_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow initrc_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow initrc_t self (fifo_file (ioctl read write getattr lock append open)))
(allow initrc_t initrc_devpts_t (chr_file (ioctl read write getattr append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t ptmx_t (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t devpts_t (dir (ioctl read getattr lock search open)))
(allow initrc_t devpts_t (filesystem (getattr)))
(dontaudit initrc_t bsdpty_device_t (chr_file (read write getattr)))
(typetransition initrc_t devpts_t chr_file initrc_devpts_t)
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t initctl_t (fifo_file (ioctl read write getattr lock append open)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t init_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
(allow initrc_t init_script_file_type (file (ioctl read getattr lock execute execute_no_trans open)))
(allow initrc_t daemonpidfile (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t daemonpidfile (dir (create getattr)))
(allow initrc_t daemonpidfile (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t daemonpidfile (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t daemonpidfile (dir (getattr search open)))
(allow initrc_t daemonpidfile (dir (setattr)))
(allow initrc_t daemonrundir (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t daemonrundir (dir (create getattr)))
(allow initrc_t daemonrundir (dir (getattr search open)))
(allow initrc_t daemonrundir (dir (setattr)))
(allow init_run_all_scripts_domain initrc_exec_t (file (read getattr execute open)))
(allow init_run_all_scripts_domain initrc_t (process (transition)))
(dontaudit init_run_all_scripts_domain initrc_t (process (noatsecure siginh rlimitinh)))
(typetransition init_run_all_scripts_domain initrc_exec_t process initrc_t)
(allow initrc_t init_run_all_scripts_domain (fd (use)))
(allow initrc_t init_run_all_scripts_domain (fifo_file (ioctl read write getattr lock append open)))
(allow initrc_t init_run_all_scripts_domain (process (sigchld)))
(allow initrc_t initrc_state_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_state_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t initrc_state_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_state_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t initrc_state_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_state_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t initrc_state_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_state_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t initrc_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t var_run_t file initrc_var_run_t)
(allow initrc_t initrc_tmp_t (file (ioctl read getattr lock execute execute_no_trans open)))
(allow initrc_t initrc_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t initrc_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t initrc_tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_tmp_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t tmp_t dir initrc_tmp_t)
(typetransition initrc_t tmp_t file initrc_tmp_t)
(allow initrc_t initrc_var_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_var_log_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t initrc_var_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_var_log_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t var_log_t dir initrc_var_log_t)
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t initctl_t (fifo_file (write)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_t (file (ioctl read getattr lock open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_t (lnk_file (read getattr)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_t (dir (ioctl read getattr lock search open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_mdstat_t (file (ioctl read getattr lock open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_t (dir (ioctl read getattr lock search open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_net_t (dir (getattr search open)))
(allow initrc_t proc_net_t (file (ioctl read getattr lock open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_net_t (dir (getattr search open)))
(allow initrc_t proc_net_t (lnk_file (read getattr)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_net_t (dir (ioctl read getattr lock search open)))
(allow initrc_t self (capability2 (syslog)))
(allow initrc_t kernel_t (system (syslog_read)))
(allow initrc_t self (capability2 (syslog)))
(allow initrc_t kernel_t (system (syslog_console)))
(allow initrc_t self (capability2 (syslog)))
(allow initrc_t kernel_t (system (syslog_mod)))
(allow initrc_t kernel_t (system (ipc_info)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_net_t (dir (getattr search open)))
(allow initrc_t sysctl_type (dir (getattr search open)))
(allow initrc_t sysctl_type (file (ioctl read getattr lock open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_net_t (dir (getattr search open)))
(allow initrc_t sysctl_type (dir (ioctl read getattr lock search open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_net_t (dir (getattr search open)))
(allow initrc_t sysctl_type (dir (getattr search open)))
(allow initrc_t sysctl_type (file (ioctl read write getattr lock append open)))
(allow initrc_t sysctl_type (dir (ioctl read getattr lock search open)))
(allow initrc_t sysctl_type (file (setattr)))
(dontaudit initrc_t proc_kmsg_t (file (getattr)))
(allow initrc_t unlabeled_t (dir (ioctl read getattr lock search open)))
(allow initrc_t unlabeled_t (dir (getattr mounton search open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lock_t (lnk_file (read getattr)))
(allow initrc_t var_lock_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t var_lock_t (dir (create getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t boot_t (dir (ioctl read getattr lock search open)))
(allow initrc_t boot_t (dir (getattr search open)))
(allow initrc_t system_map_t (file (ioctl read getattr lock open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lock_t (dir (setattr)))
(allow initrc_t exec_type (file (ioctl read getattr lock execute execute_no_trans open)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t bin_t (dir (ioctl read getattr lock search open)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t exec_type (lnk_file (read getattr)))
(allow initrc_t unlabeled_t (tcp_socket (recvfrom)))
(allow initrc_t unlabeled_t (udp_socket (recvfrom)))
(allow initrc_t unlabeled_t (rawip_socket (recvfrom)))
(allow initrc_t unlabeled_t (peer (recv)))
(allow initrc_t unlabeled_t (association (sendto recvfrom)))
(allow initrc_t netlabel_peer_t (peer (recv)))
(allow initrc_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow initrc_t netlabel_peer_t (udp_socket (recvfrom)))
(allow initrc_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow initrc_t netif_type (netif (tcp_recv tcp_send ingress egress)))
(allow initrc_t netif_type (netif (udp_send egress)))
(allow initrc_t netif_type (netif (udp_recv ingress)))
(allow initrc_t node_type (node (tcp_recv tcp_send recvfrom sendto)))
(allow initrc_t node_type (node (udp_send sendto)))
(allow initrc_t node_type (node (udp_recv recvfrom)))
(allow initrc_t port_type (tcp_socket (recv_msg send_msg)))
(allow initrc_t port_type (udp_socket (send_msg)))
(allow initrc_t port_type (udp_socket (recv_msg)))
(allow initrc_t port_type (tcp_socket (name_connect)))
(allow initrc_t client_packet_type (packet (send)))
(allow initrc_t client_packet_type (packet (recv)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t kmsg_device_t (chr_file (ioctl write getattr lock append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t random_device_t (chr_file (ioctl write getattr lock append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t urandom_device_t (chr_file (ioctl write getattr lock append open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (file (ioctl read write getattr lock append open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (lnk_file (read getattr)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (ioctl read getattr lock search open)))
(allow initrc_t usbfs_t (dir (getattr search open)))
(allow initrc_t usbfs_t (lnk_file (read getattr)))
(allow initrc_t usbfs_t (dir (getattr search open)))
(allow initrc_t usbfs_t (file (getattr)))
(allow initrc_t usbfs_t (dir (getattr search open)))
(allow initrc_t usbfs_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t framebuf_device_t (chr_file (ioctl read getattr lock open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t framebuf_device_t (chr_file (ioctl write getattr lock append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t clock_device_t (chr_file (ioctl read getattr lock open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t sound_device_t (chr_file (ioctl read getattr lock open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t sound_device_t (chr_file (ioctl write getattr lock append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_node (chr_file (setattr)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t lvm_control_t (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t device_t (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t lvm_control_t (chr_file (getattr unlink)))
(allow initrc_t device_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t device_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t device_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t device_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t device_t (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t device_t (lnk_file (getattr unlink)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_node (blk_file (getattr)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_node (chr_file (getattr)))
(allow initrc_t device_t (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t domain (process (sigkill)))
(allow initrc_t self (capability (kill)))
(allow initrc_t domain (process (signal)))
(allow initrc_t domain (process (signull)))
(allow initrc_t domain (process (sigstop)))
(allow initrc_t domain (process (sigchld)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t domain (dir (ioctl read getattr lock search open)))
(allow initrc_t domain (dir (getattr search open)))
(allow initrc_t domain (file (ioctl read getattr lock open)))
(allow initrc_t domain (dir (getattr search open)))
(allow initrc_t domain (lnk_file (read getattr)))
(allow initrc_t domain (process (getattr)))
(dontaudit initrc_t domain (process (ptrace)))
(allow initrc_t domain (process (getsession)))
(allow initrc_t privfd (fd (use)))
(dontaudit initrc_t domain (udp_socket (getattr)))
(dontaudit initrc_t domain (tcp_socket (getattr)))
(dontaudit initrc_t domain (unix_dgram_socket (getattr)))
(dontaudit initrc_t domain (fifo_file (getattr)))
(allow initrc_t file_type (dir (getattr search open)))
(allow initrc_t file_type (dir (getattr)))
(allow initrc_t file_type (dir (getattr search open)))
(allow initrc_t file_type (file (getattr)))
(allow initrc_t file_type (dir (getattr search open)))
(allow initrc_t file_type (lnk_file (getattr)))
(allow initrc_t file_type (dir (getattr search open)))
(allow initrc_t file_type (lnk_file (getattr)))
(allow initrc_t file_type (dir (ioctl read getattr lock search open)))
(allow initrc_t file_type (dir (getattr search open)))
(allow initrc_t file_type (fifo_file (getattr)))
(allow initrc_t file_type (dir (ioctl read getattr lock search open)))
(allow initrc_t file_type (dir (getattr search open)))
(allow initrc_t file_type (sock_file (getattr)))
(allow initrc_t tmpfile (dir (ioctl read getattr lock search open)))
(allow initrc_t tmpfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t tmpfile (dir (getattr rmdir)))
(allow initrc_t tmpfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t tmpfile (file (getattr unlink)))
(allow initrc_t tmpfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t tmpfile (lnk_file (getattr unlink)))
(allow initrc_t tmpfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t tmpfile (fifo_file (getattr unlink)))
(allow initrc_t tmpfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t tmpfile (sock_file (getattr unlink)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lock_t (lnk_file (read getattr)))
(allow initrc_t lockfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t lockfile (file (getattr unlink)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t pidfile (dir (ioctl read getattr lock search open)))
(allow initrc_t pidfile (dir (getattr search open)))
(allow initrc_t pidfile (file (ioctl read getattr lock open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (rmdir)))
(allow initrc_t var_run_t (lnk_file (getattr unlink)))
(allow initrc_t pidfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t pidfile (file (getattr unlink)))
(allow initrc_t pidfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t pidfile (fifo_file (getattr unlink)))
(allow initrc_t pidfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t pidfile (sock_file (getattr unlink)))
(allow initrc_t var_run_t (sock_file (getattr unlink)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t pidfile (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t pidfile (dir (getattr rmdir)))
(allow initrc_t etc_t (dir (ioctl read getattr lock search open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t etc_t (file (ioctl read getattr lock open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t etc_t (lnk_file (read getattr)))
(allow initrc_t etc_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t etc_runtime_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t etc_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t etc_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t etc_t file etc_runtime_t)
(allow initrc_t etc_t (dir (ioctl read getattr lock search open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t etc_t (lnk_file (read getattr)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t etc_t (file (ioctl read getattr execute execute_no_trans open)))
(allow initrc_t usr_t (dir (ioctl read getattr lock search open)))
(allow initrc_t usr_t (dir (getattr search open)))
(allow initrc_t usr_t (file (ioctl read getattr lock open)))
(allow initrc_t usr_t (dir (getattr search open)))
(allow initrc_t usr_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lib_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t var_lib_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_spool_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t var_spool_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t default_t (dir (ioctl read getattr lock search open)))
(allow initrc_t default_t (dir (getattr mounton search open)))
(allow initrc_t cgroup_t (dir (getattr search open)))
(allow initrc_t cgroup_t (file (ioctl write getattr lock append open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t inotifyfs_t (dir (ioctl read getattr lock search open)))
(allow initrc_t binfmt_misc_fs_t (dir (getattr search open)))
(allow initrc_t binfmt_misc_fs_t (file (ioctl read write getattr lock append open)))
(allow initrc_t ramfs_t (dir (getattr search open)))
(allow initrc_t ramfs_t (fifo_file (ioctl write getattr lock append open)))
(allow initrc_t filesystem_type (filesystem (mount)))
(allow initrc_t filesystem_type (filesystem (unmount)))
(allow initrc_t filesystem_type (filesystem (remount)))
(allow initrc_t filesystem_type (filesystem (getattr)))
(allow initrc_t file_type (filesystem (getattr)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t security_t (dir (ioctl read getattr lock search open)))
(allow initrc_t security_t (file (ioctl read getattr lock open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t fixed_disk_device_t (blk_file (getattr)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t fixed_disk_device_t (blk_file (setattr)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t removable_device_t (blk_file (setattr)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t devpts_t (dir (ioctl read getattr lock search open)))
(allow initrc_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t devpts_t (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t console_device_t (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t ttynode (chr_file (relabelfrom)))
(allow initrc_t tty_device_t (chr_file (relabelto)))
(allow initrc_t wtmp_t (file (ioctl read write getattr lock append open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_log_t (dir (getattr search open)))
(allow initrc_t wtmp_t (file (setattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_log_t (dir (getattr search open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_log_t (dir (getattr search open)))
(allow initrc_t lastlog_t (file (ioctl read write getattr setattr lock append open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (dir (getattr search open)))
(allow initrc_t pam_var_run_t (dir (ioctl read getattr lock search open)))
(allow initrc_t pam_var_run_t (file (ioctl read getattr lock open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (dir (getattr search open)))
(allow initrc_t pam_var_run_t (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t pam_var_run_t (file (getattr unlink)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (dir (getattr search open)))
(allow initrc_t pam_var_console_t (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t pam_var_console_t (file (getattr unlink)))
(allow initrc_t etc_t (dir (ioctl read getattr lock search open)))
(allow initrc_t ld_so_cache_t (file (ioctl read write getattr lock append open)))
(allow initrc_t usr_t (dir (getattr search open)))
(allow initrc_t lib_t (dir (ioctl read getattr lock search open)))
(allow initrc_t lib_t (dir (getattr search open)))
(allow initrc_t lib_t (lnk_file (read getattr)))
(allow initrc_t lib_t (dir (getattr search open)))
(allow initrc_t lib_t (file (ioctl read getattr execute execute_no_trans open)))
(allow initrc_t lib_t (dir (ioctl read getattr lock search open)))
(allow initrc_t lib_t (dir (getattr search open)))
(allow initrc_t lib_t (lnk_file (read getattr)))
(allow initrc_t ld_so_t (lnk_file (read getattr)))
(allow initrc_t lib_t (dir (getattr search open)))
(allow initrc_t ld_so_t (file (ioctl read getattr execute execute_no_trans open)))
(allow initrc_t self (capability (audit_write)))
(allow initrc_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow initrc_t devlog_t (sock_file (write getattr append open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (dir (getattr search open)))
(allow initrc_t init_var_run_t (dir (getattr search open)))
(allow initrc_t syslogd_var_run_t (dir (getattr search open)))
(allow initrc_t syslogd_t (unix_dgram_socket (sendto)))
(allow initrc_t syslogd_t (unix_stream_socket (connectto)))
