Contexts are formed using previously declared parameters and may be named or anonymous where: Named - The context is declared with a context identifer that is used as a reference. Anonymous - They are defined within the CIL labeling statement using user, role etc. identifiers. Each type is shown in the examples. Declare an SELinux security context identifier for labeling. The range (or current and clearance levels) MUST be defined whether the policy is MLS/MCS enabled or not. Statement definition: Where: context The context keyword. context_id The context identifier. user_id A single previously declared user identifier. role_id A single previously declared role identifier. type_id A single previously declared type or typealias identifier. levelrange_id A single previously declared levelrange identifier. This entry may also be defined by anonymous or named level, sensitivity, sensitivityalias, category, categoryalias or categoryset as discussed in the Multi-Level Security Labeling Statements section and shown in the examples. Examples: This example uses a named context definition: to resolve/build a file_contexts entry of (assuming MLS enabled policy): This example uses an anonymous context where the previously declared user role type levelrange identifiers are used to specifiy two portcon statements: This example uses an anonymous context for the first and named context for the second in a netifcon statement: