(roleattribute gcc_config_roles)
(roleattributeset gcc_config_roles (portage_roles ))
(roletype gcc_config_roles gcc_config_t)
(roleattribute portage_roles)
(roletype portage_roles portage_t)
(roletype portage_roles portage_sandbox_t)
(roletype portage_roles ldconfig_t)
(roletype portage_roles setfiles_t)
(roleattribute portage_fetch_roles)
(roletype portage_fetch_roles portage_fetch_t)
(type gcc_config_t)
(roletype object_r gcc_config_t)
(type gcc_config_exec_t)
(roletype object_r gcc_config_exec_t)
(type portage_t)
(roletype object_r portage_t)
(type portage_exec_t)
(roletype object_r portage_exec_t)
(type portage_sandbox_t)
(roletype object_r portage_sandbox_t)
(type portage_fetch_t)
(roletype object_r portage_fetch_t)
(type portage_fetch_exec_t)
(roletype object_r portage_fetch_exec_t)
(type portage_devpts_t)
(roletype object_r portage_devpts_t)
(type portage_ebuild_t)
(roletype object_r portage_ebuild_t)
(type portage_fetch_tmp_t)
(roletype object_r portage_fetch_tmp_t)
(type portage_db_t)
(roletype object_r portage_db_t)
(type portage_conf_t)
(roletype object_r portage_conf_t)
(type portage_cache_t)
(roletype object_r portage_cache_t)
(type portage_gpg_t)
(roletype object_r portage_gpg_t)
(type portage_log_t)
(roletype object_r portage_log_t)
(type portage_srcrepo_t)
(roletype object_r portage_srcrepo_t)
(type portage_tmp_t)
(roletype object_r portage_tmp_t)
(type portage_tmpfs_t)
(roletype object_r portage_tmpfs_t)
(type gcc_config_tmp_t)
(roletype object_r gcc_config_tmp_t)
(typeattribute portage_eselect_domain)
(boolean portage_use_nfs false)
(boolean portage_read_user_content false)
(boolean portage_mount_fs false)
(boolean portage_enable_test false)
(roleattributeset cil_gen_require system_r)
(roleattributeset cil_gen_require gcc_config_roles)
(roleattributeset gcc_config_roles (portage_roles ))
(roletype gcc_config_roles gcc_config_t)
(roleattributeset cil_gen_require semanage_roles)
(roleattributeset semanage_roles (portage_roles ))
(typeattributeset cil_gen_require gcc_config_t)
(typeattributeset cil_gen_require gcc_config_exec_t)
(typeattributeset cil_gen_require application_domain_type)
(typeattributeset application_domain_type (gcc_config_t portage_t portage_sandbox_t portage_fetch_t ))
(typeattributeset cil_gen_require domain)
(typeattributeset domain (gcc_config_t portage_t portage_sandbox_t portage_fetch_t ))
(typeattributeset cil_gen_require security_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require selinux_config_t)
(typeattributeset cil_gen_require application_exec_type)
(typeattributeset application_exec_type (gcc_config_exec_t portage_exec_t portage_fetch_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t bin_t ))
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t portage_ebuild_t portage_fetch_tmp_t portage_db_t portage_conf_t portage_cache_t portage_gpg_t portage_log_t portage_srcrepo_t portage_tmp_t portage_tmpfs_t bin_t gcc_config_tmp_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t portage_ebuild_t portage_fetch_tmp_t portage_db_t portage_conf_t portage_cache_t portage_gpg_t portage_log_t portage_srcrepo_t portage_tmp_t portage_tmpfs_t bin_t gcc_config_tmp_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t portage_ebuild_t portage_fetch_tmp_t portage_db_t portage_conf_t portage_cache_t portage_gpg_t portage_log_t portage_srcrepo_t portage_tmp_t portage_tmpfs_t bin_t gcc_config_tmp_t ))
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t bin_t ))
(typeattributeset cil_gen_require portage_t)
(typeattributeset cil_gen_require portage_exec_t)
(typeattributeset cil_gen_require can_change_object_identity)
(typeattributeset can_change_object_identity (portage_t portage_sandbox_t ))
(typeattributeset cil_gen_require rsync_exec_t)
(typeattributeset cil_gen_require shell_exec_t)
(typeattributeset cil_gen_require portage_sandbox_t)
(typeattributeset cil_gen_require portage_devpts_t)
(typeattributeset cil_gen_require ptynode)
(typeattributeset ptynode (portage_devpts_t ))
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require device_node)
(typeattributeset device_node (portage_devpts_t ))
(typeattributeset cil_gen_require mountpoint)
(typeattributeset mountpoint (portage_ebuild_t ))
(typeattributeset cil_gen_require tmpfile)
(typeattributeset tmpfile (portage_fetch_tmp_t portage_tmp_t gcc_config_tmp_t ))