(allow initrc_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow initrc_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit initrc_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t var_log_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t logfile (dir (ioctl read getattr lock search open)))
(allow initrc_t logfile (dir (getattr search open)))
(allow initrc_t logfile (file (ioctl read getattr lock open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_log_t (dir (getattr search open)))
(allow initrc_t logfile (file (ioctl getattr lock append open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t auditd_etc_t (dir (getattr search open)))
(allow initrc_t auditd_etc_t (file (ioctl read getattr lock open)))
(allow initrc_t auditd_etc_t (dir (ioctl read getattr lock search open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t etc_t (lnk_file (read getattr)))
(allow initrc_t usr_t (dir (getattr search open)))
(allow initrc_t locale_t (dir (ioctl read getattr lock search open)))
(allow initrc_t locale_t (dir (getattr search open)))
(allow initrc_t locale_t (file (ioctl read getattr lock open)))
(allow initrc_t locale_t (dir (getattr search open)))
(allow initrc_t locale_t (lnk_file (read getattr)))
(allow initrc_t cert_t (dir (ioctl read getattr lock search open)))
(allow initrc_t cert_t (dir (getattr search open)))
(allow initrc_t cert_t (file (ioctl read getattr lock open)))
(allow initrc_t cert_t (dir (getattr search open)))
(allow initrc_t cert_t (lnk_file (read getattr)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t boot_t (dir (getattr search open)))
(allow initrc_t modules_conf_t (dir (ioctl read getattr lock search open)))
(allow initrc_t modules_conf_t (file (ioctl read getattr lock open)))
(allow initrc_t modules_conf_t (lnk_file (read getattr)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t bin_t (dir (getattr search open)))
(allow initrc_t insmod_exec_t (file (read getattr execute open)))
(allow initrc_t insmod_t (process (transition)))
(dontaudit initrc_t insmod_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t insmod_exec_t process insmod_t)
(allow insmod_t initrc_t (fd (use)))
(allow insmod_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
(allow insmod_t initrc_t (process (sigchld)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t selinux_config_t (dir (ioctl read getattr lock search open)))
(allow initrc_t selinux_config_t (dir (getattr search open)))
(allow initrc_t selinux_config_t (file (ioctl read getattr lock open)))
(allow initrc_t selinux_config_t (dir (getattr search open)))
(allow initrc_t selinux_config_t (lnk_file (read getattr)))
(allow initrc_t user_home_dir_t (dir (getattr search open)))
(allow initrc_t user_home_t (dir (getattr search open)))
(allow initrc_t user_home_t (file (ioctl read getattr lock open)))
(allow initrc_t home_root_t (dir (getattr search open)))
(allow initrc_t home_root_t (lnk_file (read getattr)))
(allow initrc_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(allow initrc_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (lnk_file (read getattr)))
(allow initrc_t devpts_t (dir (ioctl read getattr lock search open)))
(dontaudit initrc_t proc_kcore_t (file (getattr)))
(allow initrc_t self (process (setfscreate)))
(allow initrc_t self (capability (mknod)))
(allow initrc_t device_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t null_device_t (chr_file (create getattr)))
(allow initrc_t self (capability (mknod)))
(allow initrc_t device_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t zero_device_t (chr_file (create getattr)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t device_t (dir (create getattr)))
(allow initrc_t device_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t console_device_t (chr_file (create)))
(allow initrc_t self (capability (mknod)))
(allow initrc_t device_t (dir (ioctl read getattr lock search open)))
(allow initrc_t device_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t device_t (dir (create getattr)))
(allow initrc_t device_t (dir (ioctl write getattr lock remove_name search open)))
(allow initrc_t device_t (dir (getattr rmdir)))
(allow initrc_t device_t (dir (getattr search open)))
(allow initrc_t device_t (dir (setattr)))
(allow initrc_t pidfile (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t pidfile (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t pidfile (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t pidfile (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t pidfile (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t pidfile (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lock_t (lnk_file (read getattr)))
(allow initrc_t var_lock_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t var_lock_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t var_lock_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t var_lock_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t var_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_state_t tmpfs_t (filesystem (associate)))
(allow initrc_t tmpfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t tmpfs_t fifo_file initrc_state_t)
(typetransition initrc_t tmpfs_t lnk_file initrc_state_t)
(typetransition initrc_t tmpfs_t dir initrc_state_t)
(typetransition initrc_t tmpfs_t file initrc_state_t)
(dontaudit initrc_t adjtime_t (file (write)))
(allow initrc_t self (capability (audit_write)))
(allow initrc_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t selinux_config_t (dir (getattr search open)))
(allow initrc_t default_context_t (dir (ioctl read getattr lock search open)))
(allow initrc_t default_context_t (dir (getattr search open)))
(allow initrc_t default_context_t (file (ioctl read getattr lock open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t net_conf_t (file (create getattr open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t net_conf_t (file (ioctl write getattr lock append open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t net_conf_t (file (setattr)))
(allow initrc_t initrc_lock_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_lock_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lock_t (lnk_file (read getattr)))
(allow initrc_t var_lock_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t var_lock_t file initrc_lock_t)
(allow initrc_t init_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t init_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t initrc_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t self (capability (mknod)))
(allow initrc_t initrc_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_var_run_t (chr_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t initrc_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_var_run_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t var_run_t fifo_file initrc_var_run_t)
(typetransition initrc_t var_run_t sock_file initrc_var_run_t)
(typetransition initrc_t var_run_t blk_file initrc_var_run_t)
(typetransition initrc_t var_run_t chr_file initrc_var_run_t)
(typetransition initrc_t var_run_t lnk_file initrc_var_run_t)
(typetransition initrc_t var_run_t dir initrc_var_run_t)
(typetransition initrc_t var_run_t file initrc_var_run_t)
(allow initrc_t systemd_unit_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t systemd_unit_t (dir (create getattr)))
(allow initrc_t systemdunit (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t systemdunit (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t systemdunit (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t systemdunit (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
(allow initrc_t kernel_t (unix_dgram_socket (sendto)))
(allow initrc_t bin_t (file (entrypoint)))
(allow initrc_t bin_t (file (ioctl read getattr lock execute open)))
(allow initrc_t shell_exec_t (file (entrypoint)))
(allow initrc_t shell_exec_t (file (ioctl read getattr lock execute open)))
(allow init_t bin_t (dir (getattr search open)))
(allow init_t bin_t (lnk_file (read getattr)))
(allow init_t bin_t (file (read getattr execute open)))
(allow init_t initrc_t (process (transition)))
(dontaudit init_t initrc_t (process (noatsecure siginh rlimitinh)))
(typetransition init_t bin_t process initrc_t)
(allow init_t bin_t (dir (getattr search open)))
(allow init_t bin_t (dir (ioctl read getattr lock search open)))
(allow init_t bin_t (dir (getattr search open)))
(allow init_t bin_t (lnk_file (read getattr)))
(allow init_t shell_exec_t (file (read getattr execute open)))
(allow init_t initrc_t (process (transition)))
(dontaudit init_t initrc_t (process (noatsecure siginh rlimitinh)))
(typetransition init_t shell_exec_t process initrc_t)
(allow initrc_t boot_t (dir (getattr search open)))
(allow initrc_t boot_t (file (ioctl read getattr lock open)))
(allow initrc_t etc_t (service (status)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (setattr)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t security_t (dir (ioctl read getattr lock search open)))
(allow initrc_t security_t (file (ioctl read write getattr lock append open)))
(allow initrc_t init_var_run_t (dir (getattr search open)))
(allow initrc_t init_var_run_t (sock_file (write getattr append open)))
(allow initrc_t init_t (unix_stream_socket (connectto)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (dir (getattr search open)))
(allow initrc_t init_var_lib_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t init_var_lib_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_lib_t (dir (getattr search open)))
(allow initrc_t init_t (unix_stream_socket (ioctl read write getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow initrc_t systemdunit (service (status)))
(allow initrc_t systemdunit (service (stop)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t auditd_etc_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t auditd_etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t etc_t (dir (getattr search open)))
(allow initrc_t selinux_config_t (dir (getattr search open)))
(allow initrc_t default_context_t (dir (getattr search open)))
(allow initrc_t file_context_t (dir (getattr search open)))
(allow initrc_t file_context_t (file (ioctl read getattr lock open)))
(allow initrc_t power_unit_t (service (start)))
(allow initrc_t self (capability (sys_admin)))
(allow initrc_t init_script_readable (dir (getattr search open)))
(allow initrc_t init_script_readable (file (ioctl read getattr lock open)))
(allow initrc_t init_script_readable (dir (getattr search open)))
(allow initrc_t init_script_readable (lnk_file (read getattr)))
(allow initrc_t initrc_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t initrc_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(typetransition initrc_t var_run_t dir initrc_var_run_t)
(allow initrc_t proc_t (dir (getattr search open)))
(allow initrc_t proc_t (file (ioctl write getattr lock append open)))
(allow initrc_t sysfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t sysfs_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t device_t (chr_file (setattr)))
(allow initrc_t var_t (dir (getattr search open)))
(allow initrc_t var_run_t (lnk_file (read getattr)))
(allow initrc_t var_run_t (dir (ioctl write getattr lock add_name search open)))
(allow initrc_t var_run_t (dir (create getattr)))
(dontaudit initrc_t usr_t (dir (write)))
(allow initrc_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t tmp_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t cgroup_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t cgroup_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t cgroup_t (dir (ioctl read write getattr lock add_name remove_name search open)))
(allow initrc_t cgroup_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t devlog_t (sock_file (unlink)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t sysfs_t (dir (getattr search open)))
(allow initrc_t security_t (dir (ioctl read getattr lock search open)))
(allow initrc_t security_t (file (ioctl read write getattr lock append open)))
(typetransition initrc_t var_run_t dir "openrc" initrc_state_t)
(typetransition initrc_t var_run_t dir "lock" var_lock_t)
(booleanif (init_upstart)
    (true
        (allow initrc_t init_t (unix_dgram_socket (sendto)))
        (allow initrc_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
    )
)
(booleanif (secure_mode_policyload)
    (false
        (allow init_t secure_mode_policyload_t (file (ioctl write getattr lock append open)))
        (allow initrc_t security_t (security (setenforce)))
        (allow initrc_t security_t (security (setenforce)))
    )
)
(typeattribute init_typeattr_1)
(typeattributeset init_typeattr_1 (and (boolean_type ) (not (secure_mode_policyload_t ))))
(optional init_optional_2
    (allow init_t init_t (process (sigchld)))
    (allow init_t init_t (process (signull)))
    (optional init_optional_3
        (typeattributeset cil_gen_require rpm_t)
        (allow init_t rpm_t (fd (use)))
        (allow init_t rpm_t (fifo_file (ioctl read getattr lock open)))
    )
    (optional init_optional_4
        (typeattributeset cil_gen_require security_t)
        (typeattributeset cil_gen_require sysfs_t)
        (dontaudit init_t security_t (filesystem (getattr)))
        (dontaudit init_t sysfs_t (filesystem (getattr)))
        (dontaudit init_t sysfs_t (dir (getattr search open)))
        (dontaudit init_t security_t (dir (getattr search open)))
        (dontaudit init_t security_t (file (ioctl read getattr lock open)))
        (optional init_optional_5
            (typeattributeset cil_gen_require selinux_config_t)
            (dontaudit init_t selinux_config_t (dir (getattr search open)))
            (dontaudit init_t selinux_config_t (file (ioctl read getattr lock open)))
            (optional init_optional_6
                (allow initrc_t init_t (process (sigchld)))
                (allow initrc_t init_t (process (signull)))
                (optional init_optional_7
                    (typeattributeset cil_gen_require rpm_t)
                    (allow initrc_t rpm_t (fd (use)))
                    (allow initrc_t rpm_t (fifo_file (ioctl read getattr lock open)))
                )
                (optional init_optional_8
                    (typeattributeset cil_gen_require security_t)
                    (typeattributeset cil_gen_require sysfs_t)
                    (dontaudit initrc_t security_t (filesystem (getattr)))
                    (dontaudit initrc_t sysfs_t (filesystem (getattr)))
                    (dontaudit initrc_t sysfs_t (dir (getattr search open)))
                    (dontaudit initrc_t security_t (dir (getattr search open)))
                    (dontaudit initrc_t security_t (file (ioctl read getattr lock open)))
                    (optional init_optional_9
                        (typeattributeset cil_gen_require selinux_config_t)
                        (dontaudit initrc_t selinux_config_t (dir (getattr search open)))
                        (dontaudit initrc_t selinux_config_t (file (ioctl read getattr lock open)))
                        (optional init_optional_10
                            (typeattributeset cil_gen_require var_t)
                            (typeattributeset cil_gen_require var_run_t)
                            (typeattributeset cil_gen_require var_lib_t)
                            (typeattributeset cil_gen_require dbusd_system_bus_client)
                            (typeattributeset cil_gen_require system_dbusd_t)
                            (typeattributeset cil_gen_require system_dbusd_var_run_t)
                            (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                            (typeattributeset cil_gen_require dbusd_etc_t)
                            (typeattributeset cil_gen_require dbusd_system_bus_client)
                            (typeattributeset dbusd_system_bus_client (init_t ))
                            (allow init_t system_dbusd_t (dbus (send_msg)))
                            (allow init_t self (dbus (send_msg)))
                            (allow system_dbusd_t init_t (dbus (send_msg)))
                            (allow init_t var_t (dir (getattr search open)))
                            (allow init_t var_lib_t (dir (getattr search open)))
                            (allow init_t system_dbusd_var_lib_t (dir (getattr search open)))
                            (allow init_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                            (allow init_t var_run_t (lnk_file (read getattr)))
                            (allow init_t var_t (dir (getattr search open)))
                            (allow init_t var_run_t (dir (getattr search open)))
                            (allow init_t system_dbusd_var_run_t (dir (getattr search open)))
                            (allow init_t system_dbusd_var_run_t (sock_file (write getattr append open)))
                            (allow init_t system_dbusd_t (unix_stream_socket (connectto)))
                            (allow init_t dbusd_etc_t (dir (ioctl read getattr lock search open)))
                            (allow init_t dbusd_etc_t (file (ioctl read getattr lock open)))
                            (allow init_t system_dbusd_var_lib_t (dir (getattr search open)))
                            (allow init_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                            (allow init_t system_dbusd_t (dbus (acquire_svc)))
                        )
                        (optional init_optional_11
                            (typeattributeset cil_gen_require bin_t)
                            (typeattributeset cil_gen_require insmod_t)
                            (typeattributeset cil_gen_require insmod_exec_t)
                            (allow init_t bin_t (dir (getattr search open)))
                            (allow init_t bin_t (dir (getattr search open)))
                            (allow init_t insmod_exec_t (file (read getattr execute open)))
                            (allow init_t insmod_t (process (transition)))
                            (dontaudit init_t insmod_t (process (noatsecure siginh rlimitinh)))
                            (typetransition init_t insmod_exec_t process insmod_t)
                            (allow insmod_t init_t (fd (use)))
                            (allow insmod_t init_t (fifo_file (ioctl read write getattr lock append open)))
                            (allow insmod_t init_t (process (sigchld)))
                            (optional init_optional_12
                                (typeattributeset cil_gen_require var_t)
                                (typeattributeset cil_gen_require var_log_t)
                                (typeattributeset cil_gen_require wtmp_t)
                                (allow init_t wtmp_t (file (ioctl read write getattr lock append open)))
                                (allow init_t var_t (dir (getattr search open)))
                                (allow init_t var_log_t (dir (getattr search open)))
                                (optional init_optional_13
