(type local_login_t)
(roletype object_r local_login_t)
(type local_login_lock_t)
(roletype object_r local_login_lock_t)
(type local_login_tmp_t)
(roletype object_r local_login_tmp_t)
(type sulogin_t)
(roletype object_r sulogin_t)
(type sulogin_exec_t)
(roletype object_r sulogin_exec_t)
(roleattributeset cil_gen_require system_r)
(roletype system_r local_login_t)
(roletype system_r sulogin_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset privfd (local_login_t sulogin_t ))
(typeattributeset cil_gen_require var_auth_t)
(typeattributeset cil_gen_require auth_cache_t)
(typeattributeset cil_gen_require domain)
(typeattributeset domain (local_login_t sulogin_t ))
(typeattributeset cil_gen_require init_t)
(typeattributeset cil_gen_require security_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require selinux_config_t)
(typeattributeset cil_gen_require can_change_process_identity)
(typeattributeset can_change_process_identity (local_login_t sulogin_t ))
(typeattributeset cil_gen_require can_change_process_role)
(typeattributeset can_change_process_role (local_login_t sulogin_t ))
(typeattributeset cil_gen_require can_change_object_identity)
(typeattributeset can_change_object_identity (local_login_t sulogin_t ))
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require var_lib_t)
(typeattributeset cil_gen_require proc_afs_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require event_device_t)
(typeattributeset cil_gen_require usb_device_t)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require autofs_t)
(typeattributeset cil_gen_require mlsfileread)
(typeattributeset mlsfileread (local_login_t ))
(typeattributeset cil_gen_require mlsfilewrite)
(typeattributeset mlsfilewrite (local_login_t ))
(typeattributeset cil_gen_require mlsfileupgrade)
(typeattributeset mlsfileupgrade (local_login_t ))
(typeattributeset cil_gen_require mlsfiledowngrade)
(typeattributeset mlsfiledowngrade (local_login_t ))
(typeattributeset cil_gen_require mlsprocsetsl)
(typeattributeset mlsprocsetsl (local_login_t ))
(typeattributeset cil_gen_require mlsfdshare)
(typeattributeset mlsfdshare (local_login_t ))
(typeattributeset cil_gen_require can_read_shadow_passwords)
(typeattributeset can_read_shadow_passwords (local_login_t sulogin_t ))
(typeattributeset cil_gen_require nsswitch_domain)
(typeattributeset nsswitch_domain (local_login_t ))
(typeattributeset cil_gen_require pam_domain)
(typeattributeset pam_domain (local_login_t ))
(typeattributeset cil_gen_require chkpwd_t)
(typeattributeset cil_gen_require chkpwd_exec_t)
(typeattributeset cil_gen_require shadow_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require urandom_device_t)
(typeattributeset cil_gen_require faillog_t)
(typeattributeset cil_gen_require var_log_t)
(typeattributeset cil_gen_require cert_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require default_context_t)
(typeattributeset cil_gen_require tmp_t)
(typeattributeset cil_gen_require user_home_dir_t)
(typeattributeset cil_gen_require home_root_t)
(typeattributeset cil_gen_require initrc_runtime_t)
(typeattributeset cil_gen_require user_runtime_t)
(typeattributeset cil_gen_require user_runtime_root_t)
(typeattributeset cil_gen_require user_tmpfs_t)
(typeattributeset cil_gen_require tmpfs_t)
(typeattributeset cil_gen_require polydir)
(typeattributeset cil_gen_require polymember)
(typeattributeset polymember (local_login_tmp_t ))
(typeattributeset cil_gen_require polyparent)
(typeattributeset polyparent (local_login_tmp_t ))
(typeattributeset cil_gen_require poly_t)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require login_exec_t)
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (login_exec_t sulogin_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (login_exec_t sulogin_exec_t ))
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (login_exec_t local_login_lock_t local_login_tmp_t sulogin_exec_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (login_exec_t local_login_lock_t local_login_tmp_t sulogin_exec_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (login_exec_t local_login_lock_t local_login_tmp_t sulogin_exec_t ))
(typeattributeset cil_gen_require lockfile)
(typeattributeset lockfile (local_login_lock_t ))
(typeattributeset cil_gen_require tmpfile)
(typeattributeset tmpfile (local_login_tmp_t ))
(typeattributeset cil_gen_require init_domain_type)
(typeattributeset init_domain_type (sulogin_t ))
(typeattributeset cil_gen_require initrc_t)
(typeattributeset cil_gen_require systemprocess)
(typeattributeset systemprocess (sulogin_t ))
(typeattributeset cil_gen_require application_domain_type)
(typeattributeset application_domain_type (sulogin_t ))
(typeattributeset cil_gen_require application_exec_type)
(typeattributeset application_exec_type (sulogin_exec_t ))
(typeattributeset cil_gen_require var_lock_t)
(typeattributeset cil_gen_require cgroup_types)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require kernel_t)
(typeattributeset cil_gen_require mouse_device_t)
(typeattributeset cil_gen_require power_device_t)
(typeattributeset cil_gen_require sound_device_t)
(typeattributeset cil_gen_require acpi_bios_t)
(typeattributeset cil_gen_require framebuf_device_t)
(typeattributeset cil_gen_require misc_device_t)
(typeattributeset cil_gen_require scanner_device_t)
(typeattributeset cil_gen_require v4l_device_t)
(typeattributeset cil_gen_require etc_runtime_t)
(typeattributeset cil_gen_require mnt_t)
(typeattributeset cil_gen_require readable_t)
(typeattributeset cil_gen_require fixed_disk_device_t)
(typeattributeset cil_gen_require removable_device_t)
(typeattributeset cil_gen_require ttynode)
(typeattributeset cil_gen_require tty_device_t)
(typeattributeset cil_gen_require wtmp_t)
(typeattributeset cil_gen_require pam_runtime_t)
(typeattributeset cil_gen_require pam_var_console_t)
(typeattributeset cil_gen_require pam_console_t)
(typeattributeset cil_gen_require pam_console_exec_t)
(typeattributeset cil_gen_require pam_motd_runtime_t)
(typeattributeset cil_gen_require shadow_history_t)
(typeattributeset cil_gen_require locale_t)
(typeattributeset cil_gen_require userdomain)
(typeattributeset cil_gen_require shell_exec_t)
(typeattributeset cil_gen_require user_home_t)
(typeattributeset cil_gen_require unpriv_userdomain)
(typeattributeset cil_gen_require setfiles_t)
(typeattributeset cil_gen_require setfiles_exec_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require nfs_t)
(typeattributeset cil_gen_require cifs_t)
(typeattributeset cil_gen_require unlabeled_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require sysadm_t)
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t domain (dir (ioctl read getattr lock open search)))
(allow local_login_t domain (dir (getattr open search)))
(allow local_login_t domain (file (ioctl read getattr lock open)))
(allow local_login_t domain (dir (getattr open search)))
(allow local_login_t domain (lnk_file (read getattr)))
(allow local_login_t domain (process (sigkill)))
(allow local_login_t self (capability (kill)))
(allow local_login_t self (capability (ipc_lock)))
(allow local_login_t self (process (setkeycreate)))
(allow local_login_t self (key (view read write search link setattr create)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_lib_t (dir (ioctl read getattr lock open search)))
(allow local_login_t var_auth_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t var_auth_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t auth_cache_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t auth_cache_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow local_login_t auth_cache_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t auth_cache_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t auth_cache_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t auth_cache_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t var_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition local_login_t var_t dir auth_cache_t)
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (dir (ioctl read getattr lock open search)))
(allow local_login_t proc_afs_t (dir (getattr open search)))
(allow local_login_t proc_afs_t (file (ioctl read write getattr lock append open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t event_device_t (chr_file (ioctl read write getattr lock append open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t usb_device_t (chr_file (ioctl read write getattr lock append open)))
(allow local_login_t etc_t (dir (ioctl read getattr lock open search)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_t (file (ioctl read getattr lock open)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_t (lnk_file (read getattr)))
(allow local_login_t autofs_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (filesystem (getattr)))
(allow local_login_t sysfs_t (filesystem (getattr)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (file (ioctl read getattr lock open)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (lnk_file (read getattr)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (dir (ioctl read getattr lock open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t security_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (file (ioctl read write getattr map open)))
(allow local_login_t security_t (security (check_context)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow local_login_t security_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (file (ioctl read write getattr map open)))
(allow local_login_t security_t (security (compute_av)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t security_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (file (ioctl read write getattr map open)))
(allow local_login_t security_t (security (compute_create)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t security_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (file (ioctl read write getattr map open)))