(typeattributeset cil_gen_require polymember)
(typeattributeset polymember (portage_fetch_tmp_t portage_tmp_t gcc_config_tmp_t ))
(typeattributeset cil_gen_require portage_conf_t)
(typeattributeset cil_gen_require portage_log_t)
(typeattributeset cil_gen_require logfile)
(typeattributeset logfile (portage_log_t ))
(typeattributeset cil_gen_require tmp_t)
(typeattributeset cil_gen_require tmpfs_t)
(typeattributeset cil_gen_require portage_srcrepo_t)
(typeattributeset cil_gen_require portage_tmp_t)
(typeattributeset cil_gen_require portage_tmpfs_t)
(typeattributeset cil_gen_require tmpfsfile)
(typeattributeset tmpfsfile (portage_tmpfs_t ))
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require etc_runtime_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require var_lib_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require initrc_state_t)
(typeattributeset cil_gen_require lib_t)
(typeattributeset cil_gen_require ldconfig_t)
(typeattributeset cil_gen_require ldconfig_exec_t)
(typeattributeset cil_gen_require textrel_shlib_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require locale_t)
(typeattributeset cil_gen_require fixed_disk_device_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require user_tty_device_t)
(typeattributeset cil_gen_require rc_exec_t)
(typeattributeset cil_gen_require nfs_t)
(typeattributeset cil_gen_require var_log_t)
(typeattributeset cil_gen_require kernel_t)
(typeattributeset cil_gen_require can_read_shadow_passwords)
(typeattributeset can_read_shadow_passwords (portage_t ))
(typeattributeset cil_gen_require can_write_shadow_passwords)
(typeattributeset can_write_shadow_passwords (portage_t ))
(typeattributeset cil_gen_require shadow_t)
(typeattributeset cil_gen_require shadow_history_t)
(typeattributeset cil_gen_require shadow_lock_t)
(typeattributeset cil_gen_require init_exec_t)
(typeattributeset cil_gen_require fonts_t)
(typeattributeset cil_gen_require fonts_cache_t)
(typeattributeset cil_gen_require setfiles_t)
(typeattributeset cil_gen_require setfiles_exec_t)
(typeattributeset cil_gen_require semanage_t)
(typeattributeset cil_gen_require semanage_exec_t)
(typeattributeset cil_gen_require bsdpty_device_t)
(typeattributeset cil_gen_require ptmx_t)
(typeattributeset cil_gen_require proc_net_t)
(typeattributeset cil_gen_require proc_mdstat_t)
(typeattributeset cil_gen_require proc_kcore_t)
(typeattributeset cil_gen_require proc_kmsg_t)
(typeattributeset cil_gen_require netlabel_peer_t)
(typeattributeset cil_gen_require netif_t)
(typeattributeset cil_gen_require node_t)
(typeattributeset cil_gen_require reserved_port_type)
(typeattributeset cil_gen_require distccd_port_t)
(typeattributeset cil_gen_require git_port_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require urandom_device_t)
(typeattributeset cil_gen_require src_t)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require noxattrfs)
(typeattributeset cil_gen_require autofs_t)
(typeattributeset cil_gen_require ld_so_t)
(typeattributeset cil_gen_require default_context_t)
(typeattributeset cil_gen_require file_context_t)
(typeattributeset cil_gen_require http_cache_port_t)
(typeattributeset cil_gen_require rsync_port_t)
(typeattributeset cil_gen_require http_client_packet_t)
(typeattributeset cil_gen_require http_cache_client_packet_t)
(typeattributeset cil_gen_require git_client_packet_t)
(typeattributeset cil_gen_require rsync_client_packet_t)
(typeattributeset cil_gen_require port_t)
(typeattributeset cil_gen_require unreserved_port_type)
(typeattributeset cil_gen_require nsswitch_domain)
(typeattributeset nsswitch_domain (portage_t portage_sandbox_t portage_fetch_t ))
(typeattributeset cil_gen_require cert_t)
(typeattributeset cil_gen_require user_home_dir_t)
(typeattributeset cil_gen_require user_home_t)
(typeattributeset cil_gen_require home_root_t)
(typeattributeset cil_gen_require autofs_device_t)
(typeattributeset cil_gen_require xdg_config_t)
(typeattributeset cil_gen_require sysctl_vm_overcommit_t)
(typeattributeset cil_gen_require sysctl_vm_t)
(typeattributeset cil_gen_require mlsfileread)
(typeattributeset mlsfileread (portage_t ))
(typeattributeset cil_gen_require mlsfilewrite)
(typeattributeset mlsfilewrite (portage_t ))
(typeattributeset cil_gen_require mlsfileupgrade)
