From 0c187b6ff97f91c41dab65a6426dc61f77305cdf Mon Sep 17 00:00:00 2001 From: Dominick Grift Date: Sun, 20 Aug 2023 15:44:41 +0200 Subject: Import dssp5 Signed-off-by: Dominick Grift --- src/file.cil | 846 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 846 insertions(+) create mode 100644 src/file.cil (limited to 'src/file.cil') diff --git a/src/file.cil b/src/file.cil new file mode 100644 index 0000000..69e92d8 --- /dev/null +++ b/src/file.cil @@ -0,0 +1,846 @@ +;; SPDX-FileCopyrightText: © 2023 Dominick Grift +;; SPDX-License-Identifier: Unlicense + +(block file + + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) + + (typeattribute typeattr) + + (blockinherit all_macro_template_all_files) + (blockinherit all_macro_template_blk_files) + (blockinherit all_macro_template_chr_files) + (blockinherit all_macro_template_dirs) + (blockinherit all_macro_template_fifo_files) + (blockinherit all_macro_template_files) + (blockinherit all_macro_template_lnk_files) + (blockinherit all_macro_template_sock_files) + + (call .obj.type (typeattr)) + + (block all_macro_template_all_files + + (blockabstract all_macro_template_all_files) + + (macro create_all_file ((type ARG1)) + (allow ARG1 typeattr (files (create)))) + + (macro delete_all_file ((type ARG1)) + (allow ARG1 typeattr (files (delete)))) + + (macro manage_all_file ((type ARG1)) + (allow ARG1 typeattr (files (manage)))) + + (macro read_all_file ((type ARG1)) + (allow ARG1 typeattr (files (read)))) + + (macro readwrite_all_file ((type ARG1)) + (allow ARG1 typeattr (files (readwrite)))) + + (macro relabel_all_file ((type ARG1)) + (allow ARG1 typeattr (files (relabel)))) + + (macro relabelfrom_all_file ((type ARG1)) + (allow ARG1 typeattr (files (relabelfrom)))) + + (macro relabelto_all_file ((type ARG1)) + (allow ARG1 typeattr (files (relabelto)))) + + (macro rename_all_file ((type ARG1)) + (allow ARG1 typeattr (files (rename)))) + + (macro write_all_file ((type ARG1)) + (allow ARG1 typeattr (files (write))))) + + (block all_macro_template_blk_files + + (blockabstract all_macro_template_blk_files) + + (macro append_all_blk_files ((type ARG1)) + (allow ARG1 typeattr append_blk_file)) + + (macro appendinherited_all_blk_files ((type ARG1)) + (allow ARG1 typeattr appendinherited_blk_file)) + + (macro create_all_blk_files ((type ARG1)) + (allow ARG1 typeattr create_blk_file)) + + (macro delete_all_blk_files ((type ARG1)) + (allow ARG1 typeattr delete_blk_file)) + + (macro manage_all_blk_files ((type ARG1)) + (allow ARG1 typeattr manage_blk_file)) + + (macro read_all_blk_files ((type ARG1)) + (allow ARG1 typeattr read_blk_file)) + + (macro readinherited_all_blk_files ((type ARG1)) + (allow ARG1 typeattr readinherited_blk_file)) + + (macro readwrite_all_blk_files ((type ARG1)) + (allow ARG1 typeattr readwrite_blk_file)) + + (macro readwriteinherited_all_blk_files ((type ARG1)) + (allow ARG1 typeattr readwriteinherited_blk_file)) + + (macro relabel_all_blk_files ((type ARG1)) + (allow ARG1 typeattr relabel_blk_file)) + + (macro relabelfrom_all_blk_files ((type ARG1)) + (allow ARG1 typeattr relabelfrom_blk_file)) + + (macro relabelto_all_blk_files ((type ARG1)) + (allow ARG1 typeattr relabelto_blk_file)) + + (macro rename_all_blk_files ((type ARG1)) + (allow ARG1 typeattr rename_blk_file)) + + (macro write_all_blk_files ((type ARG1)) + (allow ARG1 typeattr write_blk_file)) + + (macro writeinherited_all_blk_files ((type ARG1)) + (allow ARG1 typeattr writeinherited_blk_file))) + + (block all_macro_template_chr_files + + (blockabstract all_macro_template_chr_files) + + (macro append_all_chr_files ((type ARG1)) + (allow ARG1 typeattr append_chr_file)) + + (macro appendinherited_all_chr_files ((type ARG1)) + (allow ARG1 typeattr appendinherited_chr_file)) + + (macro create_all_chr_files ((type ARG1)) + (allow ARG1 typeattr create_chr_file)) + + (macro delete_all_chr_files ((type ARG1)) + (allow ARG1 typeattr delete_chr_file)) + + (macro manage_all_chr_files ((type ARG1)) + (allow ARG1 typeattr manage_chr_file)) + + (macro mapexecute_all_chr_files ((type ARG1)) + (allow ARG1 typeattr mapexecute_chr_file)) + + (macro read_all_chr_files ((type ARG1)) + (allow ARG1 typeattr read_chr_file)) + + (macro readinherited_all_chr_files ((type ARG1)) + (allow ARG1 typeattr readinherited_chr_file)) + + (macro readwrite_all_chr_files ((type ARG1)) + (allow ARG1 typeattr readwrite_chr_file)) + + (macro readwriteinherited_all_chr_files ((type ARG1)) + (allow ARG1 typeattr readwriteinherited_chr_file)) + + (macro relabel_all_chr_files ((type ARG1)) + (allow ARG1 typeattr relabel_chr_file)) + + (macro relabelfrom_all_chr_files ((type ARG1)) + (allow ARG1 typeattr relabelfrom_chr_file)) + + (macro relabelto_all_chr_files ((type ARG1)) + (allow ARG1 typeattr relabelto_chr_file)) + + (macro rename_all_chr_files ((type ARG1)) + (allow ARG1 typeattr rename_chr_file)) + + (macro write_all_chr_files ((type ARG1)) + (allow ARG1 typeattr write_chr_file)) + + (macro writeinherited_all_chr_files ((type ARG1)) + (allow ARG1 typeattr writeinherited_chr_file))) + + (block all_macro_template_dirs + + (blockabstract all_macro_template_dirs) + + (macro addname_all_dirs ((type ARG1)) + (allow ARG1 typeattr addname_dir)) + + (macro create_all_dirs ((type ARG1)) + (allow ARG1 typeattr create_dir)) + + (macro delete_all_dirs ((type ARG1)) + (allow ARG1 typeattr delete_dir)) + + (macro deletename_all_dirs ((type ARG1)) + (allow ARG1 typeattr deletename_dir)) + + (macro list_all_dirs ((type ARG1)) + (allow ARG1 typeattr list_dir)) + + (macro listinherited_all_dirs ((type ARG1)) + (allow ARG1 typeattr listinherited_dir)) + + (macro manage_all_dirs ((type ARG1)) + (allow ARG1 typeattr manage_dir)) + + (macro mounton_all_dirs ((type ARG1)) + (allow ARG1 typeattr mounton_dir)) + + (macro all_type_transition ((type ARG1)(type ARG2)(class ARG3)(name ARG4)) + (typetransition ARG1 typeattr ARG3 ARG4 ARG2) + (call addname_all_dirs (ARG1))) + + (macro readwrite_all_dirs ((type ARG1)) + (allow ARG1 typeattr readwrite_dir)) + + (macro readwriteinherited_all_dirs ((type ARG1)) + (allow ARG1 typeattr readwriteinherited_dir)) + + (macro relabel_all_dirs ((type ARG1)) + (allow ARG1 typeattr relabel_dir)) + + (macro relabelfrom_all_dirs ((type ARG1)) + (allow ARG1 typeattr relabelfrom_dir)) + + (macro relabelto_all_dirs ((type ARG1)) + (allow ARG1 typeattr relabelto_dir)) + + (macro rename_all_dirs ((type ARG1)) + (allow ARG1 typeattr rename_dir)) + + (macro search_all_dirs ((type ARG1)) + (allow ARG1 typeattr search_dir)) + + (macro write_all_dirs ((type ARG1)) + (allow ARG1 typeattr write_dir)) + + (macro writeinherited_all_dirs ((type ARG1)) + (allow ARG1 typeattr writeinherited_dir))) + + (block all_macro_template_fifo_files + + (blockabstract all_macro_template_fifo_files) + + (macro append_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr append_fifo_file)) + + (macro appendinherited_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr appendinherited_fifo_file)) + + (macro create_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr create_fifo_file)) + + (macro delete_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr delete_fifo_file)) + + (macro manage_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr manage_fifo_file)) + + (macro read_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr read_fifo_file)) + + (macro readinherited_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr readinherited_fifo_file)) + + (macro readwrite_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr readwrite_fifo_file)) + + (macro readwriteinherited_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr readwriteinherited_fifo_file)) + + (macro relabel_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr relabel_fifo_file)) + + (macro relabelfrom_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr relabelfrom_fifo_file)) + + (macro relabelto_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr relabelto_fifo_file)) + + (macro rename_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr rename_fifo_file)) + + (macro write_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr write_fifo_file)) + + (macro writeinherited_all_fifo_files ((type ARG1)) + (allow ARG1 typeattr writeinherited_fifo_file))) + + (block all_macro_template_files + + (blockabstract all_macro_template_files) + + (macro append_all_files ((type ARG1)) + (allow ARG1 typeattr append_file)) + + (macro appendinherited_all_files ((type ARG1)) + (allow ARG1 typeattr appendinherited_file)) + + (macro create_all_files ((type ARG1)) + (allow ARG1 typeattr create_file)) + + (macro delete_all_files ((type ARG1)) + (allow ARG1 typeattr delete_file)) + + (macro execute_all_files ((type ARG1)) + (allow ARG1 typeattr execute_file)) + + (macro manage_all_files ((type ARG1)) + (allow ARG1 typeattr manage_file)) + + (macro mapexecute_all_files ((type ARG1)) + (allow ARG1 typeattr mapexecute_file)) + + (macro mounton_all_files ((type ARG1)) + (allow ARG1 typeattr mounton_file)) + + (macro read_all_files ((type ARG1)) + (allow ARG1 typeattr read_file)) + + (macro readinherited_all_files ((type ARG1)) + (allow ARG1 typeattr readinherited_file)) + + (macro readwrite_all_files ((type ARG1)) + (allow ARG1 typeattr readwrite_file)) + + (macro readwriteinherited_all_files ((type ARG1)) + (allow ARG1 typeattr readwriteinherited_file)) + + (macro relabel_all_files ((type ARG1)) + (allow ARG1 typeattr relabel_file)) + + (macro relabelfrom_all_files ((type ARG1)) + (allow ARG1 typeattr relabelfrom_file)) + + (macro relabelto_all_files ((type ARG1)) + (allow ARG1 typeattr relabelto_file)) + + (macro rename_all_files ((type ARG1)) + (allow ARG1 typeattr rename_file)) + + (macro write_all_files ((type ARG1)) + (allow ARG1 typeattr write_file)) + + (macro writeinherited_all_files ((type ARG1)) + (allow ARG1 typeattr writeinherited_file))) + + (block all_macro_template_lnk_files + + (blockabstract all_macro_template_lnk_files) + + (macro create_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr create_lnk_file)) + + (macro delete_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr delete_lnk_file)) + + (macro manage_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr manage_lnk_file)) + + (macro read_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr read_lnk_file)) + + (macro readwrite_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr readwrite_lnk_file)) + + (macro relabel_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr relabel_lnk_file)) + + (macro relabelfrom_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr relabelfrom_lnk_file)) + + (macro relabelto_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr relabelto_lnk_file)) + + (macro rename_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr rename_lnk_file)) + + (macro write_all_lnk_files ((type ARG1)) + (allow ARG1 typeattr write_lnk_file))) + + (block all_macro_template_sock_files + + (blockabstract all_macro_template_sock_files) + + (macro create_all_sock_files ((type ARG1)) + (allow ARG1 typeattr create_sock_file)) + + (macro delete_all_sock_files ((type ARG1)) + (allow ARG1 typeattr delete_sock_file)) + + (macro manage_all_sock_files ((type ARG1)) + (allow ARG1 typeattr manage_sock_file)) + + (macro read_all_sock_files ((type ARG1)) + (allow ARG1 typeattr read_sock_file)) + + (macro readinherited_all_sock_files ((type ARG1)) + (allow ARG1 typeattr readinherited_sock_file)) + + (macro readwrite_all_sock_files ((type ARG1)) + (allow ARG1 typeattr readwrite_sock_file)) + + (macro readwriteinherited_all_sock_files ((type ARG1)) + (allow ARG1 typeattr readwriteinherited_sock_file)) + + (macro relabel_all_sock_files ((type ARG1)) + (allow ARG1 typeattr relabel_sock_file)) + + (macro relabelfrom_all_sock_files ((type ARG1)) + (allow ARG1 typeattr relabelfrom_sock_file)) + + (macro relabelto_all_sock_files ((type ARG1)) + (allow ARG1 typeattr relabelto_sock_file)) + + (macro rename_all_sock_files ((type ARG1)) + (allow ARG1 typeattr rename_sock_file)) + + (macro write_all_sock_files ((type ARG1)) + (allow ARG1 typeattr write_sock_file)) + + (macro writeinherited_all_sock_files ((type ARG1)) + (allow ARG1 typeattr writeinherited_sock_file))) + + (block base_template + + (blockabstract base_template) + + (context file_context (.sys.id .sys.role file lowlevelrange)) + + (type file) + (call .file.type (file))) + + (block except + + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) + + (blockinherit file.all_macro_template_all_files) + (blockinherit file.all_macro_template_blk_files) + (blockinherit file.all_macro_template_chr_files) + (blockinherit file.all_macro_template_dirs) + (blockinherit file.all_macro_template_fifo_files) + (blockinherit file.all_macro_template_files) + (blockinherit file.all_macro_template_lnk_files) + (blockinherit file.all_macro_template_sock_files) + + (typeattribute typeattr) + + (typeattributeset typeattr (and file.typeattr (not (exception.typeattr))))) + + (block exception + + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) + + (typeattribute typeattr) + + (call file.type (typeattr))) + + (block macro_template_all_files + + (blockabstract macro_template_all_files) + + (macro create_file ((type ARG1)) + (allow ARG1 file (files (create)))) + + (macro delete_file ((type ARG1)) + (allow ARG1 file (files (delete)))) + + (macro manage_file ((type ARG1)) + (allow ARG1 file (files (manage)))) + + (macro read_file ((type ARG1)) + (allow ARG1 file (files (read)))) + + (macro readwrite_file ((type ARG1)) + (allow ARG1 file (files (readwrite)))) + + (macro relabel_file ((type ARG1)) + (allow ARG1 file (files (relabel)))) + + (macro relabelfrom_file ((type ARG1)) + (allow ARG1 file (files (relabelfrom)))) + + (macro relabelto_file ((type ARG1)) + (allow ARG1 file (files (relabelto)))) + + (macro rename_file ((type ARG1)) + (allow ARG1 file (files (rename)))) + + (macro write_file ((type ARG1)) + (allow ARG1 file (files (write))))) + + (block macro_template_blk_files + + (blockabstract macro_template_blk_files) + + (macro append_file_blk_files ((type ARG1)) + (allow ARG1 file append_blk_file)) + + (macro