(allow local_login_t security_t (security (compute_relabel)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t security_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (file (ioctl read write getattr map open)))
(allow local_login_t security_t (security (compute_user)))
(allow local_login_t auth_cache_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t chkpwd_exec_t (file (ioctl read getattr map execute open)))
(allow local_login_t chkpwd_t (process (transition)))
(dontaudit local_login_t chkpwd_t (process (noatsecure siginh rlimitinh)))
(typetransition local_login_t chkpwd_exec_t process chkpwd_t)
(allow chkpwd_t local_login_t (fd (use)))
(allow chkpwd_t local_login_t (fifo_file (ioctl read write getattr lock append)))
(allow chkpwd_t local_login_t (process (sigchld)))
(dontaudit local_login_t shadow_t (file (ioctl read getattr lock open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_log_t (dir (getattr open search)))
(allow local_login_t var_log_t (lnk_file (read getattr)))
(allow local_login_t faillog_t (file (ioctl read write getattr lock append open)))
(allow local_login_t self (capability (audit_write)))
(allow local_login_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow local_login_t cert_t (dir (ioctl read getattr lock open search)))
(allow local_login_t cert_t (dir (getattr open search)))
(allow local_login_t cert_t (file (ioctl read getattr lock open)))
(allow local_login_t cert_t (dir (getattr open search)))
(allow local_login_t cert_t (lnk_file (read getattr)))
(allow local_login_t security_t (filesystem (getattr)))
(allow local_login_t sysfs_t (filesystem (getattr)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t security_t (dir (ioctl read getattr lock open search)))
(allow local_login_t security_t (file (ioctl read getattr map open)))
(allow local_login_t var_run_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_run_t (dir (ioctl read getattr lock open search)))
(allow local_login_t initrc_runtime_t (file (ioctl read write getattr lock append open)))
(allow local_login_t self (capability (audit_control)))
(allow local_login_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow local_login_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_tty_audit)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow local_login_t selinux_config_t (dir (getattr open search)))
(allow local_login_t selinux_config_t (file (ioctl read getattr lock open)))
(allow local_login_t selinux_config_t (dir (getattr open search)))
(allow local_login_t selinux_config_t (lnk_file (read getattr)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t selinux_config_t (dir (getattr open search)))
(allow local_login_t default_context_t (dir (ioctl read getattr lock open search)))
(allow local_login_t default_context_t (dir (getattr open search)))
(allow local_login_t default_context_t (file (ioctl read getattr lock open)))
(allow local_login_t user_runtime_t (dir (getattr open search)))
(allow local_login_t user_runtime_root_t (dir (getattr open search)))
(allow local_login_t var_run_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_run_t (dir (getattr open search)))
(allow local_login_t user_tmpfs_t (dir (getattr open search)))
(allow local_login_t user_tmpfs_t (file (ioctl read getattr lock open)))
(allow local_login_t user_tmpfs_t (dir (ioctl read getattr lock open search)))
(allow local_login_t tmpfs_t (dir (getattr open search)))
(allow local_login_t login_exec_t (file (entrypoint)))
(allow local_login_t login_exec_t (file (ioctl read getattr lock map execute open)))
(allow sulogin_t sulogin_exec_t (file (entrypoint)))
(allow sulogin_t sulogin_exec_t (file (ioctl read getattr lock map execute open)))
(allow init_t sulogin_exec_t (file (ioctl read getattr map execute open)))
(allow init_t sulogin_t (process (transition)))
(dontaudit init_t sulogin_t (process (noatsecure siginh rlimitinh)))
(typetransition init_t sulogin_exec_t process sulogin_t)
(allow sulogin_t init_t (fd (use)))
(allow sulogin_t init_t (fifo_file (ioctl read write getattr lock append)))
(allow sulogin_t init_t (process (sigchld)))
(allow sulogin_t sulogin_exec_t (file (entrypoint)))
(allow sulogin_t sulogin_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t sulogin_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t sulogin_t (process (transition)))
(dontaudit initrc_t sulogin_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t sulogin_exec_t process sulogin_t)
(allow sulogin_t initrc_t (fd (use)))
(allow sulogin_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow sulogin_t initrc_t (process (sigchld)))
(allow local_login_t self (capability (chown dac_override dac_read_search fowner fsetid kill setgid setuid sys_nice sys_resource sys_tty_config)))
(dontaudit local_login_t self (capability (net_admin)))
(allow local_login_t self (process (signal setsched getcap setcap setexec setrlimit)))
(allow local_login_t self (fd (use)))
(allow local_login_t self (fifo_file (ioctl read write getattr lock append open)))
(allow local_login_t self (sock_file (read getattr open)))
(allow local_login_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow local_login_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow local_login_t self (unix_dgram_socket (sendto)))
(allow local_login_t self (unix_stream_socket (connectto)))
(allow local_login_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow local_login_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow local_login_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow local_login_t self (msg (send receive)))
(allow local_login_t self (key (write search link)))
(allow local_login_t local_login_lock_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_lock_t (lnk_file (read getattr)))
(allow local_login_t var_lock_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition local_login_t var_lock_t file local_login_lock_t)
(allow local_login_t local_login_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow local_login_t local_login_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition local_login_t tmp_t dir local_login_tmp_t)
(typetransition local_login_t tmp_t file local_login_tmp_t)
(allow local_login_t cgroup_types (filesystem (getattr)))
(allow local_login_t cgroup_types (dir (getattr open search)))
(allow local_login_t cgroup_types (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t sysfs_t (dir (getattr open search)))
(allow local_login_t fs_t (filesystem (getattr)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (file (ioctl read getattr lock open)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (lnk_file (read getattr)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t proc_t (dir (ioctl read getattr lock open search)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t sysctl_t (dir (getattr open search)))
(allow local_login_t sysctl_kernel_t (dir (getattr open search)))
(allow local_login_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow local_login_t proc_t (dir (getattr open search)))
(allow local_login_t sysctl_t (dir (getattr open search)))
(allow local_login_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow local_login_t kernel_t (key (search)))
(allow local_login_t kernel_t (key (link)))
(allow local_login_t proc_t (filesystem (getattr)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (ioctl read getattr lock open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (file (ioctl read getattr lock open)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (fifo_file (ioctl read getattr lock open)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (sock_file (read getattr open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t mouse_device_t (chr_file (setattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t mouse_device_t (chr_file (getattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t power_device_t (chr_file (getattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t power_device_t (chr_file (setattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t sound_device_t (chr_file (getattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t sound_device_t (chr_file (setattr)))
(dontaudit local_login_t acpi_bios_t (chr_file (getattr)))
(dontaudit local_login_t acpi_bios_t (chr_file (setattr)))
(dontaudit local_login_t framebuf_device_t (chr_file (read getattr)))
(dontaudit local_login_t framebuf_device_t (chr_file (setattr)))
(dontaudit local_login_t device_t (blk_file (getattr)))
(dontaudit local_login_t device_t (blk_file (setattr)))
(dontaudit local_login_t device_t (chr_file (getattr)))
(dontaudit local_login_t device_t (chr_file (setattr)))
(dontaudit local_login_t device_t (lnk_file (setattr)))
(dontaudit local_login_t misc_device_t (chr_file (getattr)))
(dontaudit local_login_t misc_device_t (chr_file (setattr)))
(dontaudit local_login_t scanner_device_t (chr_file (getattr)))
(dontaudit local_login_t scanner_device_t (chr_file (setattr)))
(dontaudit local_login_t sysfs_t (dir (getattr open search)))
(dontaudit local_login_t v4l_device_t (chr_file (getattr)))
(dontaudit local_login_t v4l_device_t (chr_file (setattr)))
(allow local_login_t entry_type (lnk_file (read getattr)))
(allow local_login_t entry_type (file (ioctl read getattr lock open)))
(allow local_login_t etc_t (dir (ioctl read getattr lock open search)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_t (file (ioctl read getattr lock open)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_t (lnk_file (read getattr)))
(allow local_login_t etc_t (dir (ioctl read getattr lock open search)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_runtime_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (ioctl read getattr lock open search)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t usr_t (file (ioctl read getattr lock open)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t usr_t (lnk_file (read getattr)))
(allow local_login_t mnt_t (dir (ioctl read getattr lock open search)))
(allow local_login_t readable_t (dir (ioctl read getattr lock open search)))
(allow local_login_t readable_t (file (ioctl read getattr lock open)))