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require dbusd_system_bus_client)
                                    (typeattributeset cil_gen_require system_dbusd_t)
                                    (typeattributeset cil_gen_require system_dbusd_var_run_t)
                                    (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                                    (typeattributeset cil_gen_require dbusd_etc_t)
                                    (typeattributeset cil_gen_require dbusd_system_bus_client)
                                    (typeattributeset dbusd_system_bus_client (init_t ))
                                    (allow init_t system_dbusd_t (dbus (send_msg)))
                                    (allow init_t self (dbus (send_msg)))
                                    (allow system_dbusd_t init_t (dbus (send_msg)))
                                    (allow init_t var_t (dir (getattr search open)))
                                    (allow init_t var_lib_t (dir (getattr search open)))
                                    (allow init_t system_dbusd_var_lib_t (dir (getattr search open)))
                                    (allow init_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                                    (allow init_t var_run_t (lnk_file (read getattr)))
                                    (allow init_t var_t (dir (getattr search open)))
                                    (allow init_t var_run_t (dir (getattr search open)))
                                    (allow init_t system_dbusd_var_run_t (dir (getattr search open)))
                                    (allow init_t system_dbusd_var_run_t (sock_file (write getattr append open)))
                                    (allow init_t system_dbusd_t (unix_stream_socket (connectto)))
                                    (allow init_t dbusd_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow init_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                    (allow init_t system_dbusd_var_lib_t (dir (getattr search open)))
                                    (allow init_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_14
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require nscd_t)
                                    (typeattributeset cil_gen_require nscd_var_run_t)
                                    (booleanif (nscd_use_shm)
                                        (true
                                            (allow init_t nscd_var_run_t (sock_file (read getattr open)))
                                            (allow init_t nscd_var_run_t (dir (ioctl read getattr lock search open)))
                                            (dontaudit init_t nscd_var_run_t (file (ioctl read getattr lock open)))
                                            (allow init_t nscd_t (unix_stream_socket (connectto)))
                                            (allow init_t nscd_var_run_t (sock_file (write getattr append open)))
                                            (allow init_t nscd_var_run_t (dir (getattr search open)))
                                            (allow init_t var_run_t (dir (getattr search open)))
                                            (allow init_t var_t (dir (getattr search open)))
                                            (allow init_t var_run_t (lnk_file (read getattr)))
                                            (allow init_t nscd_t (fd (use)))
                                            (allow init_t nscd_t (nscd (getpwd getgrp gethost shmempwd shmemgrp shmemhost)))
                                            (allow init_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                                        )
                                        (false
                                            (allow nscd_t init_t (process (getattr)))
                                            (allow nscd_t init_t (lnk_file (read getattr)))
                                            (allow nscd_t init_t (file (ioctl read getattr lock open)))
                                            (allow nscd_t init_t (dir (ioctl read getattr lock search open)))
                                            (dontaudit init_t nscd_var_run_t (file (ioctl read getattr lock open)))
                                            (allow init_t nscd_t (unix_stream_socket (connectto)))
                                            (allow init_t nscd_var_run_t (sock_file (write getattr append open)))
                                            (allow init_t nscd_var_run_t (dir (getattr search open)))
                                            (allow init_t var_run_t (dir (getattr search open)))
                                            (allow init_t var_t (dir (getattr search open)))
                                            (allow init_t var_run_t (lnk_file (read getattr)))
                                            (dontaudit init_t nscd_t (nscd (shmempwd shmemgrp shmemhost getserv shmemserv)))
                                            (dontaudit init_t nscd_t (fd (use)))
                                            (allow init_t nscd_t (nscd (getpwd getgrp gethost)))
                                            (allow init_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                        )
                                    )
                                )
                                (optional init_optional_15
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require shutdown_t)
                                    (typeattributeset cil_gen_require shutdown_exec_t)
                                    (allow init_t bin_t (dir (getattr search open)))
                                    (allow init_t bin_t (dir (getattr search open)))
                                    (allow init_t shutdown_exec_t (file (read getattr execute open)))
                                    (allow init_t shutdown_t (process (transition)))
                                    (dontaudit init_t shutdown_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition init_t shutdown_exec_t process shutdown_t)
                                    (allow shutdown_t init_t (fd (use)))
                                    (allow shutdown_t init_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow shutdown_t init_t (process (sigchld)))
                                )
                                (optional init_optional_16
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require sssd_t)
                                    (typeattributeset cil_gen_require sssd_var_lib_t)
                                    (allow init_t var_run_t (lnk_file (read getattr)))
                                    (allow init_t var_t (dir (getattr search open)))
                                    (allow init_t var_run_t (dir (getattr search open)))
                                    (allow init_t sssd_var_lib_t (dir (getattr search open)))
                                    (allow init_t sssd_var_lib_t (sock_file (write getattr append open)))
                                    (allow init_t sssd_t (unix_stream_socket (connectto)))
                                )
                                (optional init_optional_17
                                    (typeattributeset cil_gen_require domain)
                                    (typeattributeset domain (init_t initrc_t ))
                                    (typeattributeset cil_gen_require set_curr_context)
                                    (typeattributeset set_curr_context (kernel_t ))
                                    (typeattributeset cil_gen_require unconfined_t)
                                    (typeattributeset cil_gen_require kern_unconfined)
                                    (typeattributeset cil_gen_require can_load_kernmodule)
                                    (typeattributeset cil_gen_require corenet_unconfined_type)
                                    (typeattributeset cil_gen_require devices_unconfined_type)
                                    (typeattributeset cil_gen_require can_change_object_identity)
                                    (typeattributeset cil_gen_require unconfined_domain_type)
                                    (typeattributeset cil_gen_require process_uncond_exempt)
                                    (typeattributeset cil_gen_require files_unconfined_type)
                                    (typeattributeset cil_gen_require filesystem_unconfined_type)
                                    (typeattributeset cil_gen_require selinux_unconfined_type)
                                    (typeattributeset cil_gen_require set_curr_context)
                                    (typeattributeset set_curr_context (init_t ))
                                    (typeattributeset cil_gen_require can_change_object_identity)
                                    (typeattributeset can_change_object_identity (init_t ))
                                    (typeattributeset cil_gen_require selinux_unconfined_type)
                                    (typeattributeset selinux_unconfined_type (init_t ))
                                    (typeattributeset cil_gen_require corenet_unconfined_type)
                                    (typeattributeset corenet_unconfined_type (init_t ))
                                    (typeattributeset cil_gen_require can_load_kernmodule)
                                    (typeattributeset can_load_kernmodule (init_t ))
                                    (typeattributeset cil_gen_require devices_unconfined_type)
                                    (typeattributeset devices_unconfined_type (init_t ))
                                    (typeattributeset cil_gen_require files_unconfined_type)
                                    (typeattributeset files_unconfined_type (init_t ))
                                    (typeattributeset cil_gen_require kern_unconfined)
                                    (typeattributeset kern_unconfined (init_t ))
                                    (typeattributeset cil_gen_require filesystem_unconfined_type)
                                    (typeattributeset filesystem_unconfined_type (init_t ))
                                    (typeattributeset cil_gen_require process_uncond_exempt)
                                    (typeattributeset process_uncond_exempt (init_t ))
                                    (typeattributeset cil_gen_require unconfined_domain_type)
                                    (typeattributeset unconfined_domain_type (init_t ))
                                    (allow init_t self (capability (chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap)))
                                    (allow init_t self (capability2 (syslog)))
                                    (allow init_t self (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow init_t self (process (transition)))
                                    (allow init_t self (file (ioctl read write getattr lock append open)))
                                    (allow init_t self (nscd (getpwd getgrp gethost shmempwd shmemgrp shmemhost getserv shmemserv getstat admin)))
                                    (allow init_t self (dbus (send_msg acquire_svc)))
                                    (allow init_t self (passwd (rootok passwd chfn chsh crontab)))
                                    (allow init_t self (association (sendto recvfrom setcontext polmatch)))
                                    (dontaudit init_t domain (dir (ioctl read getattr lock search open)))
                                    (dontaudit init_t domain (lnk_file (read getattr)))
                                    (dontaudit init_t domain (file (ioctl read getattr lock open)))
                                    (dontaudit init_t domain (sock_file (read getattr open)))
                                    (dontaudit init_t domain (fifo_file (ioctl read getattr lock open)))
                                    (dontaudit init_t domain (process (ptrace)))
                                    (booleanif (allow_execstack)
                                        (true
                                            (allow init_t self (process (execmem execstack)))
                                        )
                                    )
                                    (booleanif (allow_execmem)
                                        (true
                                            (allow init_t self (process (execmem)))
                                        )
                                    )
                                    (booleanif (allow_execheap)
                                        (true
                                            (allow init_t self (process (execheap)))
                                            (auditallow init_t self (process (execheap)))
                                        )
                                    )
                                    (optional init_optional_18
                                        (typeattributeset cil_gen_require can_read_shadow_passwords)
                                        (typeattributeset cil_gen_require can_write_shadow_passwords)
                                        (typeattributeset cil_gen_require can_relabelto_shadow_passwords)
                                        (typeattributeset cil_gen_require can_read_shadow_passwords)
                                        (typeattributeset can_read_shadow_passwords (init_t ))
                                        (typeattributeset cil_gen_require can_write_shadow_passwords)
                                        (typeattributeset can_write_shadow_passwords (init_t ))
                                        (typeattributeset cil_gen_require can_relabelto_shadow_passwords)
                                        (typeattributeset can_relabelto_shadow_passwords (init_t ))
                                    )
                                    (optional init_optional_19
                                        (typeattributeset cil_gen_require dbusd_unconfined)
                                        (typeattributeset cil_gen_require dbusd_unconfined)
                                        (typeattributeset dbusd_unconfined (init_t ))
                                    )
                                    (optional init_optional_20
                                        (typeattributeset cil_gen_require ipsec_spd_t)
                                        (allow init_t ipsec_spd_t (association (setcontext)))
                                        (allow init_t ipsec_spd_t (association (polmatch)))
                                        (allow init_t self (association (sendto)))
                                    )
                                    (optional init_optional_21
                                        (typeattributeset cil_gen_require nscd_t)
                                        (allow init_t nscd_t (nscd (getpwd getgrp gethost shmempwd shmemgrp shmemhost getserv shmemserv getstat admin)))
                                    )
                                    (optional init_optional_22
                                        (typeattributeset cil_gen_require sepgsql_unconfined_type)
                                        (typeattributeset cil_gen_require sepgsql_unconfined_type)
                                        (typeattributeset sepgsql_unconfined_type (init_t ))
                                    )
                                    (optional init_optional_23
                                        (typeattributeset cil_gen_require selinux_config_t)
                                        (typeattributeset cil_gen_require etc_t)
                                        (typeattributeset cil_gen_require policy_config_t)
                                        (typeattributeset cil_gen_require can_relabelto_binary_policy)
                                        (typeattributeset cil_gen_require can_relabelto_binary_policy)
                                        (typeattributeset can_relabelto_binary_policy (init_t ))
                                        (allow init_t etc_t (dir (getattr search open)))
                                        (allow init_t selinux_config_t (dir (getattr search open)))
                                        (allow init_t policy_config_t (dir (ioctl write getattr lock add_name search open)))
                                        (allow init_t policy_config_t (file (create getattr open)))
                                        (allow init_t policy_config_t (dir (getattr search open)))
                                        (allow init_t policy_config_t (file (ioctl write getattr lock append open)))
                                        (allow init_t policy_config_t (file (relabelto)))
                                    )
                                    (optional init_optional_24
                                        (typeattributeset cil_gen_require storage_unconfined_type)
                                        (typeattributeset cil_gen_require storage_unconfined_type)
                                        (typeattributeset storage_unconfined_type (init_t ))
                                    )
                                    (optional init_optional_25
                                        (typeattributeset cil_gen_require x_domain)
                                        (typeattributeset cil_gen_require xserver_unconfined_type)
                                        (typeattributeset cil_gen_require xserver_unconfined_type)
                                        (typeattributeset xserver_unconfined_type (init_t ))
                                        (typeattributeset cil_gen_require x_domain)
                                        (typeattributeset x_domain (init_t ))
                                    )
                                )
                                (optional init_optional_26
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require alsa_var_lib_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t alsa_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t alsa_var_lib_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t alsa_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t alsa_var_lib_t (dir (ioctl read getattr lock search open)))
                                )
                                (optional init_optional_27
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require arpwatch_data_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t arpwatch_data_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t arpwatch_data_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                )
                                (optional init_optional_28
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require dhcpd_state_t)