appendinherited_file_blk_files ((type ARG1)) + (allow ARG1 file appendinherited_blk_file)) + + (macro create_file_blk_files ((type ARG1)) + (allow ARG1 file create_blk_file)) + + (macro delete_file_blk_files ((type ARG1)) + (allow ARG1 file delete_blk_file)) + + (macro manage_file_blk_files ((type ARG1)) + (allow ARG1 file manage_blk_file)) + + (macro read_file_blk_files ((type ARG1)) + (allow ARG1 file read_blk_file)) + + (macro readinherited_file_blk_files ((type ARG1)) + (allow ARG1 file readinherited_blk_file)) + + (macro readwrite_file_blk_files ((type ARG1)) + (allow ARG1 file readwrite_blk_file)) + + (macro readwriteinherited_file_blk_files ((type ARG1)) + (allow ARG1 file readwriteinherited_blk_file)) + + (macro relabel_file_blk_files ((type ARG1)) + (allow ARG1 file relabel_blk_file)) + + (macro relabelfrom_file_blk_files ((type ARG1)) + (allow ARG1 file relabelfrom_blk_file)) + + (macro relabelto_file_blk_files ((type ARG1)) + (allow ARG1 file relabelto_blk_file)) + + (macro rename_file_blk_files ((type ARG1)) + (allow ARG1 file rename_blk_file)) + + (macro write_file_blk_files ((type ARG1)) + (allow ARG1 file write_blk_file)) + + (macro writeinherited_file_blk_files ((type ARG1)) + (allow ARG1 file writeinherited_blk_file))) + + (block macro_template_chr_files + + (blockabstract macro_template_chr_files) + + (macro append_file_chr_files ((type ARG1)) + (allow ARG1 file append_chr_file)) + + (macro appendinherited_file_chr_files ((type ARG1)) + (allow ARG1 file appendinherited_chr_file)) + + (macro create_file_chr_files ((type ARG1)) + (allow ARG1 file create_chr_file)) + + (macro delete_file_chr_files ((type ARG1)) + (allow ARG1 file delete_chr_file)) + + (macro manage_file_chr_files ((type ARG1)) + (allow ARG1 file manage_chr_file)) + + (macro mapexecute_file_chr_files ((type ARG1)) + (allow ARG1 file mapexecute_chr_file)) + + (macro read_file_chr_files ((type ARG1)) + (allow ARG1 file read_chr_file)) + + (macro readinherited_file_chr_files ((type ARG1)) + (allow ARG1 file readinherited_chr_file)) + + (macro readwrite_file_chr_files ((type ARG1)) + (allow ARG1 file readwrite_chr_file)) + + (macro readwriteinherited_file_chr_files ((type ARG1)) + (allow ARG1 file readwriteinherited_chr_file)) + + (macro relabel_file_chr_files ((type ARG1)) + (allow ARG1 file relabel_chr_file)) + + (macro relabelfrom_file_chr_files ((type ARG1)) + (allow ARG1 file relabelfrom_chr_file)) + + (macro relabelto_file_chr_files ((type ARG1)) + (allow ARG1 file relabelto_chr_file)) + + (macro rename_file_chr_files ((type ARG1)) + (allow ARG1 file rename_chr_file)) + + (macro write_file_chr_files ((type ARG1)) + (allow ARG1 file write_chr_file)) + + (macro writeinherited_file_chr_files ((type ARG1)) + (allow ARG1 file writeinherited_chr_file))) + + (block macro_template_dirs + + (blockabstract macro_template_dirs) + + (macro addname_file_dirs ((type ARG1)) + (allow ARG1 file addname_dir)) + + (macro create_file_dirs ((type ARG1)) + (allow ARG1 file create_dir)) + + (macro delete_file_dirs ((type ARG1)) + (allow ARG1 file delete_dir)) + + (macro deletename_file_dirs ((type ARG1)) + (allow ARG1 file deletename_dir)) + + (macro list_file_dirs ((type ARG1)) + (allow ARG1 file list_dir)) + + (macro listinherited_file_dirs ((type ARG1)) + (allow ARG1 file listinherited_dir)) + + (macro manage_file_dirs ((type ARG1)) + (allow ARG1 file manage_dir)) + + (macro mounton_file_dirs ((type ARG1)) + (allow ARG1 file mounton_dir)) + + (macro file_type_transition ((type ARG1)(type