(allow local_login_t readable_t (lnk_file (read getattr)))
(allow local_login_t readable_t (fifo_file (ioctl read getattr lock open)))
(allow local_login_t readable_t (sock_file (read getattr open)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_t (lnk_file (read getattr)))
(allow local_login_t autofs_t (dir (getattr open search)))
(dontaudit local_login_t fixed_disk_device_t (blk_file (getattr)))
(dontaudit local_login_t fixed_disk_device_t (chr_file (getattr)))
(dontaudit local_login_t fixed_disk_device_t (blk_file (setattr)))
(dontaudit local_login_t fixed_disk_device_t (chr_file (setattr)))
(dontaudit local_login_t removable_device_t (blk_file (getattr)))
(dontaudit local_login_t removable_device_t (blk_file (setattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (dir (ioctl read getattr lock open search)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (lnk_file (read getattr)))
(allow local_login_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (dir (ioctl read getattr lock open search)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (lnk_file (read getattr)))
(allow local_login_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (dir (ioctl read getattr lock open search)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (lnk_file (read getattr)))
(allow local_login_t tty_device_t (chr_file (getattr relabelfrom relabelto)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (dir (ioctl read getattr lock open search)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (lnk_file (read getattr)))
(allow local_login_t ttynode (chr_file (getattr relabelfrom relabelto)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (dir (ioctl read getattr lock open search)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (lnk_file (read getattr)))
(allow local_login_t ttynode (chr_file (setattr)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (dir (ioctl read getattr lock open search)))
(allow local_login_t device_t (dir (getattr open search)))
(allow local_login_t device_t (lnk_file (read getattr)))
(allow local_login_t tty_device_t (chr_file (setattr)))
(allow local_login_t wtmp_t (file (ioctl read write getattr lock append open)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_log_t (dir (getattr open search)))
(allow local_login_t var_log_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_log_t (dir (getattr open search)))
(allow local_login_t var_log_t (lnk_file (read getattr)))
(allow local_login_t faillog_t (file (ioctl read write getattr lock append open)))
(allow local_login_t var_run_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_run_t (dir (getattr open search)))
(allow local_login_t pam_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t pam_runtime_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow local_login_t var_run_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_run_t (dir (getattr open search)))
(allow local_login_t pam_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t pam_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t var_run_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_run_t (dir (getattr open search)))
(allow local_login_t pam_var_console_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t pam_var_console_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow local_login_t pam_var_console_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow local_login_t pam_var_console_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow local_login_t pam_console_exec_t (file (ioctl read getattr map execute open)))
(allow local_login_t pam_console_t (process (transition)))
(dontaudit local_login_t pam_console_t (process (noatsecure siginh rlimitinh)))
(typetransition local_login_t pam_console_exec_t process pam_console_t)
(allow pam_console_t local_login_t (fd (use)))
(allow pam_console_t local_login_t (fifo_file (ioctl read write getattr lock append)))
(allow pam_console_t local_login_t (process (sigchld)))
(allow local_login_t var_run_t (lnk_file (read getattr)))
(allow local_login_t var_t (dir (getattr open search)))
(allow local_login_t var_run_t (dir (getattr open search)))
(allow local_login_t pam_motd_runtime_t (file (ioctl read getattr lock open)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t shadow_history_t (file (ioctl read getattr lock open)))
(allow local_login_t init_t (fd (use)))
(allow local_login_t etc_t (dir (getattr open search)))
(allow local_login_t etc_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t locale_t (dir (ioctl read getattr lock open search)))
(allow local_login_t locale_t (dir (getattr open search)))
(allow local_login_t locale_t (file (ioctl read getattr lock open)))
(allow local_login_t locale_t (dir (getattr open search)))
(allow local_login_t locale_t (lnk_file (read getattr)))
(allow local_login_t locale_t (file (map)))
(allow local_login_t userdomain (key (view read write search link setattr create)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (lnk_file (read getattr)))
(allow local_login_t usr_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (getattr open search)))
(allow local_login_t bin_t (dir (ioctl read getattr lock open search)))
(allow local_login_t shell_exec_t (file (ioctl read getattr map execute open)))
(allow local_login_t userdomain (process (transition)))
(dontaudit local_login_t userdomain (process (noatsecure siginh rlimitinh)))
(allow userdomain local_login_t (fd (use)))
(allow userdomain local_login_t (fifo_file (ioctl read write getattr lock append)))
(allow userdomain local_login_t (process (sigchld)))
(allow local_login_t userdomain (process (signal)))
(allow local_login_t home_root_t (dir (ioctl read getattr lock open search)))
(allow local_login_t home_root_t (lnk_file (read getattr)))
(allow local_login_t user_home_dir_t (dir (getattr open search)))
(allow local_login_t user_home_t (dir (getattr open search)))
(allow local_login_t unpriv_userdomain (fd (use)))
(allow local_login_t userdomain (process (sigchld)))
(allow local_login_t userdomain (key (create)))
(allow sulogin_t self (capability (dac_read_search sys_admin sys_tty_config)))
(dontaudit sulogin_t self (capability (dac_override)))
(allow sulogin_t self (process (setexec)))
(allow sulogin_t self (fd (use)))
(allow sulogin_t self (fifo_file (ioctl read write getattr lock append open)))
(allow sulogin_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sulogin_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow sulogin_t self (unix_dgram_socket (sendto)))
(allow sulogin_t self (unix_stream_socket (connectto)))
(allow sulogin_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow sulogin_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow sulogin_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow sulogin_t self (msg (send receive)))
(allow sulogin_t proc_t (dir (getattr open search)))
(allow sulogin_t proc_t (file (ioctl read getattr lock open)))
(allow sulogin_t proc_t (dir (getattr open search)))
(allow sulogin_t proc_t (lnk_file (read getattr)))
(allow sulogin_t proc_t (dir (getattr open search)))
(allow sulogin_t proc_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t kernel_t (unix_stream_socket (connectto)))
(allow sulogin_t kernel_t (fd (use)))
(dontaudit sulogin_t unlabeled_t (dir (getattr open search)))
(allow sulogin_t autofs_t (dir (getattr open search)))
(allow sulogin_t tmpfs_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t tmpfs_t (dir (getattr open search)))
(allow sulogin_t tmpfs_t (chr_file (ioctl read write getattr lock append open)))
(allow sulogin_t etc_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t etc_t (dir (getattr open search)))
(allow sulogin_t etc_t (file (ioctl read getattr lock open)))
(allow sulogin_t etc_t (dir (getattr open search)))
(allow sulogin_t etc_t (lnk_file (read getattr)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (lnk_file (read getattr)))
(allow sulogin_t console_device_t (chr_file (ioctl read write getattr lock append open)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (lnk_file (read getattr)))
(allow sulogin_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(allow sulogin_t etc_t (dir (getattr open search)))
(allow sulogin_t shadow_history_t (file (ioctl read getattr lock open)))
(allow sulogin_t etc_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t shadow_t (file (ioctl read getattr lock open)))
(allow sulogin_t init_t (process (getpgid)))
(allow sulogin_t initrc_t (process (getpgid)))
(allow sulogin_t devlog_t (sock_file (write getattr append open)))
(allow sulogin_t var_run_t (lnk_file (read getattr)))
(allow sulogin_t var_t (dir (getattr open search)))
(allow sulogin_t var_run_t (dir (getattr open search)))
(allow sulogin_t init_runtime_t (dir (getattr open search)))
(allow sulogin_t syslogd_runtime_t (dir (getattr open search)))
(allow sulogin_t syslogd_t (unix_dgram_socket (sendto)))
(allow sulogin_t syslogd_t (unix_stream_socket (connectto)))
(allow sulogin_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sulogin_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (lnk_file (read getattr)))
(allow sulogin_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit sulogin_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow sulogin_t etc_t (dir (getattr open search)))
(allow sulogin_t etc_t (lnk_file (read getattr)))
(allow sulogin_t usr_t (dir (getattr open search)))
(allow sulogin_t locale_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t locale_t (dir (getattr open search)))
(allow sulogin_t locale_t (file (ioctl read getattr lock open)))
(allow sulogin_t locale_t (dir (getattr open search)))
(allow sulogin_t locale_t (lnk_file (read getattr)))
(allow sulogin_t locale_t (file (map)))
(allow sulogin_t etc_t (dir (getattr open search)))
(allow sulogin_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t selinux_config_t (dir (getattr open search)))
(allow sulogin_t selinux_config_t (file (ioctl read getattr lock open)))
(allow sulogin_t selinux_config_t (dir (getattr open search)))
(allow sulogin_t selinux_config_t (lnk_file (read getattr)))
