SID Statements ============== sid --- Declares a new SID identifier in the current namespace. **Statement definition:** ```secil (sid sid_id) ``` **Where:**

sid

The sid keyword.

sid_id

The sid identifier.

**Examples:** These examples show three [`sid`](cil_sid_statements.md#sid) declarations: ```secil (sid kernel) (sid security) (sid igmp_packet) ``` sidorder -------- Defines the order of [sid](#sid)'s. This is a mandatory statement when SIDs are defined. Multiple [`sidorder`](cil_sid_statements.md#sidorder) statements declared in the policy will form an ordered list. **Statement definition:** ```secil (sidorder (sid_id ...)) ``` **Where:**

sidorder

The sidorder keyword.

sid_id

One or more sid identifiers.

**Example:** This will produce an ordered list of "`kernel security unlabeled`" ```secil (sid kernel) (sid security) (sid unlabeled) (sidorder (kernel security)) (sidorder (security unlabeled)) ``` sidcontext ---------- Associates an SELinux security [context](#context) to a previously declared [`sid`](cil_sid_statements.md#sid) identifier. **Statement definition:** ```secil (sidcontext sid_id context_id) ``` **Where:**

sidcontext

The sidcontext keyword.

sid_id

A single previously declared sid identifier.

context_id

A previously declared context identifier or an anonymous security context (user role type levelrange), the range MUST be defined whether the policy is MLS/MCS enabled or not.

**Examples:** This shows two named security context examples plus an anonymous context: ```secil ; Two named context: (sid kernel) (context kernel_context (u r process low_low)) (sidcontext kernel kernel_context) (sid security) (context security_context (u object_r process low_low)) (sidcontext security security_context) ; An anonymous context: (sid unlabeled) (sidcontext unlabeled (u object_r ((s0) (s0)))) ```