SID Statements
==============
sid
---
Declares a new SID identifier in the current namespace.
**Statement definition:**
```secil
(sid sid_id)
```
**Where:**
sid
|
The sid keyword. |
sid_id
|
The sid identifier. |
**Examples:**
These examples show three [`sid`](cil_sid_statements.md#sid) declarations:
```secil
(sid kernel)
(sid security)
(sid igmp_packet)
```
sidorder
--------
Defines the order of [sid](#sid)'s. This is a mandatory statement when SIDs are defined. Multiple [`sidorder`](cil_sid_statements.md#sidorder) statements declared in the policy will form an ordered list.
**Statement definition:**
```secil
(sidorder (sid_id ...))
```
**Where:**
sidorder
|
The sidorder keyword. |
sid_id
|
One or more sid identifiers. |
**Example:**
This will produce an ordered list of "`kernel security unlabeled`"
```secil
(sid kernel)
(sid security)
(sid unlabeled)
(sidorder (kernel security))
(sidorder (security unlabeled))
```
sidcontext
----------
Associates an SELinux security [context](#context) to a previously declared [`sid`](cil_sid_statements.md#sid) identifier.
**Statement definition:**
```secil
(sidcontext sid_id context_id)
```
**Where:**
sidcontext
|
The sidcontext keyword. |
sid_id
|
A single previously declared sid identifier. |
context_id
|
A previously declared context identifier or an anonymous security context (user role type levelrange ), the range MUST be defined whether the policy is MLS/MCS enabled or not. |
**Examples:**
This shows two named security context examples plus an anonymous context:
```secil
; Two named context:
(sid kernel)
(context kernel_context (u r process low_low))
(sidcontext kernel kernel_context)
(sid security)
(context security_context (u object_r process low_low))
(sidcontext security security_context)
; An anonymous context:
(sid unlabeled)
(sidcontext unlabeled (u object_r ((s0) (s0))))
```