(allow sulogin_t etc_t (dir (getattr open search)))
(allow sulogin_t selinux_config_t (dir (getattr open search)))
(allow sulogin_t default_context_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t default_context_t (dir (getattr open search)))
(allow sulogin_t default_context_t (file (ioctl read getattr lock open)))
(allow sulogin_t unpriv_userdomain (fd (use)))
(allow sulogin_t user_home_dir_t (dir (getattr open search)))
(allow sulogin_t home_root_t (dir (getattr open search)))
(allow sulogin_t home_root_t (lnk_file (read getattr)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t device_t (dir (getattr open search)))
(allow sulogin_t device_t (lnk_file (read getattr)))
(allow sulogin_t devpts_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow sulogin_t bin_t (dir (getattr open search)))
(allow sulogin_t bin_t (lnk_file (read getattr)))
(allow sulogin_t usr_t (dir (getattr open search)))
(allow sulogin_t bin_t (dir (getattr open search)))
(allow sulogin_t bin_t (dir (ioctl read getattr lock open search)))
(allow sulogin_t shell_exec_t (file (ioctl read getattr map execute open)))
(allow sulogin_t sysadm_t (process (transition)))
(dontaudit sulogin_t sysadm_t (process (noatsecure siginh rlimitinh)))
(typetransition sulogin_t shell_exec_t process sysadm_t)
(allow sysadm_t sulogin_t (fd (use)))
(allow sysadm_t sulogin_t (fifo_file (ioctl read write getattr lock append)))
(allow sysadm_t sulogin_t (process (sigchld)))
(booleanif (use_samba_home_dirs)
    (true
        (allow local_login_t cifs_t (lnk_file (read getattr)))
        (allow local_login_t cifs_t (dir (getattr open search)))
        (allow local_login_t cifs_t (dir (ioctl read getattr lock open search)))
        (allow local_login_t cifs_t (file (ioctl read getattr lock open)))
        (allow local_login_t cifs_t (dir (getattr open search)))
        (allow local_login_t cifs_t (dir (ioctl read getattr lock open search)))
    )
)
(booleanif (use_nfs_home_dirs)
    (true
        (allow local_login_t nfs_t (lnk_file (read getattr)))
        (allow local_login_t nfs_t (dir (getattr open search)))
        (allow local_login_t nfs_t (dir (ioctl read getattr lock open search)))
        (allow local_login_t nfs_t (file (ioctl read getattr lock open)))
        (allow local_login_t nfs_t (dir (getattr open search)))
        (allow local_login_t nfs_t (dir (ioctl read getattr lock open search)))
    )
)
(booleanif (console_login)
    (true
        (allow local_login_t console_device_t (chr_file (getattr relabelfrom relabelto)))
        (allow local_login_t device_t (lnk_file (read getattr)))
        (allow local_login_t device_t (dir (getattr open search)))
        (allow local_login_t device_t (dir (ioctl read getattr lock open search)))
        (allow local_login_t device_t (dir (getattr open search)))
    )
)
(booleanif (allow_polyinstantiation)
    (true
        (allow local_login_t tmpfs_t (filesystem (unmount)))
        (allow local_login_t tmpfs_t (filesystem (mount)))
        (allow local_login_t fs_t (filesystem (unmount)))
        (allow local_login_t poly_t (dir (create mounton)))
        (allow local_login_t polyparent (dir (ioctl read write getattr lock relabelfrom relabelto open add_name remove_name search)))
        (allow local_login_t polydir (dir (write open add_name)))
        (allow local_login_t polymember (dir (create setattr relabelto)))
        (allow local_login_t self (process (setfscreate)))
        (allow local_login_t polyparent (dir (getattr mounton)))
        (allow local_login_t polymember (dir (getattr open search)))
        (allow local_login_t polydir (dir (ioctl write create getattr setattr lock mounton open add_name search rmdir)))
        (allow local_login_t self (capability (chown fowner fsetid sys_admin)))
        (allow local_login_t security_t (security (compute_member)))
        (allow local_login_t security_t (file (ioctl read write getattr map open)))
        (allow local_login_t security_t (dir (ioctl read getattr lock open search)))
        (allow local_login_t sysfs_t (dir (getattr open search)))
        (allow local_login_t sysfs_t (dir (getattr open search)))
        (allow setfiles_t local_login_t (process (sigchld)))
        (allow setfiles_t local_login_t (fifo_file (ioctl read write getattr lock append)))
        (allow setfiles_t local_login_t (fd (use)))
        (typetransition local_login_t setfiles_exec_t process setfiles_t)
        (dontaudit local_login_t setfiles_t (process (noatsecure siginh rlimitinh)))
        (allow local_login_t setfiles_t (process (transition)))
        (allow local_login_t setfiles_exec_t (file (ioctl read getattr map execute open)))
        (allow local_login_t usr_t (dir (getattr open search)))
        (allow local_login_t bin_t (lnk_file (read getattr)))
        (allow local_login_t bin_t (dir (getattr open search)))
        (allow local_login_t usr_t (dir (getattr open search)))
        (allow local_login_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
        (allow local_login_t bin_t (dir (ioctl read getattr lock open search)))
        (allow local_login_t bin_t (dir (getattr open search)))
        (allow local_login_t usr_t (dir (getattr open search)))
        (allow local_login_t bin_t (lnk_file (read getattr)))
        (allow local_login_t bin_t (dir (getattr open search)))
    )
)
(optional locallogin_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow local_login_t init_t (process (sigchld)))
    (allow local_login_t init_t (process (signull)))
    (optional locallogin_optional_3
        (typeattributeset cil_gen_require rpm_t)
        (allow local_login_t rpm_t (fd (use)))
        (allow local_login_t rpm_t (fifo_file (ioctl read getattr lock open)))
    )
    (optional locallogin_optional_4
        (typeattributeset cil_gen_require security_t)
        (typeattributeset cil_gen_require sysfs_t)
        (dontaudit local_login_t security_t (filesystem (getattr)))
        (dontaudit local_login_t sysfs_t (filesystem (getattr)))
        (dontaudit local_login_t sysfs_t (dir (getattr open search)))
        (dontaudit local_login_t security_t (dir (getattr open search)))
        (dontaudit local_login_t security_t (file (ioctl read getattr lock open)))
        (optional locallogin_optional_5
            (typeattributeset cil_gen_require selinux_config_t)
            (dontaudit local_login_t selinux_config_t (dir (getattr open search)))
            (dontaudit local_login_t selinux_config_t (file (ioctl read getattr lock open)))
            (optional locallogin_optional_6
                (typeattributeset cil_gen_require etc_t)
                (typeattributeset cil_gen_require krb5_keytab_t)
                (allow local_login_t etc_t (dir (getattr open search)))
                (allow local_login_t krb5_keytab_t (file (ioctl read getattr lock open)))
            )
            (optional locallogin_optional_7
                (typeattributeset cil_gen_require var_t)
                (typeattributeset cil_gen_require pcscd_runtime_t)
                (typeattributeset cil_gen_require var_run_t)
                (typeattributeset cil_gen_require pcscd_t)
                (allow local_login_t var_run_t (lnk_file (read getattr)))
                (allow local_login_t var_t (dir (getattr open search)))
                (allow local_login_t var_run_t (dir (getattr open search)))
                (allow local_login_t pcscd_runtime_t (dir (getattr open search)))
                (allow local_login_t pcscd_runtime_t (file (ioctl read getattr lock open)))
                (allow local_login_t var_run_t (lnk_file (read getattr)))
                (allow local_login_t var_t (dir (getattr open search)))
                (allow local_login_t var_run_t (dir (getattr open search)))
                (allow local_login_t pcscd_runtime_t (dir (getattr open search)))
                (allow local_login_t pcscd_runtime_t (sock_file (write getattr append open)))
                (allow local_login_t pcscd_t (unix_stream_socket (connectto)))
                (allow pcscd_t local_login_t (dir (ioctl read getattr lock open search)))
                (allow pcscd_t local_login_t (file (ioctl read getattr lock open)))
            )
            (optional locallogin_optional_8
                (typeattributeset cil_gen_require var_t)
                (typeattributeset cil_gen_require var_lib_t)
                (typeattributeset cil_gen_require var_run_t)
                (typeattributeset cil_gen_require dbusd_system_bus_client)
                (typeattributeset cil_gen_require system_dbusd_t)
                (typeattributeset cil_gen_require system_dbusd_runtime_t)
                (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                (typeattributeset cil_gen_require session_dbusd_tmp_t)
                (typeattributeset cil_gen_require dbusd_etc_t)
                (typeattributeset cil_gen_require dbusd_system_bus_client)
                (typeattributeset dbusd_system_bus_client (local_login_t ))
                (allow local_login_t system_dbusd_t (dbus (send_msg)))
                (allow local_login_t self (dbus (send_msg)))
                (allow system_dbusd_t local_login_t (dbus (send_msg)))
                (allow local_login_t var_t (dir (getattr open search)))
                (allow local_login_t var_lib_t (dir (getattr open search)))
                (allow local_login_t system_dbusd_var_lib_t (dir (getattr open search)))
                (allow local_login_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                (allow local_login_t system_dbusd_var_lib_t (dir (getattr open search)))
                (allow local_login_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                (allow local_login_t session_dbusd_tmp_t (dir (getattr open search)))
                (allow local_login_t session_dbusd_tmp_t (sock_file (read write getattr append open)))
                (allow local_login_t var_run_t (lnk_file (read getattr)))
                (allow local_login_t var_t (dir (getattr open search)))