                                    (typeattributeset cil_gen_require dhcp_state_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t dhcp_state_t (dir (getattr search open)))
                                    (allow initrc_t dhcpd_state_t (file (setattr)))
                                )
                                (optional init_optional_29
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lock_t)
                                    (typeattributeset cil_gen_require lvm_lock_t)
                                    (allow initrc_t lvm_lock_t (dir (ioctl write getattr lock add_name search open)))
                                    (allow initrc_t lvm_lock_t (dir (create getattr)))
                                    (allow initrc_t var_lock_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lock_t (dir (ioctl write getattr lock add_name search open)))
                                )
                                (optional init_optional_30
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require amavis_var_lib_t)
                                    (typeattributeset cil_gen_require amavis_var_run_t)
                                    (allow initrc_t amavis_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t amavis_var_run_t (file (setattr)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                )
                                (optional init_optional_31
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require apm_bios_t)
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t apm_bios_t (chr_file (ioctl read write getattr lock append open)))
                                )
                                (optional init_optional_32
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require httpd_config_t)
                                    (typeattributeset cil_gen_require httpd_modules_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t httpd_config_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t httpd_config_t (dir (getattr search open)))
                                    (allow initrc_t httpd_config_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t httpd_config_t (dir (getattr search open)))
                                    (allow initrc_t httpd_config_t (lnk_file (read getattr)))
                                    (allow initrc_t httpd_modules_t (dir (ioctl read getattr lock search open)))
                                )
                                (optional init_optional_33
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require var_log_t)
                                    (typeattributeset cil_gen_require asterisk_log_t)
                                    (typeattributeset cil_gen_require asterisk_var_run_t)
                                    (allow initrc_t asterisk_log_t (dir (getattr search open)))
                                    (allow initrc_t asterisk_log_t (file (setattr)))
                                    (allow initrc_t asterisk_log_t (dir (getattr search open)))
                                    (allow initrc_t asterisk_log_t (dir (setattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_log_t (dir (getattr search open)))
                                    (allow initrc_t asterisk_var_run_t (dir (getattr search open)))
                                    (allow initrc_t asterisk_var_run_t (file (setattr)))
                                    (allow initrc_t asterisk_var_run_t (dir (getattr search open)))
                                    (allow initrc_t asterisk_var_run_t (dir (setattr)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                )
                                (optional init_optional_34
                                    (typeattributeset cil_gen_require named_conf_t)
                                    (typeattributeset cil_gen_require named_var_run_t)
                                    (allow initrc_t named_conf_t (dir (getattr search open)))
                                    (allow initrc_t named_conf_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t named_var_run_t (dir (setattr)))
                                )
                                (optional init_optional_35
                                    (typeattributeset cil_gen_require usbfs_t)
                                    (typeattributeset cil_gen_require bluetooth_conf_t)
                                    (allow initrc_t usbfs_t (dir (getattr search open)))
                                    (allow initrc_t usbfs_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t usbfs_t (dir (getattr search open)))
                                    (allow initrc_t usbfs_t (lnk_file (read getattr)))
                                    (allow initrc_t usbfs_t (dir (getattr search open)))
                                    (allow initrc_t usbfs_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t bluetooth_conf_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_36
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require cgred_var_run_t)
                                    (typeattributeset cil_gen_require cgred_t)
                                    (allow initrc_t cgred_var_run_t (dir (getattr search open)))
                                    (allow initrc_t cgred_var_run_t (sock_file (write getattr append open)))
                                    (allow initrc_t cgred_t (unix_stream_socket (connectto)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                )
                                (optional init_optional_37
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require clamd_etc_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t clamd_etc_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_38
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require courier_etc_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t courier_etc_t (dir (getattr search open)))
                                    (allow initrc_t courier_etc_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_39
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require cpucontrol_t)
                                    (typeattributeset cil_gen_require cpu_device_t)
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t cpu_device_t (chr_file (getattr)))
                                )
                                (optional init_optional_40
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require var_log_t)
                                    (typeattributeset cil_gen_require printer_device_t)
                                    (typeattributeset cil_gen_require cupsd_log_t)
                                    (typeattributeset cil_gen_require cupsd_etc_t)
                                    (typeattributeset cil_gen_require cupsd_rw_etc_t)
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t printer_device_t (chr_file (getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_log_t (dir (getattr search open)))
                                    (allow initrc_t cupsd_log_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t cupsd_etc_t (dir (getattr search open)))
                                    (allow initrc_t cupsd_rw_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_log_t (dir (getattr search open)))
                                    (allow initrc_t cupsd_log_t (file (ioctl write getattr lock append open)))
                                )
                                (optional init_optional_41
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require svc_svc_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t svc_svc_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
                                    (allow initrc_t svc_svc_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t svc_svc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t svc_svc_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
                                )
                                (optional init_optional_42
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require dbusd_system_bus_client)
                                    (typeattributeset cil_gen_require system_dbusd_t)
                                    (typeattributeset cil_gen_require system_dbusd_var_run_t)
                                    (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                                    (typeattributeset cil_gen_require dbusd_etc_t)
                                    (typeattributeset cil_gen_require dbusd_system_bus_client)
                                    (typeattributeset dbusd_system_bus_client (initrc_t ))
                                    (allow initrc_t system_dbusd_t (dbus (acquire_svc)))
                                    (allow initrc_t system_dbusd_t (dbus (send_msg)))
                                    (allow initrc_t self (dbus (send_msg)))
                                    (allow system_dbusd_t initrc_t (dbus (send_msg)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t system_dbusd_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t system_dbusd_var_run_t (dir (getattr search open)))
                                    (allow initrc_t system_dbusd_var_run_t (sock_file (write getattr append open)))
                                    (allow initrc_t system_dbusd_t (unix_stream_socket (connectto)))
                                    (allow initrc_t dbusd_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t system_dbusd_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                    (allow initrc_t dbusd_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                    (optional init_optional_43
                                        (typeattributeset cil_gen_require consolekit_t)
                                        (allow initrc_t consolekit_t (dbus (send_msg)))
                                        (allow consolekit_t initrc_t (dbus (send_msg)))
                                    )
                                    (optional init_optional_44
                                        (typeattributeset cil_gen_require NetworkManager_t)
                                        (allow initrc_t NetworkManager_t (dbus (send_msg)))
                                        (allow NetworkManager_t initrc_t (dbus (send_msg)))
                                    )
                                    (optional init_optional_45
                                        (typeattributeset cil_gen_require policykit_t)
                                        (allow initrc_t policykit_t (dbus (send_msg)))
                                        (allow policykit_t initrc_t (dbus (send_msg)))
                                    )
                                )
                                (optional init_optional_46
                                    (typeattributeset cil_gen_require dovecot_var_lib_t)
                                    (dontaudit initrc_t dovecot_var_lib_t (file (getattr unlink)))
                                )
                                (optional init_optional_47
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require ftpd_etc_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t ftpd_etc_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_48
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require gpmctl_t)
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t device_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t device_t (lnk_file (read getattr)))
                                    (allow initrc_t gpmctl_t (sock_file (setattr)))
                                )
                                (optional init_optional_49
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_log_t)
                                    (typeattributeset cil_gen_require hald_log_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_log_t (dir (getattr search open)))
                                    (allow initrc_t hald_log_t (dir (getattr search open)))
                                    (allow initrc_t hald_log_t (file (ioctl write getattr lock append open)))
                                )
                                (optional init_optional_50
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require modules_object_t)
                                    (typeattributeset cil_gen_require usbfs_t)
                                    (typeattributeset cil_gen_require hotplug_etc_t)
                                    (typeattributeset cil_gen_require modules_dep_t)
                                    (allow initrc_t usbfs_t (dir (getattr search open)))
                                    (allow initrc_t usbfs_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t usbfs_t (dir (getattr search open)))
                                    (allow initrc_t usbfs_t (lnk_file (read getattr)))
                                    (allow initrc_t usbfs_t (dir (getattr search open)))
                                    (allow initrc_t usbfs_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t hotplug_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t hotplug_etc_t (dir (getattr search open)))
                                    (allow initrc_t hotplug_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t hotplug_etc_t (dir (getattr search open)))
                                    (allow initrc_t hotplug_etc_t (lnk_file (read getattr)))
                                    (allow initrc_t modules_object_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t modules_dep_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_51
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require innd_etc_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t innd_etc_t (dir (getattr search open)))
                                    (allow initrc_t innd_etc_t (file (ioctl read getattr execute execute_no_trans open)))
                                )
                                (optional init_optional_52
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require ipsec_conf_file_t)
                                    (typeattributeset cil_gen_require ipsec_var_run_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t ipsec_conf_file_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t ipsec_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t ipsec_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                )
                                (optional init_optional_53
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require iscsid_t)
                                    (typeattributeset cil_gen_require iscsi_var_lib_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t iscsi_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t iscsi_var_lib_t (sock_file (write getattr append open)))
                                    (allow initrc_t iscsid_t (unix_stream_socket (connectto)))
                                    (allow initrc_t iscsi_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t iscsi_var_lib_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t iscsi_var_lib_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                )
                                (optional init_optional_54
                                    (typeattributeset cil_gen_require security_t)
                                    (typeattributeset cil_gen_require selinux_config_t)
                                    (typeattributeset cil_gen_require unlabeled_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require default_context_t)
                                    (typeattributeset cil_gen_require file_context_t)
                                    (typeattributeset cil_gen_require netlabel_peer_t)
                                    (typeattributeset cil_gen_require user_home_dir_t)
                                    (typeattributeset cil_gen_require home_root_t)
                                    (typeattributeset cil_gen_require krb5kdc_conf_t)
                                    (typeattributeset cil_gen_require krb5_host_rcache_t)
                                    (typeattributeset cil_gen_require krb5_conf_t)
                                    (typeattributeset cil_gen_require krb5_home_t)
                                    (typeattributeset cil_gen_require netif_t)
                                    (typeattributeset cil_gen_require node_t)
                                    (typeattributeset cil_gen_require kerberos_client_packet_t)
                                    (typeattributeset cil_gen_require kerberos_port_t)
                                    (typeattributeset cil_gen_require ocsp_client_packet_t)
                                    (typeattributeset cil_gen_require ocsp_port_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t krb5_conf_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t user_home_dir_t (dir (getattr search open)))
                                    (allow initrc_t home_root_t (dir (getattr search open)))
                                    (allow initrc_t home_root_t (lnk_file (read getattr)))
                                    (allow initrc_t krb5_home_t (file (ioctl read getattr lock open)))
                                    (dontaudit initrc_t krb5_conf_t (file (ioctl write getattr lock append open)))
                                    (dontaudit initrc_t krb5kdc_conf_t (dir (ioctl read getattr lock search open)))
                                    (dontaudit initrc_t krb5kdc_conf_t (file (ioctl read write getattr lock append open)))
                                    (dontaudit initrc_t self (process (setfscreate)))
                                    (dontaudit initrc_t security_t (dir (ioctl read getattr lock search open)))
                                    (dontaudit initrc_t security_t (file (ioctl read write getattr lock append open)))
                                    (dontaudit initrc_t security_t (security (check_context)))
                                    (dontaudit initrc_t selinux_config_t (dir (getattr search open)))
                                    (dontaudit initrc_t default_context_t (dir (getattr search open)))
                                    (dontaudit initrc_t file_context_t (dir (getattr search open)))
                                    (dontaudit initrc_t file_context_t (file (ioctl read getattr lock open)))
                                    (booleanif (allow_kerberos)
                                        (true
                                            (allow initrc_t krb5_host_rcache_t (file (getattr)))
                                            (allow initrc_t ocsp_port_t (tcp_socket (recv_msg send_msg)))
                                            (allow initrc_t ocsp_port_t (tcp_socket (name_connect)))
                                            (allow initrc_t ocsp_client_packet_t (packet (recv)))
                                            (allow initrc_t ocsp_client_packet_t (packet (send)))
                                            (allow initrc_t kerberos_port_t (udp_socket (recv_msg)))
                                            (allow initrc_t kerberos_port_t (udp_socket (send_msg)))
                                            (allow initrc_t kerberos_port_t (tcp_socket (recv_msg send_msg)))
                                            (allow initrc_t kerberos_port_t (tcp_socket (name_connect)))
                                            (allow initrc_t kerberos_client_packet_t (packet (recv)))
                                            (allow initrc_t kerberos_client_packet_t (packet (send)))
                                            (allow initrc_t node_t (node (udp_recv recvfrom)))
                                            (allow initrc_t node_t (node (udp_send sendto)))
                                            (allow initrc_t node_t (node (tcp_recv tcp_send recvfrom sendto)))
                                            (allow initrc_t netif_t (netif (udp_recv ingress)))
                                            (allow initrc_t netif_t (netif (udp_send egress)))
                                            (allow initrc_t netif_t (netif (tcp_recv tcp_send ingress egress)))
                                            (allow initrc_t netlabel_peer_t (tcp_socket (recvfrom)))
                                            (allow initrc_t netlabel_peer_t (udp_socket (recvfrom)))
                                            (allow initrc_t netlabel_peer_t (rawip_socket (recvfrom)))
                                            (allow initrc_t netlabel_peer_t (peer (recv)))
                                            (allow initrc_t unlabeled_t (association (sendto recvfrom)))
                                            (allow initrc_t unlabeled_t (peer (recv)))
                                            (allow initrc_t unlabeled_t (rawip_socket (recvfrom)))
                                            (allow initrc_t unlabeled_t (udp_socket (recvfrom)))
                                            (allow initrc_t unlabeled_t (tcp_socket (recvfrom)))
                                            (allow initrc_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                            (allow initrc_t self (tcp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                        )
                                    )
                                    (optional init_optional_55
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require var_run_t)
                                        (typeattributeset cil_gen_require pcscd_t)
                                        (typeattributeset cil_gen_require pcscd_var_run_t)
                                        (booleanif (allow_kerberos)
                                            (true
                                                (allow initrc_t pcscd_t (unix_stream_socket (connectto)))
                                                (allow initrc_t pcscd_var_run_t (sock_file (write getattr append open)))
                                                (allow initrc_t pcscd_var_run_t (dir (getattr search open)))
                                                (allow initrc_t var_run_t (dir (getattr search open)))
                                                (allow initrc_t var_t (dir (getattr search open)))
                                                (allow initrc_t var_run_t (lnk_file (read getattr)))
                                            )
                                        )
                                    )
                                    (optional init_optional_56
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require var_lib_t)
                                        (typeattributeset cil_gen_require sssd_var_lib_t)
                                        (typeattributeset cil_gen_require sssd_public_t)
                                        (allow initrc_t sssd_var_lib_t (dir (getattr search open)))
                                        (allow initrc_t var_t (dir (getattr search open)))
                                        (allow initrc_t var_lib_t (dir (getattr search open)))
                                        (allow initrc_t sssd_public_t (dir (ioctl read getattr lock search open)))
                                        (allow initrc_t sssd_public_t (dir (getattr search open)))
                                        (allow initrc_t sssd_public_t (file (ioctl read getattr lock open)))
                                    )
                                )
                                (optional init_optional_57
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require slapd_etc_t)
                                    (typeattributeset cil_gen_require slapd_db_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t slapd_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t slapd_db_t (dir (ioctl read getattr lock search open)))
                                )
                                (optional init_optional_58
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require loadkeys_exec_t)
                                    (allow initrc_t bin_t (dir (getattr search open)))
                                    (allow initrc_t bin_t (dir (getattr search open)))
                                    (allow initrc_t loadkeys_exec_t (file (ioctl read getattr lock execute execute_no_trans open)))
                                )
                                (optional init_optional_59
                                    (typeattributeset cil_gen_require sulogin_exec_t)
                                    (typeattributeset cil_gen_require sulogin_t)
                                    (allow initrc_t sulogin_exec_t (file (read getattr execute open)))
                                    (allow initrc_t sulogin_t (process (transition)))
                                    (dontaudit initrc_t sulogin_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition initrc_t sulogin_exec_t process sulogin_t)
                                    (allow sulogin_t initrc_t (fd (use)))
                                    (allow sulogin_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow sulogin_t initrc_t (process (sigchld)))
                                )
                                (optional init_optional_60
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_spool_t)
                                    (typeattributeset cil_gen_require print_spool_t)
                                    (typeattributeset cil_gen_require printconf_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_spool_t (dir (getattr search open)))
                                    (allow initrc_t print_spool_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t printconf_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t printconf_t (dir (getattr search open)))
                                    (allow initrc_t printconf_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_61
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require lvm_control_t)
                                    (typeattributeset cil_gen_require lvm_etc_t)
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t lvm_control_t (chr_file (ioctl read getattr lock open)))
                                    (allow initrc_t self (capability (mknod)))
                                    (allow initrc_t device_t (dir (ioctl write getattr lock add_name search open)))
                                    (allow initrc_t device_t (chr_file (create getattr)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t lvm_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t lvm_etc_t (dir (getattr search open)))
                                    (allow initrc_t lvm_etc_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_62
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_spool_t)
                                    (typeattributeset cil_gen_require mailman_data_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_spool_t (dir (getattr search open)))
                                    (allow initrc_t mailman_data_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t mailman_data_t (dir (getattr search open)))
                                    (allow initrc_t mailman_data_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_63
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require etc_mail_t)
                                    (typeattributeset cil_gen_require mail_spool_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t etc_mail_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t etc_mail_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t etc_mail_t (lnk_file (read getattr)))
                                    (dontaudit initrc_t mail_spool_t (lnk_file (read)))
                                )
                                (optional init_optional_64
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require var_log_t)
                                    (typeattributeset cil_gen_require mysqld_t)
                                    (typeattributeset cil_gen_require mysqld_var_run_t)
                                    (typeattributeset cil_gen_require mysqld_db_t)
                                    (typeattributeset cil_gen_require mysqld_log_t)
                                    (typeattributeset cil_gen_require mysqld_etc_t)
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t mysqld_var_run_t (dir (getattr search open)))
                                    (allow initrc_t mysqld_db_t (dir (getattr search open)))
                                    (allow initrc_t mysqld_var_run_t (sock_file (write getattr append open)))
                                    (allow initrc_t mysqld_t (unix_stream_socket (connectto)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_log_t (dir (getattr search open)))
                                    (allow initrc_t mysqld_log_t (file (ioctl write getattr lock append open)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t mysqld_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t mysqld_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t mysqld_etc_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_65
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_yp_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_yp_t (dir (ioctl read getattr lock search open)))
                                )
                                (optional init_optional_66
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require openvpn_etc_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t openvpn_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t openvpn_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t openvpn_etc_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_67
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require postgresql_db_t)
                                    (typeattributeset cil_gen_require postgresql_etc_t)
                                    (allow initrc_t postgresql_db_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t postgresql_db_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_t postgresql_db_t (lnk_file (read getattr)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t postgresql_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t postgresql_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t postgresql_etc_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_68
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_spool_t)
                                    (typeattributeset cil_gen_require postfix_spool_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_spool_t (dir (getattr search open)))
                                    (allow initrc_t postfix_spool_t (dir (ioctl read getattr lock search open)))
                                )
                                (optional init_optional_69
                                    (typeattributeset cil_gen_require tmp_t)
                                    (typeattributeset cil_gen_require puppet_tmp_t)
                                    (allow initrc_t tmp_t (dir (getattr search open)))
                                    (allow initrc_t puppet_tmp_t (file (ioctl read write getattr lock append open)))
                                )
                                (optional init_optional_70
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require quota_flag_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t quota_flag_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t quota_flag_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                )
                                (optional init_optional_71
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require mdadm_var_run_t)
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t mdadm_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                )
                                (optional init_optional_72
                                    (typeattributeset cil_gen_require tmpfs_t)
                                    (typeattributeset cil_gen_require ramfs_t)
                                    (typeattributeset cil_gen_require rhgb_t)
                                    (typeattributeset cil_gen_require rhgb_tmpfs_t)
                                    (allow initrc_t ramfs_t (dir (getattr search open)))
                                    (allow initrc_t ramfs_t (sock_file (write getattr append open)))
                                    (allow initrc_t ramfs_t (dir (getattr search open)))
                                    (allow initrc_t rhgb_t (unix_stream_socket (read write)))
                                    (allow initrc_t tmpfs_t (dir (getattr search open)))
                                    (allow initrc_t rhgb_tmpfs_t (dir (getattr search open)))
                                    (allow initrc_t rhgb_tmpfs_t (sock_file (write getattr append open)))
                                    (allow initrc_t rhgb_t (unix_stream_socket (connectto)))
                                )
                                (optional init_optional_73
                                    (typeattributeset cil_gen_require exports_t)
                                    (allow initrc_t exports_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_74
                                    (typeattributeset cil_gen_require pidfile)
                                    (typeattributeset pidfile (init_var_run_t initrc_var_run_t ))
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require unlabeled_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require rpm_var_lib_t)
                                    (dontaudit initrc_t unlabeled_t (blk_file (getattr)))
                                    (dontaudit initrc_t var_run_t (lnk_file (read getattr)))
                                    (dontaudit initrc_t pidfile (file (write)))
                                    (dontaudit initrc_t var_run_t (lnk_file (read getattr)))
                                    (dontaudit initrc_t pidfile (file (ioctl)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t rpm_var_lib_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t rpm_var_lib_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t rpm_var_lib_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t rpm_var_lib_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
                                )
                                (optional init_optional_75
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require samba_etc_t)
                                    (typeattributeset cil_gen_require winbind_var_run_t)
                                    (typeattributeset cil_gen_require smbd_var_run_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t samba_etc_t (dir (getattr search open)))
                                    (allow initrc_t samba_etc_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t winbind_var_run_t (dir (getattr search open)))
                                    (allow initrc_t smbd_var_run_t (dir (getattr search open)))
                                    (allow initrc_t winbind_var_run_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_76
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require shorewall_t)
                                    (typeattributeset cil_gen_require shorewall_var_lib_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t shorewall_var_lib_t (file (read getattr execute open)))
                                    (allow initrc_t shorewall_t (process (transition)))
                                    (dontaudit initrc_t shorewall_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition initrc_t shorewall_var_lib_t process shorewall_t)
                                    (allow shorewall_t initrc_t (fd (use)))
                                    (allow shorewall_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow shorewall_t initrc_t (process (sigchld)))
                                )
                                (optional init_optional_77
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require var_log_t)
                                    (typeattributeset cil_gen_require squid_conf_t)
                                    (typeattributeset cil_gen_require squid_log_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t squid_conf_t (dir (getattr search open)))
                                    (allow initrc_t squid_conf_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_log_t (dir (getattr search open)))
                                    (allow initrc_t squid_log_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t squid_log_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                )
                                (optional init_optional_78
                                    (roletype system_r initrc_su_t)
                                    (type initrc_su_t)
                                    (roletype object_r initrc_su_t)
                                    (typeattributeset cil_gen_require domain)
                                    (typeattributeset domain (init_t initrc_t ))
                                    (typeattributeset cil_gen_require security_t)
                                    (typeattributeset cil_gen_require sysfs_t)
                                    (typeattributeset cil_gen_require entry_type)
                                    (typeattributeset entry_type (init_exec_t initrc_exec_t shell_exec_t rc_exec_t bin_t ))
                                    (typeattributeset cil_gen_require exec_type)
                                    (typeattributeset exec_type (init_exec_t initrc_exec_t shell_exec_t rc_exec_t bin_t ))
                                    (typeattributeset cil_gen_require file_type)
                                    (typeattributeset file_type (init_exec_t init_var_run_t init_var_lib_t initctl_t initrc_exec_t shell_exec_t initrc_devpts_t initrc_lock_t initrc_state_t initrc_tmp_t initrc_var_log_t initrc_var_run_t systemd_unit_t rc_exec_t bin_t ))
                                    (typeattributeset cil_gen_require non_security_file_type)
                                    (typeattributeset non_security_file_type (init_exec_t init_var_run_t init_var_lib_t initctl_t initrc_exec_t shell_exec_t initrc_devpts_t initrc_lock_t initrc_state_t initrc_tmp_t initrc_var_log_t initrc_var_run_t systemd_unit_t rc_exec_t bin_t ))
                                    (typeattributeset cil_gen_require non_auth_file_type)
                                    (typeattributeset non_auth_file_type (init_exec_t init_var_run_t init_var_lib_t initctl_t initrc_exec_t shell_exec_t initrc_devpts_t initrc_lock_t initrc_state_t initrc_tmp_t initrc_var_log_t initrc_var_run_t systemd_unit_t rc_exec_t bin_t ))
                                    (typeattributeset cil_gen_require kernel_t)
                                    (typeattributeset cil_gen_require shell_exec_t)
                                    (typeattributeset cil_gen_require tmp_t)
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require proc_t)
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require etc_runtime_t)
                                    (typeattributeset cil_gen_require console_device_t)
                                    (typeattributeset cil_gen_require syslogd_t)
                                    (typeattributeset cil_gen_require syslogd_var_run_t)
                                    (typeattributeset cil_gen_require devlog_t)
                                    (typeattributeset cil_gen_require var_log_t)
                                    (typeattributeset cil_gen_require locale_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require sysctl_t)
                                    (typeattributeset cil_gen_require sysctl_kernel_t)
                                    (typeattributeset cil_gen_require urandom_device_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require random_device_t)
                                    (typeattributeset cil_gen_require privfd)
                                    (typeattributeset cil_gen_require nsswitch_domain)
                                    (typeattributeset nsswitch_domain (initrc_t ))
                                    (typeattributeset cil_gen_require cert_t)
                                    (typeattributeset cil_gen_require su_exec_t)
                                    (typeattributeset cil_gen_require chkpwd_t)
                                    (typeattributeset cil_gen_require chkpwd_exec_t)
                                    (typeattributeset cil_gen_require shadow_t)
                                    (typeattributeset cil_gen_require auth_cache_t)
                                    (typeattributeset cil_gen_require faillog_t)
                                    (typeattributeset cil_gen_require postgresql_t)
                                    (typeattributeset cil_gen_require postgresql_exec_t)
                                    (typeattributeset cil_gen_require privfd)
                                    (typeattributeset privfd (initrc_su_t ))
                                    (typeattributeset cil_gen_require file_type)
                                    (typeattributeset file_type (su_exec_t ))
                                    (typeattributeset cil_gen_require non_security_file_type)
                                    (typeattributeset non_security_file_type (su_exec_t ))
                                    (typeattributeset cil_gen_require exec_type)
                                    (typeattributeset exec_type (su_exec_t ))
                                    (typeattributeset cil_gen_require nsswitch_domain)
                                    (typeattributeset nsswitch_domain (initrc_su_t ))
                                    (typeattributeset cil_gen_require entry_type)
                                    (typeattributeset entry_type (su_exec_t ))
                                    (typeattributeset cil_gen_require non_auth_file_type)
                                    (typeattributeset non_auth_file_type (su_exec_t ))
                                    (typeattributeset cil_gen_require domain)
                                    (typeattributeset domain (initrc_su_t ))
                                    (allow initrc_su_t su_exec_t (file (entrypoint)))
                                    (allow initrc_su_t su_exec_t (file (ioctl read getattr lock execute open)))
                                    (allow initrc_t initrc_su_t (process (signal)))
                                    (allow initrc_su_t self (capability (chown dac_override fowner setgid setuid net_bind_service sys_nice sys_resource audit_write audit_control)))
                                    (dontaudit initrc_su_t self (capability (sys_tty_config)))
                                    (allow initrc_su_t self (key (write search)))
                                    (allow initrc_su_t self (process (setsched setexec setrlimit)))
                                    (allow initrc_su_t self (fifo_file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_write nlmsg_relay)))
                                    (allow initrc_su_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                                    (allow initrc_t su_exec_t (file (read getattr execute open)))
                                    (allow initrc_t initrc_su_t (process (transition)))
                                    (dontaudit initrc_t initrc_su_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition initrc_t su_exec_t process initrc_su_t)
                                    (allow initrc_su_t initrc_t (fd (use)))
                                    (allow initrc_su_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t initrc_t (process (sigchld)))
                                    (allow initrc_su_t bin_t (dir (getattr search open)))
                                    (allow initrc_su_t bin_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t bin_t (dir (getattr search open)))
                                    (allow initrc_su_t bin_t (lnk_file (read getattr)))
                                    (allow initrc_su_t shell_exec_t (file (read getattr execute open)))
                                    (allow initrc_su_t initrc_t (process (transition)))
                                    (dontaudit initrc_su_t initrc_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition initrc_su_t shell_exec_t process initrc_t)
                                    (allow initrc_t initrc_su_t (fd (use)))
                                    (allow initrc_t initrc_su_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow initrc_t initrc_su_t (process (sigchld)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (lnk_file (read getattr)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t sysctl_t (dir (getattr search open)))
                                    (allow initrc_su_t sysctl_kernel_t (dir (getattr search open)))
                                    (allow initrc_su_t sysctl_kernel_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t sysctl_t (dir (getattr search open)))
                                    (allow initrc_su_t sysctl_kernel_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t kernel_t (key (search)))
                                    (allow initrc_su_t kernel_t (key (link)))
                                    (allow initrc_su_t device_t (dir (getattr search open)))
                                    (allow initrc_su_t urandom_device_t (chr_file (ioctl read getattr lock open)))
                                    (allow initrc_su_t etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                    (allow initrc_su_t etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                    (allow initrc_su_t etc_t (lnk_file (read getattr)))
                                    (allow initrc_su_t etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                    (allow initrc_su_t etc_runtime_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                    (allow initrc_su_t etc_runtime_t (lnk_file (read getattr)))
                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                    (allow initrc_su_t var_lib_t (dir (getattr search open)))
                                    (dontaudit initrc_su_t tmp_t (dir (getattr)))
                                    (allow initrc_su_t sysfs_t (dir (getattr search open)))
                                    (allow initrc_su_t sysfs_t (dir (getattr search open)))
                                    (allow initrc_su_t security_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t security_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t security_t (security (compute_av)))
                                    (allow initrc_su_t auth_cache_t (dir (getattr search open)))
                                    (allow initrc_su_t bin_t (dir (getattr search open)))
                                    (allow initrc_su_t bin_t (dir (getattr search open)))
                                    (allow initrc_su_t chkpwd_exec_t (file (read getattr execute open)))
                                    (allow initrc_su_t chkpwd_t (process (transition)))
                                    (dontaudit initrc_su_t chkpwd_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition initrc_su_t chkpwd_exec_t process chkpwd_t)
                                    (allow chkpwd_t initrc_su_t (fd (use)))
                                    (allow chkpwd_t initrc_su_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow chkpwd_t initrc_su_t (process (sigchld)))
                                    (dontaudit initrc_su_t shadow_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t device_t (dir (getattr search open)))
                                    (allow initrc_su_t random_device_t (chr_file (ioctl read getattr lock open)))
                                    (allow initrc_su_t device_t (dir (getattr search open)))
                                    (allow initrc_su_t urandom_device_t (chr_file (ioctl read getattr lock open)))
                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                    (allow initrc_su_t var_log_t (dir (getattr search open)))
                                    (allow initrc_su_t faillog_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t self (capability (audit_write)))
                                    (allow initrc_su_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
                                    (allow initrc_su_t cert_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t cert_t (dir (getattr search open)))
                                    (allow initrc_su_t cert_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t cert_t (dir (getattr search open)))
                                    (allow initrc_su_t cert_t (lnk_file (read getattr)))
                                    (dontaudit initrc_su_t shadow_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                    (allow initrc_su_t var_log_t (dir (getattr search open)))
                                    (allow initrc_su_t faillog_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t privfd (fd (use)))
                                    (dontaudit initrc_su_t init_t (fd (use)))
                                    (dontaudit initrc_su_t initrc_devpts_t (chr_file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                    (allow initrc_su_t var_run_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t initrc_var_run_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_su_t initrc_t (key (search)))
                                    (allow initrc_su_t devlog_t (sock_file (write getattr append open)))
                                    (allow initrc_su_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                    (allow initrc_su_t var_run_t (dir (getattr search open)))
                                    (allow initrc_su_t init_var_run_t (dir (getattr search open)))
                                    (allow initrc_su_t syslogd_var_run_t (dir (getattr search open)))
                                    (allow initrc_su_t syslogd_t (unix_dgram_socket (sendto)))
                                    (allow initrc_su_t syslogd_t (unix_stream_socket (connectto)))
                                    (allow initrc_su_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                    (allow initrc_su_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                    (allow initrc_su_t device_t (dir (getattr search open)))
                                    (allow initrc_su_t device_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t device_t (dir (getattr search open)))
                                    (allow initrc_su_t device_t (lnk_file (read getattr)))
                                    (allow initrc_su_t console_device_t (chr_file (ioctl write getattr lock append open)))
                                    (dontaudit initrc_su_t console_device_t (chr_file (ioctl read getattr lock open)))
                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                    (allow initrc_su_t etc_t (lnk_file (read getattr)))
                                    (allow initrc_su_t usr_t (dir (getattr search open)))
                                    (allow initrc_su_t locale_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t locale_t (dir (getattr search open)))
                                    (allow initrc_su_t locale_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t locale_t (dir (getattr search open)))
                                    (allow initrc_su_t locale_t (lnk_file (read getattr)))
                                    (dontaudit initrc_su_t initrc_t (tcp_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (udp_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (rawip_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (packet_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (unix_stream_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (unix_dgram_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_route_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_firewall_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_tcpdiag_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_nflog_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_xfrm_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_selinux_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_audit_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_ip6fw_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_dnrt_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_kobject_uevent_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (appletalk_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (tun_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_iscsi_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_fib_lookup_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_connector_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_netfilter_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_generic_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_scsitransport_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_rdma_socket (read write)))
                                    (dontaudit initrc_su_t initrc_t (netlink_crypto_socket (read write)))
                                    (allow initrc_su_t self (netlink_selinux_socket (read create bind)))
                                    (allow initrc_su_t security_t (filesystem (getattr)))
                                    (allow initrc_su_t sysfs_t (filesystem (getattr)))
                                    (allow initrc_su_t sysfs_t (dir (getattr search open)))
                                    (allow initrc_su_t sysfs_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (lnk_file (read getattr)))
                                    (allow initrc_su_t proc_t (dir (getattr search open)))
                                    (allow initrc_su_t proc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_su_t postgresql_exec_t (file (read getattr execute open)))
                                    (allow initrc_su_t postgresql_t (process (transition)))
                                    (dontaudit initrc_su_t postgresql_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition initrc_su_t postgresql_exec_t process postgresql_t)
                                    (allow postgresql_t initrc_su_t (fd (use)))
                                    (allow postgresql_t initrc_su_t (fifo_file (ioctl read write getattr lock append open)))
                                    (allow postgresql_t initrc_su_t (process (sigchld)))
                                    (allow initrc_su_t initrc_devpts_t (chr_file (read write)))
                                    (optional init_optional_79
                                        (allow initrc_su_t init_t (process (sigchld)))
                                        (allow initrc_su_t init_t (process (signull)))
                                        (optional init_optional_80
                                            (typeattributeset cil_gen_require rpm_t)
                                            (allow initrc_su_t rpm_t (fd (use)))
                                            (allow initrc_su_t rpm_t (fifo_file (ioctl read getattr lock open)))
                                        )
                                        (optional init_optional_81
                                            (typeattributeset cil_gen_require security_t)
                                            (typeattributeset cil_gen_require sysfs_t)
                                            (dontaudit initrc_su_t security_t (filesystem (getattr)))
                                            (dontaudit initrc_su_t sysfs_t (filesystem (getattr)))
                                            (dontaudit initrc_su_t sysfs_t (dir (getattr search open)))
                                            (dontaudit initrc_su_t security_t (dir (getattr search open)))
                                            (dontaudit initrc_su_t security_t (file (ioctl read getattr lock open)))
                                            (optional init_optional_82
                                                (typeattributeset cil_gen_require selinux_config_t)
                                                (dontaudit initrc_su_t selinux_config_t (dir (getattr search open)))
                                                (dontaudit initrc_su_t selinux_config_t (file (ioctl read getattr lock open)))
                                                (optional init_optional_83
