selinux/checkpolicy/tests/policy_minimal_mls.conf

16 lines
342 B
Plaintext
Raw Permalink Normal View History

# handle_unknown deny
class CLASS1
sid kernel
class CLASS1 { PERM1 }
sensitivity s0;
dominance { s0 }
category c0;
level s0:c0;
mlsconstrain CLASS1 { PERM1 } l1 == l2;
type TYPE1;
allow TYPE1 self:CLASS1 { PERM1 };
role ROLE1;
role ROLE1 types { TYPE1 };
user USER1 roles ROLE1 level s0 range s0 - s0:c0;
sid kernel USER1:ROLE1:TYPE1:s0 - s0