(typeattributeset mlsfileupgrade (portage_t ))
(typeattributeset cil_gen_require mlsfiledowngrade)
(typeattributeset mlsfiledowngrade (portage_t ))
(typeattributeset cil_gen_require xserver_misc_device_t)
(typeattributeset cil_gen_require cgroup_types)
(typeattributeset cil_gen_require ld_so_cache_t)
(typeattributeset cil_gen_require zero_device_t)
(allow gcc_config_t gcc_config_exec_t (file (entrypoint)))
(allow gcc_config_t gcc_config_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_t portage_exec_t (file (entrypoint)))
(allow portage_t portage_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_t rsync_exec_t (file (entrypoint)))
(allow portage_t rsync_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_t shell_exec_t (file (entrypoint)))
(allow portage_t shell_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_sandbox_t portage_exec_t (file (entrypoint)))
(allow portage_sandbox_t portage_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_sandbox_t shell_exec_t (file (entrypoint)))
(allow portage_sandbox_t shell_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_fetch_t portage_fetch_exec_t (file (entrypoint)))
(allow portage_fetch_t portage_fetch_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_fetch_t shell_exec_t (file (entrypoint)))
(allow portage_fetch_t shell_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_fetch_t rsync_exec_t (file (entrypoint)))
(allow portage_fetch_t rsync_exec_t (file (ioctl read getattr lock map execute open)))
(allow portage_devpts_t devpts_t (filesystem (associate)))
(allow portage_log_t tmp_t (filesystem (associate)))
(allow portage_log_t tmpfs_t (filesystem (associate)))
(allow gcc_config_t self (capability (chown fsetid)))
(allow gcc_config_t self (fifo_file (ioctl read write getattr lock append open)))
(allow gcc_config_t self (process (getsched)))
(allow gcc_config_t portage_cache_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t portage_cache_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t portage_conf_t (dir (getattr open search)))
(allow gcc_config_t portage_conf_t (file (ioctl read getattr lock open)))
(allow gcc_config_t portage_ebuild_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t portage_ebuild_t (dir (getattr open search)))
(allow gcc_config_t portage_ebuild_t (file (ioctl read getattr lock open)))
(allow gcc_config_t portage_devpts_t (chr_file (ioctl read write getattr append)))
(allow gcc_config_t portage_exec_t (file (ioctl read getattr map execute open)))
(allow gcc_config_t proc_t (dir (getattr open search)))
(allow gcc_config_t proc_t (file (ioctl read getattr lock open)))
(allow gcc_config_t proc_t (dir (getattr open search)))
(allow gcc_config_t proc_t (lnk_file (read getattr)))
(allow gcc_config_t proc_t (dir (getattr open search)))
(allow gcc_config_t proc_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t proc_t (dir (getattr open search)))
(allow gcc_config_t sysctl_t (dir (getattr open search)))
(allow gcc_config_t sysctl_kernel_t (dir (getattr open search)))
(allow gcc_config_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow gcc_config_t proc_t (dir (getattr open search)))
(allow gcc_config_t sysctl_t (dir (getattr open search)))
(allow gcc_config_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t bin_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t bin_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t bin_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t bin_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow gcc_config_t sysfs_t (dir (getattr open search)))
(allow gcc_config_t sysfs_t (file (ioctl read getattr lock open)))
(allow gcc_config_t sysfs_t (dir (getattr open search)))
(allow gcc_config_t sysfs_t (lnk_file (read getattr)))
(allow gcc_config_t sysfs_t (dir (getattr open search)))
(allow gcc_config_t sysfs_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t privfd (fd (use)))
(allow gcc_config_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t etc_t (dir (getattr open search)))
(allow gcc_config_t etc_t (lnk_file (read getattr)))
(allow gcc_config_t etc_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t etc_t (dir (getattr open search)))
(allow gcc_config_t etc_runtime_t (file (ioctl read write getattr lock append open)))