                                                    (typeattributeset cil_gen_require etc_t)
                                                    (typeattributeset cil_gen_require krb5_keytab_t)
                                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                                    (allow initrc_su_t krb5_keytab_t (file (ioctl read getattr lock open)))
                                                )
                                                (optional init_optional_84
                                                    (typeattributeset cil_gen_require var_t)
                                                    (typeattributeset cil_gen_require var_run_t)
                                                    (typeattributeset cil_gen_require pcscd_t)
                                                    (typeattributeset cil_gen_require pcscd_var_run_t)
                                                    (allow initrc_su_t var_run_t (lnk_file (read getattr)))
                                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                                    (allow initrc_su_t var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t pcscd_var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t pcscd_var_run_t (file (ioctl read getattr lock open)))
                                                    (allow initrc_su_t var_run_t (lnk_file (read getattr)))
                                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                                    (allow initrc_su_t var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t pcscd_var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t pcscd_var_run_t (sock_file (write getattr append open)))
                                                    (allow initrc_su_t pcscd_t (unix_stream_socket (connectto)))
                                                )
                                                (optional init_optional_85
                                                    (typeattributeset cil_gen_require var_t)
                                                    (typeattributeset cil_gen_require var_run_t)
                                                    (typeattributeset cil_gen_require winbind_var_run_t)
                                                    (typeattributeset cil_gen_require smbd_var_run_t)
                                                    (typeattributeset cil_gen_require samba_var_t)
                                                    (typeattributeset cil_gen_require winbind_t)
                                                    (allow initrc_su_t var_run_t (lnk_file (read getattr)))
                                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                                    (allow initrc_su_t var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t winbind_var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t smbd_var_run_t (dir (getattr search open)))
                                                    (allow initrc_su_t samba_var_t (dir (getattr search open)))
                                                    (allow initrc_su_t winbind_var_run_t (sock_file (write getattr append open)))
                                                    (allow initrc_su_t winbind_t (unix_stream_socket (connectto)))
                                                )
                                                (optional init_optional_86
                                                    (typeattributeset cil_gen_require crond_t)
                                                    (allow initrc_su_t crond_t (fifo_file (ioctl read getattr lock open)))
                                                )
                                                (optional init_optional_87
                                                    (typeattributeset cil_gen_require security_t)
                                                    (typeattributeset cil_gen_require selinux_config_t)
                                                    (typeattributeset cil_gen_require unlabeled_t)
                                                    (typeattributeset cil_gen_require etc_t)
                                                    (typeattributeset cil_gen_require default_context_t)
                                                    (typeattributeset cil_gen_require file_context_t)
                                                    (typeattributeset cil_gen_require netlabel_peer_t)
                                                    (typeattributeset cil_gen_require user_home_dir_t)
                                                    (typeattributeset cil_gen_require home_root_t)
                                                    (typeattributeset cil_gen_require krb5kdc_conf_t)
                                                    (typeattributeset cil_gen_require krb5_host_rcache_t)
                                                    (typeattributeset cil_gen_require krb5_conf_t)
                                                    (typeattributeset cil_gen_require krb5_home_t)
                                                    (typeattributeset cil_gen_require netif_t)
                                                    (typeattributeset cil_gen_require node_t)
                                                    (typeattributeset cil_gen_require kerberos_client_packet_t)
                                                    (typeattributeset cil_gen_require kerberos_port_t)
                                                    (typeattributeset cil_gen_require ocsp_client_packet_t)
                                                    (typeattributeset cil_gen_require ocsp_port_t)
                                                    (allow initrc_su_t etc_t (dir (getattr search open)))
                                                    (allow initrc_su_t krb5_conf_t (file (ioctl read getattr lock open)))
                                                    (allow initrc_su_t user_home_dir_t (dir (getattr search open)))
                                                    (allow initrc_su_t home_root_t (dir (getattr search open)))
                                                    (allow initrc_su_t home_root_t (lnk_file (read getattr)))
                                                    (allow initrc_su_t krb5_home_t (file (ioctl read getattr lock open)))
                                                    (dontaudit initrc_su_t krb5_conf_t (file (ioctl write getattr lock append open)))
                                                    (dontaudit initrc_su_t krb5kdc_conf_t (dir (ioctl read getattr lock search open)))
                                                    (dontaudit initrc_su_t krb5kdc_conf_t (file (ioctl read write getattr lock append open)))
                                                    (dontaudit initrc_su_t self (process (setfscreate)))
                                                    (dontaudit initrc_su_t security_t (dir (ioctl read getattr lock search open)))
                                                    (dontaudit initrc_su_t security_t (file (ioctl read write getattr lock append open)))
                                                    (dontaudit initrc_su_t security_t (security (check_context)))
                                                    (dontaudit initrc_su_t selinux_config_t (dir (getattr search open)))
                                                    (dontaudit initrc_su_t default_context_t (dir (getattr search open)))
                                                    (dontaudit initrc_su_t file_context_t (dir (getattr search open)))
                                                    (dontaudit initrc_su_t file_context_t (file (ioctl read getattr lock open)))
                                                    (booleanif (allow_kerberos)
                                                        (true
                                                            (allow initrc_su_t krb5_host_rcache_t (file (getattr)))
                                                            (allow initrc_su_t ocsp_port_t (tcp_socket (recv_msg send_msg)))
                                                            (allow initrc_su_t ocsp_port_t (tcp_socket (name_connect)))
                                                            (allow initrc_su_t ocsp_client_packet_t (packet (recv)))
                                                            (allow initrc_su_t ocsp_client_packet_t (packet (send)))
                                                            (allow initrc_su_t kerberos_port_t (udp_socket (recv_msg)))
                                                            (allow initrc_su_t kerberos_port_t (udp_socket (send_msg)))
                                                            (allow initrc_su_t kerberos_port_t (tcp_socket (recv_msg send_msg)))
                                                            (allow initrc_su_t kerberos_port_t (tcp_socket (name_connect)))
                                                            (allow initrc_su_t kerberos_client_packet_t (packet (recv)))
                                                            (allow initrc_su_t kerberos_client_packet_t (packet (send)))
                                                            (allow initrc_su_t node_t (node (udp_recv recvfrom)))
                                                            (allow initrc_su_t node_t (node (udp_send sendto)))
                                                            (allow initrc_su_t node_t (node (tcp_recv tcp_send recvfrom sendto)))
                                                            (allow initrc_su_t netif_t (netif (udp_recv ingress)))
                                                            (allow initrc_su_t netif_t (netif (udp_send egress)))
                                                            (allow initrc_su_t netif_t (netif (tcp_recv tcp_send ingress egress)))
                                                            (allow initrc_su_t netlabel_peer_t (tcp_socket (recvfrom)))
                                                            (allow initrc_su_t netlabel_peer_t (udp_socket (recvfrom)))
                                                            (allow initrc_su_t netlabel_peer_t (rawip_socket (recvfrom)))
                                                            (allow initrc_su_t netlabel_peer_t (peer (recv)))
                                                            (allow initrc_su_t unlabeled_t (association (sendto recvfrom)))
                                                            (allow initrc_su_t unlabeled_t (peer (recv)))
                                                            (allow initrc_su_t unlabeled_t (rawip_socket (recvfrom)))
                                                            (allow initrc_su_t unlabeled_t (udp_socket (recvfrom)))
                                                            (allow initrc_su_t unlabeled_t (tcp_socket (recvfrom)))
                                                            (allow initrc_su_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                                            (allow initrc_su_t self (tcp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                                        )
                                                    )
                                                    (optional init_optional_88
                                                        (typeattributeset cil_gen_require var_t)
                                                        (typeattributeset cil_gen_require var_run_t)
                                                        (typeattributeset cil_gen_require pcscd_t)
                                                        (typeattributeset cil_gen_require pcscd_var_run_t)
                                                        (booleanif (allow_kerberos)
                                                            (true
                                                                (allow initrc_su_t pcscd_t (unix_stream_socket (connectto)))
                                                                (allow initrc_su_t pcscd_var_run_t (sock_file (write getattr append open)))
                                                                (allow initrc_su_t pcscd_var_run_t (dir (getattr search open)))
                                                                (allow initrc_su_t var_run_t (dir (getattr search open)))
                                                                (allow initrc_su_t var_t (dir (getattr search open)))
                                                                (allow initrc_su_t var_run_t (lnk_file (read getattr)))
                                                            )
                                                        )
                                                    )
                                                    (optional init_optional_89
                                                        (typeattributeset cil_gen_require var_t)
                                                        (typeattributeset cil_gen_require var_lib_t)
                                                        (typeattributeset cil_gen_require sssd_var_lib_t)
                                                        (typeattributeset cil_gen_require sssd_public_t)
                                                        (allow initrc_su_t sssd_var_lib_t (dir (getattr search open)))
                                                        (allow initrc_su_t var_t (dir (getattr search open)))
                                                        (allow initrc_su_t var_lib_t (dir (getattr search open)))
                                                        (allow initrc_su_t sssd_public_t (dir (ioctl read getattr lock search open)))
                                                        (allow initrc_su_t sssd_public_t (dir (getattr search open)))
                                                        (allow initrc_su_t sssd_public_t (file (ioctl read getattr lock open)))
                                                    )
                                                )
                                                (optional init_optional_90
                                                    (typeattributeset cil_gen_require var_t)
                                                    (typeattributeset cil_gen_require crack_db_t)
                                                    (allow initrc_su_t var_t (dir (getattr search open)))
                                                    (allow initrc_su_t crack_db_t (dir (getattr search open)))
                                                    (allow initrc_su_t crack_db_t (file (ioctl read getattr lock open)))
                                                )
                                            )
                                        )
                                    )
                                )
                                (optional init_optional_91
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require sshd_key_t)
                                    (dontaudit initrc_t sshd_key_t (file (read getattr)))
                                    (allow initrc_t sshd_key_t (file (setattr)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                )
                                (optional init_optional_92
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require stunnel_etc_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t stunnel_etc_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t stunnel_etc_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t stunnel_etc_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_93
                                    (typeattributeset cil_gen_require dhcpc_state_t)
                                    (allow initrc_t dhcpc_state_t (dir (getattr search open)))
                                    (allow initrc_t dhcpc_state_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_94
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require device_t)
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require udev_tbl_t)
                                    (typeattributeset cil_gen_require udev_var_run_t)
                                    (typeattributeset cil_gen_require udev_rules_t)
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t device_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t device_t (dir (getattr search open)))
                                    (allow initrc_t device_t (lnk_file (read getattr)))
                                    (allow initrc_t udev_tbl_t (file (ioctl read write getattr lock append open)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t udev_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t udev_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t udev_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t udev_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
                                    (allow initrc_t udev_rules_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t udev_rules_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t udev_var_run_t (dir (getattr search open)))
                                    (allow initrc_t udev_var_run_t (dir (getattr search open)))
                                )
                                (optional init_optional_95
                                    (typeattributeset cil_gen_require uml_switch_var_run_t)
                                    (allow initrc_t uml_switch_var_run_t (sock_file (setattr)))
                                )
                                (optional init_optional_96
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require virtd_t)
                                    (typeattributeset cil_gen_require virt_var_run_t)
                                    (typeattributeset cil_gen_require virt_cache_t)
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t virt_var_run_t (dir (getattr search open)))
                                    (allow initrc_t virt_var_run_t (sock_file (write getattr append open)))
                                    (allow initrc_t virtd_t (unix_stream_socket (connectto)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t virt_cache_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t virt_cache_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
                                    (allow initrc_t virt_cache_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t virt_cache_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t virt_cache_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t virt_cache_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
                                )
                                (optional init_optional_97