                (allow local_login_t var_run_t (dir (getattr open search)))
                (allow local_login_t system_dbusd_runtime_t (dir (getattr open search)))
                (allow local_login_t system_dbusd_runtime_t (sock_file (write getattr append open)))
                (allow local_login_t system_dbusd_t (unix_stream_socket (connectto)))
                (allow local_login_t dbusd_etc_t (dir (ioctl read getattr lock open search)))
                (allow local_login_t dbusd_etc_t (file (ioctl read getattr lock open)))
                (allow local_login_t system_dbusd_runtime_t (dir (ioctl read getattr lock open search)))
                (allow local_login_t system_dbusd_runtime_t (sock_file (read)))
                (allow local_login_t system_dbusd_var_lib_t (dir (getattr open search)))
                (allow local_login_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                (optional locallogin_optional_9
                    (typeattributeset cil_gen_require fprintd_t)
                    (allow local_login_t fprintd_t (dbus (send_msg)))
                    (allow fprintd_t local_login_t (dbus (send_msg)))
                )
                (optional locallogin_optional_10
                    (typeattributeset cil_gen_require systemd_logind_t)
                    (typeattributeset cil_gen_require systemd_sessions_runtime_t)
                    (allow local_login_t systemd_logind_t (dbus (send_msg)))
                    (allow systemd_logind_t local_login_t (dbus (send_msg)))
                    (allow local_login_t systemd_logind_t (fd (use)))
                    (allow local_login_t systemd_sessions_runtime_t (fifo_file (write)))
                    (allow systemd_logind_t local_login_t (process (signal)))
                )
            )
            (optional locallogin_optional_11
                (typeattributeset cil_gen_require security_t)
                (typeattributeset cil_gen_require sysfs_t)
                (typeattributeset cil_gen_require selinux_config_t)
                (typeattributeset cil_gen_require can_change_object_identity)
                (typeattributeset can_change_object_identity (local_login_t sulogin_t ))
                (typeattributeset cil_gen_require etc_t)
                (typeattributeset cil_gen_require krb5_host_rcache_t)
                (typeattributeset cil_gen_require default_context_t)
                (typeattributeset cil_gen_require file_context_t)
                (typeattributeset cil_gen_require tmp_t)
                (typeattributeset cil_gen_require krb5_conf_t)
                (typeattributeset cil_gen_require krb5_home_t)
                (typeattributeset cil_gen_require user_home_dir_t)
                (typeattributeset cil_gen_require home_root_t)
                (typeattributeset cil_gen_require can_change_object_identity)
                (typeattributeset can_change_object_identity (local_login_t ))
                (allow local_login_t etc_t (dir (getattr open search)))
                (allow local_login_t krb5_conf_t (file (ioctl read getattr lock open)))
                (allow local_login_t user_home_dir_t (dir (getattr open search)))
                (allow local_login_t home_root_t (dir (getattr open search)))
                (allow local_login_t home_root_t (lnk_file (read getattr)))
                (allow local_login_t krb5_home_t (file (ioctl read getattr lock open)))
                (booleanif (allow_kerberos)
                    (true
                        (allow local_login_t krb5_host_rcache_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                        (allow local_login_t tmp_t (dir (getattr open search)))
                        (allow local_login_t file_context_t (file (map)))
                        (allow local_login_t file_context_t (file (ioctl read getattr lock open)))
                        (allow local_login_t file_context_t (dir (getattr open search)))
                        (allow local_login_t selinux_config_t (dir (getattr open search)))
                        (allow local_login_t default_context_t (dir (getattr open search)))
                        (allow local_login_t etc_t (dir (getattr open search)))
                        (allow local_login_t security_t (security (check_context)))
                        (allow local_login_t security_t (file (ioctl read write getattr map open)))
                        (allow local_login_t security_t (dir (ioctl read getattr lock open search)))
                        (allow local_login_t sysfs_t (dir (getattr open search)))
                        (allow local_login_t sysfs_t (dir (getattr open search)))
                        (allow local_login_t self (process (setfscreate)))
                    )
                )
            )
            (optional locallogin_optional_12
                (typeattributeset cil_gen_require systemd_logind_t)
                (typeattributeset cil_gen_require systemd_sessions_runtime_t)
                (typeattributeset cil_gen_require systemd_passwd_agent_t)
                (allow systemd_logind_t local_login_t (dir (ioctl read getattr lock open search)))
                (allow systemd_logind_t local_login_t (file (ioctl read getattr lock open)))
                (allow local_login_t systemd_logind_t (fd (use)))
                (allow local_login_t systemd_sessions_runtime_t (fifo_file (write)))
                (allow systemd_logind_t local_login_t (process (signal)))
                (allow systemd_passwd_agent_t local_login_t (fd (use)))
            )
            (optional locallogin_optional_13
                (typeattributeset cil_gen_require init_t)
                (allow sulogin_t init_t (process (sigchld)))
                (allow sulogin_t init_t (process (signull)))
                (optional locallogin_optional_14
                    (typeattributeset cil_gen_require rpm_t)
                    (allow sulogin_t rpm_t (fd (use)))
                    (allow sulogin_t rpm_t (fifo_file (ioctl read getattr lock open)))
                )
                (optional locallogin_optional_15
                    (typeattributeset cil_gen_require security_t)
                    (typeattributeset cil_gen_require sysfs_t)
                    (dontaudit sulogin_t security_t (filesystem (getattr)))
                    (dontaudit sulogin_t sysfs_t (filesystem (getattr)))
                    (dontaudit sulogin_t sysfs_t (dir (getattr open search)))
                    (dontaudit sulogin_t security_t (dir (getattr open search)))
                    (dontaudit sulogin_t security_t (file (ioctl read getattr lock open)))
                    (optional locallogin_optional_16
                        (typeattributeset cil_gen_require selinux_config_t)
                        (dontaudit sulogin_t selinux_config_t (dir (getattr open search)))
                        (dontaudit sulogin_t selinux_config_t (file (ioctl read getattr lock open)))
                        (optional locallogin_optional_17
                            (typeattributeset cil_gen_require init_t)
                            (allow sulogin_t init_t (process (sigchld)))
                            (allow sulogin_t init_t (process (signull)))
                            (optional locallogin_optional_18
                                (typeattributeset cil_gen_require rpm_t)
                                (allow sulogin_t rpm_t (fd (use)))
                                (allow sulogin_t rpm_t (fifo_file (ioctl read getattr lock open)))
                            )
                            (optional locallogin_optional_19
                                (typeattributeset cil_gen_require security_t)
                                (typeattributeset cil_gen_require sysfs_t)
                                (dontaudit sulogin_t security_t (filesystem (getattr)))
                                (dontaudit sulogin_t sysfs_t (filesystem (getattr)))
                                (dontaudit sulogin_t sysfs_t (dir (getattr open search)))
                                (dontaudit sulogin_t security_t (dir (getattr open search)))
                                (dontaudit sulogin_t security_t (file (ioctl read getattr lock open)))
                                (optional locallogin_optional_20
                                    (typeattributeset cil_gen_require selinux_config_t)
                                    (dontaudit sulogin_t selinux_config_t (dir (getattr open search)))
                                    (dontaudit sulogin_t selinux_config_t (file (ioctl read getattr lock open)))
                                    (optional locallogin_optional_21
                                        (typeattributeset cil_gen_require bin_t)
                                        (typeattributeset cil_gen_require usr_t)
                                        (typeattributeset cil_gen_require alsa_t)
                                        (typeattributeset cil_gen_require alsa_exec_t)
                                        (allow local_login_t bin_t (dir (getattr open search)))
                                        (allow local_login_t bin_t (lnk_file (read getattr)))
                                        (allow local_login_t usr_t (dir (getattr open search)))
                                        (allow local_login_t alsa_exec_t (file (ioctl read getattr map execute open)))
                                        (allow local_login_t alsa_t (process (transition)))
                                        (dontaudit local_login_t alsa_t (process (noatsecure siginh rlimitinh)))
                                        (typetransition local_login_t alsa_exec_t process alsa_t)
                                        (allow alsa_t local_login_t (fd (use)))
                                        (allow alsa_t local_login_t (fifo_file (ioctl read write getattr lock append)))
                                        (allow alsa_t local_login_t (process (sigchld)))
                                    )
                                    (optional locallogin_optional_22
