2012-07-12 01:46:38 +02:00
|
|
|
# Label inodes with the fs label.
|
|
|
|
genfscon rootfs / u:object_r:rootfs:s0
|
|
|
|
# proc labeling can be further refined (longest matching prefix).
|
|
|
|
genfscon proc / u:object_r:proc:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /asound/cards u:object_r:proc_asound_cards:s0
|
|
|
|
genfscon proc /cmdline u:object_r:proc_cmdline:s0
|
2017-02-16 21:04:40 +01:00
|
|
|
genfscon proc /config.gz u:object_r:config_gz:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /filesystems u:object_r:proc_filesystems:s0
|
2016-07-29 20:48:19 +02:00
|
|
|
genfscon proc /interrupts u:object_r:proc_interrupts:s0
|
2015-07-13 17:39:17 +02:00
|
|
|
genfscon proc /iomem u:object_r:proc_iomem:s0
|
2017-09-13 23:34:56 +02:00
|
|
|
genfscon proc /kmsg u:object_r:proc_kmsg:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /loadavg u:object_r:proc_loadavg:s0
|
2016-02-24 02:09:48 +01:00
|
|
|
genfscon proc /meminfo u:object_r:proc_meminfo:s0
|
2017-03-03 21:17:49 +01:00
|
|
|
genfscon proc /misc u:object_r:proc_misc:s0
|
2017-03-02 09:02:29 +01:00
|
|
|
genfscon proc /modules u:object_r:proc_modules:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /mounts u:object_r:proc_mounts:s0
|
2014-01-07 20:41:47 +01:00
|
|
|
genfscon proc /net u:object_r:proc_net:s0
|
2012-07-19 20:07:04 +02:00
|
|
|
genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0
|
2014-09-26 19:51:12 +02:00
|
|
|
genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /pagetypeinfo u:object_r:proc_pagetypeinfo:s0
|
2016-07-29 20:48:19 +02:00
|
|
|
genfscon proc /softirqs u:object_r:proc_timer:s0
|
|
|
|
genfscon proc /stat u:object_r:proc_stat:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /swaps u:object_r:proc_swaps:s0
|
2014-03-05 15:50:08 +01:00
|
|
|
genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0
|
2013-12-06 15:31:40 +01:00
|
|
|
genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/fs/suid_dumpable u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0
|
|
|
|
genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0
|
|
|
|
genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0
|
|
|
|
genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0
|
2017-03-07 02:27:54 +01:00
|
|
|
genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0
|
2013-12-06 15:31:40 +01:00
|
|
|
genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0
|
|
|
|
genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0
|
2014-01-07 19:46:56 +01:00
|
|
|
genfscon proc /sys/net u:object_r:proc_net:s0
|
2013-12-09 19:24:25 +01:00
|
|
|
genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0
|
2017-02-23 23:40:56 +01:00
|
|
|
genfscon proc /sys/vm/mmap_rnd_bits u:object_r:proc_security:s0
|
|
|
|
genfscon proc /sys/vm/mmap_rnd_compat_bits u:object_r:proc_security:s0
|
2015-05-15 05:55:31 +02:00
|
|
|
genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0
|
2016-06-28 00:38:25 +02:00
|
|
|
genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0
|
2016-07-29 20:48:19 +02:00
|
|
|
genfscon proc /timer_list u:object_r:proc_timer:s0
|
|
|
|
genfscon proc /timer_stats u:object_r:proc_timer:s0
|
2017-01-04 17:43:09 +01:00
|
|
|
genfscon proc /tty/drivers u:object_r:proc_tty_drivers:s0
|
2015-05-13 02:14:35 +02:00
|
|
|
genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0
|
|
|
|
genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0
|
2017-01-12 01:20:49 +01:00
|
|
|
genfscon proc /uid_io/stats u:object_r:proc_uid_io_stats:s0
|
2017-01-18 02:33:50 +01:00
|
|
|
genfscon proc /uid_procstat/set u:object_r:proc_uid_procstat_set:s0
|
2017-06-07 19:39:11 +02:00
|
|
|
genfscon proc /uid_time_in_state u:object_r:proc_uid_time_in_state:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon proc /version u:object_r:proc_version:s0