ARG2)(class ARG3)(name ARG4)) + (typetransition ARG1 file ARG3 ARG4 ARG2) + (call addname_file_dirs (ARG1))) + + (macro readwrite_file_dirs ((type ARG1)) + (allow ARG1 file readwrite_dir)) + + (macro readwriteinherited_file_dirs ((type ARG1)) + (allow ARG1 file readwriteinherited_dir)) + + (macro relabel_file_dirs ((type ARG1)) + (allow ARG1 file relabel_dir)) + + (macro relabelfrom_file_dirs ((type ARG1)) + (allow ARG1 file relabelfrom_dir)) + + (macro relabelto_file_dirs ((type ARG1)) + (allow ARG1 file relabelto_dir)) + + (macro rename_file_dirs ((type ARG1)) + (allow ARG1 file rename_dir)) + + (macro search_file_dirs ((type ARG1)) + (allow ARG1 file search_dir)) + + (macro write_file_dirs ((type ARG1)) + (allow ARG1 file write_dir)) + + (macro writeinherited_file_dirs ((type ARG1)) + (allow ARG1 file writeinherited_dir))) + + (block macro_template_fifo_files + + (blockabstract macro_template_fifo_files) + + (macro append_file_fifo_files ((type ARG1)) + (allow ARG1 file append_fifo_file)) + + (macro appendinherited_file_fifo_files ((type ARG1)) + (allow ARG1 file appendinherited_fifo_file)) + + (macro create_file_fifo_files ((type ARG1)) + (allow ARG1 file create_fifo_file)) + + (macro delete_file_fifo_files ((type ARG1)) + (allow ARG1 file delete_fifo_file)) + + (macro manage_file_fifo_files ((type ARG1)) + (allow ARG1 file manage_fifo_file)) + + (macro read_file_fifo_files ((type ARG1)) + (allow ARG1 file read_fifo_file)) + + (macro readinherited_file_fifo_files ((type ARG1)) + (allow ARG1 file readinherited_fifo_file)) + + (macro readwrite_file_fifo_files ((type ARG1)) + (allow ARG1 file readwrite_fifo_file)) + + (macro readwriteinherited_file_fifo_files ((type ARG1)) + (allow ARG1 file readwriteinherited_fifo_file)) + + (macro relabel_file_fifo_files ((type ARG1)) + (allow ARG1 file relabel_fifo_file)) + + (macro relabelfrom_file_fifo_files ((type ARG1)) + (allow ARG1 file relabelfrom_fifo_file)) + + (macro relabelto_file_fifo_files ((type ARG1)) + (allow ARG1 file relabelto_fifo_file)) + + (macro rename_file_fifo_files ((type ARG1)) + (allow ARG1 file rename_fifo_file)) + + (macro write_file_fifo_files ((type ARG1)) + (allow ARG1 file write_fifo_file)) + + (macro writeinherited_file_fifo_files ((type ARG1)) + (allow ARG1 file writeinherited_fifo_file))) + + (block macro_template_files + + (blockabstract macro_template_files) + + (macro append_file_files ((type ARG1)) + (allow ARG1 file append_file)) + + (macro appendinherited_file_files ((type ARG1)) + (allow ARG1 file appendinherited_file)) + + (macro create_file_files ((type ARG1)) + (allow ARG1 file create_file)) + + (macro delete_file_files ((type ARG1)) + (allow ARG1 file delete_file)) + + (macro execute_file_files ((type ARG1)) + (allow ARG1 file execute_file)) + + (macro manage_file_files ((type ARG1)) + (allow ARG1 file manage_file)) + + (macro mapexecute_file_files ((type ARG1)) + (allow ARG1 file mapexecute_file)) + + (macro mounton_file_files ((type ARG1)) + (allow ARG1 file mounton_file)) + + (macro read_file_files ((type ARG1)) + (allow ARG1 file read_file)) + + (macro readinherited_file_files ((type ARG1)) + (allow ARG1 file readinherited_file)) + + (macro readwrite_file_files ((type ARG1)) + (allow ARG1 file readwrite_file)) + + (macro readwriteinherited_file_files ((type ARG1)) + (allow ARG1 file readwriteinherited_file)) + + (macro relabel_file_files ((type ARG1)) + (allow ARG1 file relabel_file)) + + (macro relabelfrom_file_files ((type ARG1)) + (allow ARG1 file relabelfrom_file)) + + (macro