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require var_lib_t)
                                        (typeattributeset cil_gen_require var_run_t)
                                        (typeattributeset cil_gen_require dbusd_system_bus_client)
                                        (typeattributeset cil_gen_require system_dbusd_t)
                                        (typeattributeset cil_gen_require system_dbusd_runtime_t)
                                        (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                                        (typeattributeset cil_gen_require session_dbusd_tmp_t)
                                        (typeattributeset cil_gen_require dbusd_etc_t)
                                        (typeattributeset cil_gen_require dbusd_system_bus_client)
                                        (typeattributeset dbusd_system_bus_client (local_login_t ))
                                        (allow local_login_t system_dbusd_t (dbus (send_msg)))
                                        (allow local_login_t self (dbus (send_msg)))
                                        (allow system_dbusd_t local_login_t (dbus (send_msg)))
                                        (allow local_login_t var_t (dir (getattr open search)))
                                        (allow local_login_t var_lib_t (dir (getattr open search)))
                                        (allow local_login_t system_dbusd_var_lib_t (dir (getattr open search)))
                                        (allow local_login_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                                        (allow local_login_t system_dbusd_var_lib_t (dir (getattr open search)))
                                        (allow local_login_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                        (allow local_login_t session_dbusd_tmp_t (dir (getattr open search)))
                                        (allow local_login_t session_dbusd_tmp_t (sock_file (read write getattr append open)))
                                        (allow local_login_t var_run_t (lnk_file (read getattr)))
                                        (allow local_login_t var_t (dir (getattr open search)))
                                        (allow local_login_t var_run_t (dir (getattr open search)))
                                        (allow local_login_t system_dbusd_runtime_t (dir (getattr open search)))
                                        (allow local_login_t system_dbusd_runtime_t (sock_file (write getattr append open)))
                                        (allow local_login_t system_dbusd_t (unix_stream_socket (connectto)))
                                        (allow local_login_t dbusd_etc_t (dir (ioctl read getattr lock open search)))
                                        (allow local_login_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                        (allow local_login_t system_dbusd_runtime_t (dir (ioctl read getattr lock open search)))
                                        (allow local_login_t system_dbusd_runtime_t (sock_file (read)))
                                        (allow local_login_t system_dbusd_var_lib_t (dir (getattr open search)))
                                        (allow local_login_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                    )
                                    (optional locallogin_optional_23
                                        (typeattributeset cil_gen_require device_t)
                                        (typeattributeset cil_gen_require gpmctl_t)
                                        (allow local_login_t device_t (dir (getattr open search)))
                                        (allow local_login_t device_t (dir (ioctl read getattr lock open search)))
                                        (allow local_login_t device_t (dir (getattr open search)))
                                        (allow local_login_t device_t (lnk_file (read getattr)))
                                        (allow local_login_t gpmctl_t (sock_file (getattr)))
                                        (allow local_login_t gpmctl_t (fifo_file (getattr)))
                                        (allow local_login_t device_t (dir (getattr open search)))
                                        (allow local_login_t device_t (dir (ioctl read getattr lock open search)))
                                        (allow local_login_t device_t (dir (getattr open search)))
                                        (allow local_login_t device_t (lnk_file (read getattr)))
                                        (allow local_login_t gpmctl_t (sock_file (setattr)))
                                    )
                                    (optional locallogin_optional_24
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require mail_spool_t)
                                        (typeattributeset cil_gen_require var_spool_t)
                                        (allow local_login_t var_t (dir (getattr open search)))
                                        (allow local_login_t var_spool_t (dir (getattr open search)))
                                        (allow local_login_t mail_spool_t (dir (ioctl read getattr lock open search)))
                                        (allow local_login_t mail_spool_t (dir (getattr open search)))
                                        (allow local_login_t mail_spool_t (file (getattr)))
                                        (allow local_login_t mail_spool_t (dir (getattr open search)))
                                        (allow local_login_t mail_spool_t (lnk_file (read getattr)))
                                    )
                                    (optional locallogin_optional_25
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require etc_t)
                                        (typeattributeset cil_gen_require var_run_t)
                                        (typeattributeset cil_gen_require var_yp_t)
                                        (typeattributeset cil_gen_require netlabel_peer_t)
                                        (typeattributeset cil_gen_require netif_t)
                                        (typeattributeset cil_gen_require node_t)
                                        (typeattributeset cil_gen_require port_t)
                                        (typeattributeset cil_gen_require defined_port_type)
                                        (typeattributeset cil_gen_require reserved_port_type)
                                        (typeattributeset cil_gen_require port_type)
                                        (typeattributeset cil_gen_require portmap_port_t)
                                        (typeattributeset cil_gen_require reserved_port_t)
                                        (typeattributeset cil_gen_require portmap_client_packet_t)
                                        (typeattributeset cil_gen_require client_packet_t)
                                        (typeattributeset cil_gen_require server_packet_t)
                                        (typeattributeset cil_gen_require net_conf_t)
                                        (booleanif (allow_ypbind)
                                            (true
                                                (allow local_login_t net_conf_t (lnk_file (read getattr)))
                                                (allow local_login_t net_conf_t (file (ioctl read getattr lock open)))
                                                (allow local_login_t net_conf_t (dir (ioctl read getattr lock open search)))
                                                (allow local_login_t var_run_t (dir (getattr open search)))
                                                (allow local_login_t var_t (dir (getattr open search)))
                                                (allow local_login_t var_run_t (lnk_file (read getattr)))
                                                (allow local_login_t etc_t (dir (getattr open search)))
                                                (allow local_login_t server_packet_t (packet (recv)))
                                                (allow local_login_t server_packet_t (packet (send)))
                                                (allow local_login_t client_packet_t (packet (recv)))
                                                (allow local_login_t client_packet_t (packet (send)))
                                                (allow local_login_t portmap_client_packet_t (packet (recv)))
                                                (allow local_login_t portmap_client_packet_t (packet (send)))
                                                (dontaudit local_login_t port_type (tcp_socket (name_connect)))
                                                (allow local_login_t port_t (tcp_socket (name_connect)))
                                                (allow local_login_t reserved_port_t (tcp_socket (name_connect)))
                                                (allow local_login_t portmap_port_t (tcp_socket (name_connect)))
                                                (dontaudit local_login_t port_type (udp_socket (name_bind)))
                                                (dontaudit local_login_t port_type (tcp_socket (name_bind)))
                                                (dontaudit local_login_t reserved_port_type (udp_socket (name_bind)))
                                                (dontaudit local_login_t reserved_port_type (tcp_socket (name_bind)))
                                                (dontaudit local_login_t defined_port_type (udp_socket (name_bind)))
                                                (allow local_login_t port_t (udp_socket (name_bind)))
                                                (dontaudit local_login_t defined_port_type (tcp_socket (name_bind)))
                                                (allow local_login_t port_t (tcp_socket (name_bind)))