                                    (typeattributeset cil_gen_require domain)
                                    (typeattributeset domain (init_t initrc_t ))
                                    (typeattributeset cil_gen_require set_curr_context)
                                    (typeattributeset set_curr_context (kernel_t ))
                                    (typeattributeset cil_gen_require unconfined_t)
                                    (typeattributeset cil_gen_require kern_unconfined)
                                    (typeattributeset cil_gen_require can_load_kernmodule)
                                    (typeattributeset cil_gen_require corenet_unconfined_type)
                                    (typeattributeset cil_gen_require devices_unconfined_type)
                                    (typeattributeset cil_gen_require can_change_object_identity)
                                    (typeattributeset cil_gen_require unconfined_domain_type)
                                    (typeattributeset cil_gen_require process_uncond_exempt)
                                    (typeattributeset cil_gen_require files_unconfined_type)
                                    (typeattributeset cil_gen_require filesystem_unconfined_type)
                                    (typeattributeset cil_gen_require selinux_unconfined_type)
                                    (typeattributeset cil_gen_require set_curr_context)
                                    (typeattributeset set_curr_context (initrc_t ))
                                    (typeattributeset cil_gen_require can_change_object_identity)
                                    (typeattributeset can_change_object_identity (initrc_t ))
                                    (typeattributeset cil_gen_require selinux_unconfined_type)
                                    (typeattributeset selinux_unconfined_type (initrc_t ))
                                    (typeattributeset cil_gen_require corenet_unconfined_type)
                                    (typeattributeset corenet_unconfined_type (initrc_t ))
                                    (typeattributeset cil_gen_require can_load_kernmodule)
                                    (typeattributeset can_load_kernmodule (initrc_t ))
                                    (typeattributeset cil_gen_require devices_unconfined_type)
                                    (typeattributeset devices_unconfined_type (initrc_t ))
                                    (typeattributeset cil_gen_require files_unconfined_type)
                                    (typeattributeset files_unconfined_type (initrc_t ))
                                    (typeattributeset cil_gen_require kern_unconfined)
                                    (typeattributeset kern_unconfined (initrc_t ))
                                    (typeattributeset cil_gen_require filesystem_unconfined_type)
                                    (typeattributeset filesystem_unconfined_type (initrc_t ))
                                    (typeattributeset cil_gen_require process_uncond_exempt)
                                    (typeattributeset process_uncond_exempt (initrc_t ))
                                    (typeattributeset cil_gen_require unconfined_domain_type)
                                    (typeattributeset unconfined_domain_type (initrc_t ))
                                    (allow initrc_t self (capability (chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap)))
                                    (allow initrc_t self (capability2 (syslog)))
                                    (allow initrc_t self (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t self (process (transition)))
                                    (allow initrc_t self (file (ioctl read write getattr lock append open)))
                                    (allow initrc_t self (nscd (getpwd getgrp gethost shmempwd shmemgrp shmemhost getserv shmemserv getstat admin)))
                                    (allow initrc_t self (dbus (send_msg acquire_svc)))
                                    (allow initrc_t self (passwd (rootok passwd chfn chsh crontab)))
                                    (allow initrc_t self (association (sendto recvfrom setcontext polmatch)))
                                    (dontaudit initrc_t domain (dir (ioctl read getattr lock search open)))
                                    (dontaudit initrc_t domain (lnk_file (read getattr)))
                                    (dontaudit initrc_t domain (file (ioctl read getattr lock open)))
                                    (dontaudit initrc_t domain (sock_file (read getattr open)))
                                    (dontaudit initrc_t domain (fifo_file (ioctl read getattr lock open)))
                                    (dontaudit initrc_t domain (process (ptrace)))
                                    (booleanif (allow_execstack)
                                        (true
                                            (allow initrc_t self (process (execmem execstack)))
                                        )
                                    )
                                    (booleanif (allow_execmem)
                                        (true
                                            (allow initrc_t self (process (execmem)))
                                        )
                                    )
                                    (booleanif (allow_execheap)
                                        (true
                                            (allow initrc_t self (process (execheap)))
                                            (auditallow initrc_t self (process (execheap)))
                                        )
                                    )
                                    (optional init_optional_98
                                        (typeattributeset cil_gen_require can_read_shadow_passwords)
                                        (typeattributeset cil_gen_require can_write_shadow_passwords)
                                        (typeattributeset cil_gen_require can_relabelto_shadow_passwords)
                                        (typeattributeset cil_gen_require can_read_shadow_passwords)
                                        (typeattributeset can_read_shadow_passwords (initrc_t ))
                                        (typeattributeset cil_gen_require can_write_shadow_passwords)
                                        (typeattributeset can_write_shadow_passwords (initrc_t ))
                                        (typeattributeset cil_gen_require can_relabelto_shadow_passwords)
                                        (typeattributeset can_relabelto_shadow_passwords (initrc_t ))
                                    )
                                    (optional init_optional_99
                                        (typeattributeset cil_gen_require dbusd_unconfined)
                                        (typeattributeset cil_gen_require dbusd_unconfined)
                                        (typeattributeset dbusd_unconfined (initrc_t ))
                                    )
                                    (optional init_optional_100
                                        (typeattributeset cil_gen_require ipsec_spd_t)
                                        (allow initrc_t ipsec_spd_t (association (setcontext)))
                                        (allow initrc_t ipsec_spd_t (association (polmatch)))
                                        (allow initrc_t self (association (sendto)))
                                    )
                                    (optional init_optional_101
                                        (typeattributeset cil_gen_require nscd_t)
                                        (allow initrc_t nscd_t (nscd (getpwd getgrp gethost shmempwd shmemgrp shmemhost getserv shmemserv getstat admin)))
                                    )
                                    (optional init_optional_102
                                        (typeattributeset cil_gen_require sepgsql_unconfined_type)
                                        (typeattributeset cil_gen_require sepgsql_unconfined_type)
                                        (typeattributeset sepgsql_unconfined_type (initrc_t ))
                                    )
                                    (optional init_optional_103
                                        (typeattributeset cil_gen_require selinux_config_t)
                                        (typeattributeset cil_gen_require etc_t)
                                        (typeattributeset cil_gen_require policy_config_t)
                                        (typeattributeset cil_gen_require can_relabelto_binary_policy)
                                        (typeattributeset cil_gen_require can_relabelto_binary_policy)
                                        (typeattributeset can_relabelto_binary_policy (initrc_t ))
                                        (allow initrc_t etc_t (dir (getattr search open)))
                                        (allow initrc_t selinux_config_t (dir (getattr search open)))
                                        (allow initrc_t policy_config_t (dir (ioctl write getattr lock add_name search open)))
                                        (allow initrc_t policy_config_t (file (create getattr open)))
                                        (allow initrc_t policy_config_t (dir (getattr search open)))
                                        (allow initrc_t policy_config_t (file (ioctl write getattr lock append open)))
                                        (allow initrc_t policy_config_t (file (relabelto)))
                                    )
                                    (optional init_optional_104
                                        (typeattributeset cil_gen_require storage_unconfined_type)
                                        (typeattributeset cil_gen_require storage_unconfined_type)
                                        (typeattributeset storage_unconfined_type (initrc_t ))
                                    )
                                    (optional init_optional_105
                                        (typeattributeset cil_gen_require x_domain)
                                        (typeattributeset cil_gen_require xserver_unconfined_type)
                                        (typeattributeset cil_gen_require xserver_unconfined_type)
                                        (typeattributeset xserver_unconfined_type (initrc_t ))
                                        (typeattributeset cil_gen_require x_domain)
                                        (typeattributeset x_domain (initrc_t ))
                                    )
                                    (optional init_optional_106
                                        (typeattributeset cil_gen_require bin_t)
                                        (typeattributeset cil_gen_require mono_t)
                                        (typeattributeset cil_gen_require mono_exec_t)
                                        (allow initrc_t bin_t (dir (getattr search open)))
                                        (allow initrc_t bin_t (dir (getattr search open)))
                                        (allow initrc_t mono_exec_t (file (read getattr execute open)))
                                        (allow initrc_t mono_t (process (transition)))
                                        (dontaudit initrc_t mono_t (process (noatsecure siginh rlimitinh)))
                                        (typetransition initrc_t mono_exec_t process mono_t)
                                        (allow mono_t initrc_t (fd (use)))
                                        (allow mono_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
                                        (allow mono_t initrc_t (process (sigchld)))
                                    )
                                )
                                (optional init_optional_107
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require vmware_sys_conf_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t vmware_sys_conf_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t vmware_sys_conf_t (file (ioctl getattr lock append open)))
                                )
                                (optional init_optional_108
                                    (typeattributeset cil_gen_require tmp_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require lib_t)
                                    (typeattributeset cil_gen_require fonts_t)
                                    (typeattributeset cil_gen_require xfs_tmp_t)
                                    (allow initrc_t usr_t (dir (getattr search open)))
                                    (allow initrc_t lib_t (dir (getattr search open)))
                                    (allow initrc_t fonts_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t fonts_t (dir (ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open)))
                                    (allow initrc_t fonts_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t fonts_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t fonts_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t fonts_t (lnk_file (ioctl read write create getattr setattr lock unlink link rename)))
                                    (allow initrc_t tmp_t (dir (getattr search open)))
                                    (allow initrc_t xfs_tmp_t (dir (getattr search open)))
                                    (allow initrc_t xfs_tmp_t (sock_file (read getattr open)))
                                )
                                (optional init_optional_109
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require xconsole_device_t)
                                    (typeattributeset cil_gen_require xdm_rw_etc_t)
                                    (allow initrc_t xconsole_device_t (fifo_file (setattr)))
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t xdm_rw_etc_t (file (ioctl read getattr lock open)))
                                )
                                (optional init_optional_110
                                    (typeattributeset cil_gen_require etc_t)
                                    (typeattributeset cil_gen_require zebra_conf_t)
                                    (allow initrc_t etc_t (dir (getattr search open)))
                                    (allow initrc_t zebra_conf_t (dir (ioctl read getattr lock search open)))
                                    (allow initrc_t zebra_conf_t (file (ioctl read getattr lock open)))
                                    (allow initrc_t zebra_conf_t (lnk_file (read getattr)))
                                )
                                (optional init_optional_111
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require alsa_var_lib_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t alsa_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t alsa_var_lib_t (file (ioctl write getattr lock append open)))
                                    (allow initrc_t alsa_var_lib_t (dir (getattr search open)))
                                    (allow initrc_t alsa_var_lib_t (dir (ioctl write getattr lock add_name remove_name search open)))
                                )
                                (optional init_optional_112
                                    (typeattributeset cil_gen_require mysqld_var_run_t)
                                    (allow initrc_t mysqld_var_run_t (dir (getattr search open)))
                                    (allow initrc_t mysqld_var_run_t (dir (setattr)))
                                )
                                (optional init_optional_113
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require NetworkManager_t)
                                    (typeattributeset cil_gen_require NetworkManager_var_run_t)
                                    (allow initrc_t NetworkManager_t (rawip_socket (read write)))
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t NetworkManager_var_run_t (dir (getattr search open)))
                                    (allow initrc_t NetworkManager_var_run_t (sock_file (write getattr append open)))
                                    (allow initrc_t NetworkManager_t (unix_stream_socket (connectto)))
                                )
                                (optional init_optional_114
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_run_t)
                                    (typeattributeset cil_gen_require fail2ban_t)
                                    (typeattributeset cil_gen_require fail2ban_var_run_t)
                                    (allow initrc_t var_run_t (lnk_file (read getattr)))
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_run_t (dir (getattr search open)))
                                    (allow initrc_t fail2ban_var_run_t (dir (getattr search open)))
                                    (allow initrc_t fail2ban_var_run_t (sock_file (write getattr append open)))
                                    (allow initrc_t fail2ban_t (unix_stream_socket (connectto)))
                                )
                                (optional init_optional_115
                                    (typeattributeset cil_gen_require var_t)
                                    (typeattributeset cil_gen_require var_lib_t)
                                    (typeattributeset cil_gen_require var_lib_nfs_t)
                                    (allow initrc_t var_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_nfs_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (allow initrc_t var_lib_nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                    (allow initrc_t var_lib_nfs_t (dir (getattr search open)))
                                    (allow initrc_t var_lib_nfs_t (dir (ioctl write getattr lock add_name remove_name search open)))
                                )
                                (optional init_optional_116
                                    (typeattributeset cil_gen_require udev_var_run_t)
                                    (typeattributeset cil_gen_require udev_rules_t)
                                    (allow initrc_t udev_var_run_t (dir (ioctl write getattr lock add_name search open)))
                                    (allow initrc_t udev_rules_t (dir (create getattr)))
                                    (allow initrc_t udev_var_run_t (dir (ioctl read write getattr lock add_name remove_name search open)))
                                    (typetransition initrc_t udev_var_run_t dir "rules.d" udev_rules_t)
                                )
                            )
                        )
                    )
                )
            )
        )
    )
)