|
|
|
|
genfscon proc /vmallocinfo u:object_r:proc_vmallocinfo:s0
|
2016-08-08 19:48:01 +02:00
|
|
|
genfscon proc /zoneinfo u:object_r:proc_zoneinfo:s0
|
2015-05-13 02:14:35 +02:00
|
|
|
|
2012-07-12 01:46:38 +02:00
|
|
|
# selinuxfs booleans can be individually labeled.
|
|
|
|
genfscon selinuxfs / u:object_r:selinuxfs:s0
|
|
|
|
genfscon cgroup / u:object_r:cgroup:s0
|
|
|
|
# sysfs labels can be set by userspace.
|
|
|
|
genfscon sysfs / u:object_r:sysfs:s0
|
2017-07-27 01:22:50 +02:00
|
|
|
genfscon sysfs /devices/system/cpu u:object_r:sysfs_devices_system_cpu:s0
|
|
|
|
genfscon sysfs /class/leds u:object_r:sysfs_leds:s0
|
|
|
|
genfscon sysfs /devices/platform/nfc-power/nfc_power u:object_r:sysfs_nfc_power_writable:s0
|
|
|
|
genfscon sysfs /devices/virtual/block/zram0 u:object_r:sysfs_zram:s0
|
|
|
|
genfscon sysfs /devices/virtual/block/zram1 u:object_r:sysfs_zram:s0
|
|
|
|
genfscon sysfs /devices/virtual/block/zram0/uevent u:object_r:sysfs_zram_uevent:s0
|
|
|
|
genfscon sysfs /devices/virtual/block/zram1/uevent u:object_r:sysfs_zram_uevent:s0
|
|
|
|
genfscon sysfs /devices/virtual/misc/hw_random u:object_r:sysfs_hwrandom:s0
|
2017-05-02 22:45:08 +02:00
|
|
|
genfscon sysfs /fs/ext4/features u:object_r:sysfs_fs_ext4_features:s0
|
2017-07-27 01:22:50 +02:00
|
|
|
genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0
|
|
|
|
genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0
|
2017-09-26 21:58:29 +02:00
|
|
|
genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0
|
2017-07-27 01:22:50 +02:00
|
|
|
genfscon sysfs /module/lowmemorykiller u:object_r:sysfs_lowmemorykiller:s0
|
|
|
|
genfscon sysfs /module/wlan/parameters/fwpath u:object_r:sysfs_wlan_fwpath:s0
|
|
|
|
genfscon sysfs /devices/virtual/timed_output/vibrator/enable u:object_r:sysfs_vibrator:s0
|
|
|
|
|
|
|
|
genfscon debugfs /mmc0 u:object_r:debugfs_mmc:s0
|
|
|
|
genfscon debugfs /tracing u:object_r:debugfs_tracing:s0
|
|
|
|
genfscon debugfs /tracing/instances u:object_r:debugfs_tracing_instances:s0
|
|
|
|
genfscon tracefs /instances u:object_r:debugfs_tracing_instances:s0
|
|
|
|
genfscon debugfs /tracing/instances/wifi u:object_r:debugfs_wifi_tracing:s0
|
|
|
|
genfscon tracefs /instances/wifi u:object_r:debugfs_wifi_tracing:s0
|
|
|
|
genfscon debugfs /tracing/trace_marker u:object_r:debugfs_trace_marker:s0
|
|
|
|
genfscon tracefs /trace_marker u:object_r:debugfs_trace_marker:s0
|
|
|
|
|
|
|
|
genfscon debugfs /tracing/events/sync/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/workqueue/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/regulator/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/pagecache/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/irq/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/ipi/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_enter/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_exit/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_write_begin/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_write_end/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/ext4/ext4_da_write_begin/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/ext4/ext4_da_write_end/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/ext4/ext4_sync_file_enter/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/ext4/ext4_sync_file_exit/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/block/block_rq_issue/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/events/block/block_rq_complete/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon debugfs /tracing/saved_cmdlines_size u:object_r:debugfs_tracing_debug:s0
|
|
|
|
|
|
|
|
genfscon tracefs /events/sync/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/workqueue/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/regulator/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/pagecache/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/irq/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/ipi/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/f2fs/f2fs_sync_file_enter/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/f2fs/f2fs_sync_file_exit/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/f2fs/f2fs_write_begin/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/f2fs/f2fs_write_end/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/ext4/ext4_da_write_begin/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/ext4/ext4_da_write_end/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/ext4/ext4_sync_file_enter/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/ext4/ext4_sync_file_exit/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/block/block_rq_issue/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /events/block/block_rq_complete/enable u:object_r:debugfs_tracing_debug:s0
|
|
|
|
genfscon tracefs /saved_cmdlines_size u:object_r:debugfs_tracing_debug:s0
|
|
|
|
|
2012-07-12 01:46:38 +02:00
|
|
|
genfscon inotifyfs / u:object_r:inotify:s0
|
2014-07-08 20:45:09 +02:00
|
|
|
genfscon vfat / u:object_r:vfat:s0
|
2012-07-12 01:46:38 +02:00
|
|
|
genfscon debugfs / u:object_r:debugfs:s0
|
2016-05-13 14:36:33 +02:00
|
|
|
genfscon tracefs / u:object_r:debugfs_tracing:s0
|
2014-07-08 20:45:09 +02:00
|
|
|
genfscon fuse / u:object_r:fuse:s0
|
2016-03-02 01:13:50 +01:00
|
|
|
genfscon configfs / u:object_r:configfs:s0
|
|
|
|
genfscon sdcardfs / u:object_r:sdcardfs:s0
|
2014-04-10 06:32:54 +02:00
|
|
|
genfscon pstore / u:object_r:pstorefs:s0
|
2014-04-15 23:53:05 +02:00
|
|
|
genfscon functionfs / u:object_r:functionfs:s0
|
2014-06-07 16:31:31 +02:00
|
|
|
genfscon usbfs / u:object_r:usbfs:s0
|
2015-04-11 02:42:49 +02:00
|
|
|
genfscon binfmt_misc / u:object_r:binfmt_miscfs:s0
|