                                                (allow local_login_t node_t (udp_socket (node_bind)))
                                                (allow local_login_t node_t (tcp_socket (node_bind)))
                                                (allow local_login_t node_t (node (recvfrom)))
                                                (allow local_login_t node_t (node (sendto)))
                                                (allow local_login_t node_t (node (recvfrom sendto)))
                                                (allow local_login_t netif_t (netif (ingress)))
                                                (allow local_login_t netif_t (netif (egress)))
                                                (allow local_login_t netif_t (netif (ingress egress)))
                                                (allow local_login_t netlabel_peer_t (tcp_socket (recvfrom)))
                                                (allow local_login_t netlabel_peer_t (udp_socket (recvfrom)))
                                                (allow local_login_t netlabel_peer_t (rawip_socket (recvfrom)))
                                                (allow local_login_t netlabel_peer_t (peer (recv)))
                                                (allow local_login_t var_yp_t (lnk_file (read getattr)))
                                                (allow local_login_t var_yp_t (file (ioctl read getattr lock open)))
                                                (allow local_login_t var_yp_t (dir (ioctl read getattr lock open search)))
                                                (allow local_login_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                                (allow local_login_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                                                (allow local_login_t self (capability (net_bind_service)))
                                            )
                                        )
                                    )
                                    (optional locallogin_optional_26
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require var_run_t)
                                        (typeattributeset cil_gen_require nscd_t)
                                        (typeattributeset cil_gen_require nscd_runtime_t)
                                        (booleanif (nscd_use_shm)
                                            (true
                                                (allow local_login_t nscd_runtime_t (sock_file (read getattr open)))
                                                (allow local_login_t nscd_runtime_t (dir (ioctl read getattr lock open search)))
                                                (dontaudit local_login_t nscd_runtime_t (file (ioctl read getattr lock open)))
                                                (allow local_login_t nscd_t (unix_stream_socket (connectto)))
                                                (allow local_login_t nscd_runtime_t (sock_file (write getattr append open)))
                                                (allow local_login_t nscd_runtime_t (dir (getattr open search)))
                                                (allow local_login_t var_run_t (dir (getattr open search)))
                                                (allow local_login_t var_t (dir (getattr open search)))
                                                (allow local_login_t var_run_t (lnk_file (read getattr)))
                                                (allow local_login_t nscd_t (fd (use)))
                                                (allow local_login_t nscd_t (nscd (getgrp gethost getpwd shmemgrp shmemhost shmempwd)))
                                                (allow local_login_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                                            )
                                            (false
                                                (allow nscd_t local_login_t (process (getattr)))
                                                (allow nscd_t local_login_t (lnk_file (read getattr)))
                                                (allow nscd_t local_login_t (file (ioctl read getattr lock open)))
                                                (allow nscd_t local_login_t (dir (ioctl read getattr lock open search)))
                                                (dontaudit local_login_t nscd_runtime_t (file (ioctl read getattr lock open)))
                                                (allow local_login_t nscd_t (unix_stream_socket (connectto)))
                                                (allow local_login_t nscd_runtime_t (sock_file (write getattr append open)))
                                                (allow local_login_t nscd_runtime_t (dir (getattr open search)))
                                                (allow local_login_t var_run_t (dir (getattr open search)))
                                                (allow local_login_t var_t (dir (getattr open search)))
                                                (allow local_login_t var_run_t (lnk_file (read getattr)))
                                                (dontaudit local_login_t nscd_t (nscd (shmemgrp shmemhost shmempwd getserv shmemserv)))
                                                (dontaudit local_login_t nscd_t (fd (use)))
                                                (allow local_login_t nscd_t (nscd (getgrp gethost getpwd)))
                                                (allow local_login_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                            )
                                        )
                                    )
                                    (optional locallogin_optional_27
                                        (typeattributeset cil_gen_require systemd_logind_t)
                                        (typeattributeset cil_gen_require systemd_sessions_runtime_t)
                                        (allow local_login_t systemd_logind_t (dbus (send_msg)))
                                        (allow systemd_logind_t local_login_t (dbus (send_msg)))
                                        (allow local_login_t systemd_logind_t (fd (use)))
                                        (allow local_login_t systemd_sessions_runtime_t (fifo_file (write)))
                                        (allow systemd_logind_t local_login_t (process (signal)))
                                    )
                                    (optional locallogin_optional_28
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require crack_db_t)
                                        (allow local_login_t var_t (dir (getattr open search)))
                                        (allow local_login_t crack_db_t (dir (getattr open search)))
                                        (allow local_login_t crack_db_t (file (ioctl read getattr lock open)))
                                        (allow local_login_t crack_db_t (dir (getattr open search)))
                                        (allow local_login_t crack_db_t (lnk_file (read getattr)))
                                    )
                                    (optional locallogin_optional_29
                                        (typeattributeset cil_gen_require tmp_t)
                                        (typeattributeset cil_gen_require xdm_t)
                                        (typeattributeset cil_gen_require xdm_tmp_t)
                                        (allow local_login_t xdm_t (key (link)))
                                        (allow local_login_t tmp_t (dir (getattr open search)))
                                        (allow local_login_t xdm_tmp_t (dir (getattr open search)))
                                        (allow local_login_t xdm_tmp_t (file (ioctl read getattr lock open)))
                                        (allow local_login_t xdm_tmp_t (dir (getattr open search)))
                                        (allow local_login_t xdm_tmp_t (file (ioctl read write getattr lock append open)))
                                        (allow local_login_t xdm_t (key (read write setattr)))
                                    )
                                    (optional locallogin_optional_30
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require etc_t)
                                        (typeattributeset cil_gen_require var_run_t)
                                        (typeattributeset cil_gen_require var_yp_t)
                                        (typeattributeset cil_gen_require netlabel_peer_t)
                                        (typeattributeset cil_gen_require netif_t)
                                        (typeattributeset cil_gen_require node_t)
                                        (typeattributeset cil_gen_require port_t)
                                        (typeattributeset cil_gen_require defined_port_type)
                                        (typeattributeset cil_gen_require reserved_port_type)
                                        (typeattributeset cil_gen_require port_type)
                                        (typeattributeset cil_gen_require portmap_port_t)
                                        (typeattributeset cil_gen_require reserved_port_t)
                                        (typeattributeset cil_gen_require portmap_client_packet_t)
                                        (typeattributeset cil_gen_require client_packet_t)
                                        (typeattributeset cil_gen_require server_packet_t)
                                        (typeattributeset cil_gen_require net_conf_t)
                                        (booleanif (allow_ypbind)
                                            (true
                                                (allow sulogin_t net_conf_t (lnk_file (read getattr)))
                                                (allow sulogin_t net_conf_t (file (ioctl read getattr lock open)))