relabelto_file_files ((type ARG1)) + (allow ARG1 file relabelto_file)) + + (macro rename_file_files ((type ARG1)) + (allow ARG1 file rename_file)) + + (macro write_file_files ((type ARG1)) + (allow ARG1 file write_file)) + + (macro writeinherited_file_files ((type ARG1)) + (allow ARG1 file writeinherited_file))) + + (block macro_template_lnk_files + + (blockabstract macro_template_lnk_files) + + (macro create_file_lnk_files ((type ARG1)) + (allow ARG1 file create_lnk_file)) + + (macro delete_file_lnk_files ((type ARG1)) + (allow ARG1 file delete_lnk_file)) + + (macro manage_file_lnk_files ((type ARG1)) + (allow ARG1 file manage_lnk_file)) + + (macro read_file_lnk_files ((type ARG1)) + (allow ARG1 file read_lnk_file)) + + (macro readwrite_file_lnk_files ((type ARG1)) + (allow ARG1 file readwrite_lnk_file)) + + (macro relabel_file_lnk_files ((type ARG1)) + (allow ARG1 file relabel_lnk_file)) + + (macro relabelfrom_file_lnk_files ((type ARG1)) + (allow ARG1 file relabelfrom_lnk_file)) + + (macro relabelto_file_lnk_files ((type ARG1)) + (allow ARG1 file relabelto_lnk_file)) + + (macro rename_file_lnk_files ((type ARG1)) + (allow ARG1 file rename_lnk_file)) + + (macro write_file_lnk_files ((type ARG1)) + (allow ARG1 file write_lnk_file))) + + (block macro_template_sock_files + + (blockabstract macro_template_sock_files) + + (macro create_file_sock_files ((type ARG1)) + (allow ARG1 file create_sock_file)) + + (macro delete_file_sock_files ((type ARG1)) + (allow ARG1 file delete_sock_file)) + + (macro manage_file_sock_files ((type ARG1)) + (allow ARG1 file manage_sock_file)) + + (macro read_file_sock_files ((type ARG1)) + (allow ARG1 file read_sock_file)) + + (macro readinherited_file_sock_files ((type ARG1)) + (allow ARG1 file readinherited_sock_file)) + + (macro readwrite_file_sock_files ((type ARG1)) + (allow ARG1 file readwrite_sock_file)) + + (macro readwriteinherited_file_sock_files ((type ARG1)) + (allow ARG1 file readwriteinherited_sock_file)) + + (macro relabel_file_sock_files ((type ARG1)) + (allow ARG1 file relabel_sock_file)) + + (macro relabelfrom_file_sock_files ((type ARG1)) + (allow ARG1 file relabelfrom_sock_file)) + + (macro relabelto_file_sock_files ((type ARG1)) + (allow ARG1 file relabelto_sock_file)) + + (macro rename_file_sock_files ((type ARG1)) + (allow ARG1 file rename_sock_file)) + + (macro write_file_sock_files ((type ARG1)) + (allow ARG1 file write_sock_file)) + + (macro writeinherited_file_sock_files ((type ARG1)) + (allow ARG1 file writeinherited_sock_file))) + + (block template + + (blockabstract template) + + (blockinherit .file.base_template) + (blockinherit .file.macro_template_dirs) + (blockinherit .file.macro_template_files) + (blockinherit .file.macro_template_lnk_files)) + + (block unconfined + + (macro type ((type ARG1)) + (typeattributeset typeattr ARG1)) + + (typeattribute typeattr) + + (allow typeattr file.typeattr + (blk_file (not (audit_access execmod map mounton)))) + (allow typeattr file.typeattr + (chr_file (not (audit_access execmod mounton)))) + (allow typeattr file.typeattr (dir (not (audit_access execmod)))) + (allow typeattr file.typeattr + (fifo_file (not (audit_access execmod map mounton)))) + (allow typeattr file.typeattr + (file (not (audit_access entrypoint execmod)))) + (allow typeattr file.typeattr + (lnk_file (not (audit_access execmod map mounton)))) + (allow typeattr file.typeattr + (sock_file (not (audit_access execmod map)))))) + +(in unconfined + + (call .file.unconfined.type (typeattr))) -- cgit v1.2.3