                                                (allow sulogin_t net_conf_t (dir (ioctl read getattr lock open search)))
                                                (allow sulogin_t var_run_t (dir (getattr open search)))
                                                (allow sulogin_t var_t (dir (getattr open search)))
                                                (allow sulogin_t var_run_t (lnk_file (read getattr)))
                                                (allow sulogin_t etc_t (dir (getattr open search)))
                                                (allow sulogin_t server_packet_t (packet (recv)))
                                                (allow sulogin_t server_packet_t (packet (send)))
                                                (allow sulogin_t client_packet_t (packet (recv)))
                                                (allow sulogin_t client_packet_t (packet (send)))
                                                (allow sulogin_t portmap_client_packet_t (packet (recv)))
                                                (allow sulogin_t portmap_client_packet_t (packet (send)))
                                                (dontaudit sulogin_t port_type (tcp_socket (name_connect)))
                                                (allow sulogin_t port_t (tcp_socket (name_connect)))
                                                (allow sulogin_t reserved_port_t (tcp_socket (name_connect)))
                                                (allow sulogin_t portmap_port_t (tcp_socket (name_connect)))
                                                (dontaudit sulogin_t port_type (udp_socket (name_bind)))
                                                (dontaudit sulogin_t port_type (tcp_socket (name_bind)))
                                                (dontaudit sulogin_t reserved_port_type (udp_socket (name_bind)))
                                                (dontaudit sulogin_t reserved_port_type (tcp_socket (name_bind)))
                                                (dontaudit sulogin_t defined_port_type (udp_socket (name_bind)))
                                                (allow sulogin_t port_t (udp_socket (name_bind)))
                                                (dontaudit sulogin_t defined_port_type (tcp_socket (name_bind)))
                                                (allow sulogin_t port_t (tcp_socket (name_bind)))
                                                (allow sulogin_t node_t (udp_socket (node_bind)))
                                                (allow sulogin_t node_t (tcp_socket (node_bind)))
                                                (allow sulogin_t node_t (node (recvfrom)))
                                                (allow sulogin_t node_t (node (sendto)))
                                                (allow sulogin_t node_t (node (recvfrom sendto)))
                                                (allow sulogin_t netif_t (netif (ingress)))
                                                (allow sulogin_t netif_t (netif (egress)))
                                                (allow sulogin_t netif_t (netif (ingress egress)))
                                                (allow sulogin_t netlabel_peer_t (tcp_socket (recvfrom)))
                                                (allow sulogin_t netlabel_peer_t (udp_socket (recvfrom)))
                                                (allow sulogin_t netlabel_peer_t (rawip_socket (recvfrom)))
                                                (allow sulogin_t netlabel_peer_t (peer (recv)))
                                                (allow sulogin_t var_yp_t (lnk_file (read getattr)))
                                                (allow sulogin_t var_yp_t (file (ioctl read getattr lock open)))
                                                (allow sulogin_t var_yp_t (dir (ioctl read getattr lock open search)))
                                                (allow sulogin_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                                (allow sulogin_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                                                (allow sulogin_t self (capability (net_bind_service)))
                                            )
                                        )
                                    )
                                    (optional locallogin_optional_31
                                        (typeattributeset cil_gen_require var_t)
                                        (typeattributeset cil_gen_require var_run_t)
                                        (typeattributeset cil_gen_require nscd_t)
                                        (typeattributeset cil_gen_require nscd_runtime_t)
                                        (booleanif (nscd_use_shm)
                                            (true
                                                (allow sulogin_t nscd_runtime_t (sock_file (read getattr open)))
                                                (allow sulogin_t nscd_runtime_t (dir (ioctl read getattr lock open search)))
                                                (dontaudit sulogin_t nscd_runtime_t (file (ioctl read getattr lock open)))
                                                (allow sulogin_t nscd_t (unix_stream_socket (connectto)))
                                                (allow sulogin_t nscd_runtime_t (sock_file (write getattr append open)))
                                                (allow sulogin_t nscd_runtime_t (dir (getattr open search)))
                                                (allow sulogin_t var_run_t (dir (getattr open search)))
                                                (allow sulogin_t var_t (dir (getattr open search)))
                                                (allow sulogin_t var_run_t (lnk_file (read getattr)))
                                                (allow sulogin_t nscd_t (fd (use)))
                                                (allow sulogin_t nscd_t (nscd (getgrp gethost getpwd shmemgrp shmemhost shmempwd)))
                                                (allow sulogin_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                                            )
                                            (false
                                                (allow nscd_t sulogin_t (process (getattr)))
                                                (allow nscd_t sulogin_t (lnk_file (read getattr)))
                                                (allow nscd_t sulogin_t (file (ioctl read getattr lock open)))
                                                (allow nscd_t sulogin_t (dir (ioctl read getattr lock open search)))
                                                (dontaudit sulogin_t nscd_runtime_t (file (ioctl read getattr lock open)))
                                                (allow sulogin_t nscd_t (unix_stream_socket (connectto)))
                                                (allow sulogin_t nscd_runtime_t (sock_file (write getattr append open)))
                                                (allow sulogin_t nscd_runtime_t (dir (getattr open search)))
                                                (allow sulogin_t var_run_t (dir (getattr open search)))
                                                (allow sulogin_t var_t (dir (getattr open search)))
                                                (allow sulogin_t var_run_t (lnk_file (read getattr)))
                                                (dontaudit sulogin_t nscd_t (nscd (shmemgrp shmemhost shmempwd getserv shmemserv)))
                                                (dontaudit sulogin_t nscd_t (fd (use)))
                                                (allow sulogin_t nscd_t (nscd (getgrp gethost getpwd)))
                                                (allow sulogin_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                                            )
                                        )
                                    )
                                    (optional locallogin_optional_32
                                        (typeattributeset cil_gen_require sysfs_t)
                                        (typeattributeset cil_gen_require cgroup_types)
                                        (typeattributeset cil_gen_require cgmanager_t)
                                        (typeattributeset cil_gen_require cgmanager_cgroup_t)
                                        (allow local_login_t cgroup_types (dir (getattr open search)))
                                        (allow local_login_t cgroup_types (dir (getattr open search)))
                                        (allow local_login_t sysfs_t (dir (getattr open search)))
                                        (allow local_login_t sysfs_t (dir (getattr open search)))
                                        (allow local_login_t cgmanager_cgroup_t (dir (getattr open search)))
                                        (allow local_login_t cgmanager_cgroup_t (dir (ioctl read getattr lock open search)))
                                        (allow local_login_t cgmanager_cgroup_t (dir (getattr open search)))
                                        (allow local_login_t cgmanager_cgroup_t (sock_file (write getattr append open)))
                                        (allow local_login_t cgmanager_t (unix_stream_socket (connectto)))
                                    )
                                )
                            )
                        )
                    )
                )
            )
        )
    )
)
(filecon "/usr/bin/sulogin" file (system_u object_r sulogin_exec_t ((s0) (s0))))
(filecon "/usr/bin/sushell" file (system_u object_r sulogin_exec_t ((s0) (s0))))
(filecon "/usr/sbin/sulogin" file (system_u object_r sulogin_exec_t ((s0) (s0))))
(filecon "/usr/sbin/sushell" file (system_u object_r sulogin_exec_t ((s0) (s0))))