(allow gcc_config_t usr_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t usr_t (file (ioctl read getattr lock open)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t usr_t (lnk_file (read getattr)))
(allow gcc_config_t var_t (dir (getattr open search)))
(allow gcc_config_t var_lib_t (dir (getattr open search)))
(allow gcc_config_t var_run_t (lnk_file (read getattr)))
(allow gcc_config_t var_t (dir (getattr open search)))
(allow gcc_config_t var_run_t (dir (getattr open search)))
(allow gcc_config_t file_type (dir (ioctl read getattr lock open search)))
(dontaudit gcc_config_t initrc_state_t (dir (getattr open search)))
(dontaudit gcc_config_t initrc_state_t (file (ioctl read getattr lock open)))
(allow gcc_config_t usr_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t lib_t (dir (getattr open search)))
(allow gcc_config_t lib_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t lib_t (dir (getattr open search)))
(allow gcc_config_t lib_t (file (ioctl read getattr lock open)))
(allow gcc_config_t lib_t (dir (getattr open search)))
(allow gcc_config_t lib_t (lnk_file (read getattr)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t ldconfig_exec_t (file (ioctl read getattr map execute open)))
(allow gcc_config_t ldconfig_t (process (transition)))
(dontaudit gcc_config_t ldconfig_t (process (noatsecure siginh rlimitinh)))
(typetransition gcc_config_t ldconfig_exec_t process ldconfig_t)
(allow ldconfig_t gcc_config_t (fd (use)))
(allow ldconfig_t gcc_config_t (fifo_file (ioctl read write getattr lock append)))
(allow ldconfig_t gcc_config_t (process (sigchld)))
(allow gcc_config_t lib_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t lib_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t textrel_shlib_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t lib_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow gcc_config_t lib_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t lib_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow gcc_config_t devlog_t (sock_file (write getattr append open)))
(allow gcc_config_t var_run_t (lnk_file (read getattr)))
(allow gcc_config_t var_t (dir (getattr open search)))
(allow gcc_config_t var_run_t (dir (getattr open search)))
(allow gcc_config_t init_runtime_t (dir (getattr open search)))
(allow gcc_config_t syslogd_runtime_t (dir (getattr open search)))
(allow gcc_config_t syslogd_t (unix_dgram_socket (sendto)))
(allow gcc_config_t syslogd_t (unix_stream_socket (connectto)))
(allow gcc_config_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow gcc_config_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow gcc_config_t device_t (dir (getattr open search)))
(allow gcc_config_t device_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t device_t (dir (getattr open search)))
(allow gcc_config_t device_t (lnk_file (read getattr)))
(allow gcc_config_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit gcc_config_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow gcc_config_t etc_t (dir (getattr open search)))
(allow gcc_config_t etc_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t locale_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t locale_t (dir (getattr open search)))
(allow gcc_config_t locale_t (file (ioctl read getattr lock open)))
(allow gcc_config_t locale_t (dir (getattr open search)))
(allow gcc_config_t locale_t (lnk_file (read getattr)))
(allow gcc_config_t locale_t (file (map)))
(allow gcc_config_t device_t (dir (getattr open search)))
(allow gcc_config_t device_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t device_t (dir (getattr open search)))
(allow gcc_config_t device_t (lnk_file (read getattr)))
(allow gcc_config_t fixed_disk_device_t (blk_file (getattr)))
(allow gcc_config_t fixed_disk_device_t (chr_file (getattr)))
(allow gcc_config_t device_t (dir (getattr open search)))
(allow gcc_config_t device_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t device_t (dir (getattr open search)))
(allow gcc_config_t device_t (lnk_file (read getattr)))
(allow gcc_config_t devpts_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow gcc_config_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(allow gcc_config_t bin_t (dir (getattr open search)))
(allow gcc_config_t bin_t (lnk_file (read getattr)))
(allow gcc_config_t usr_t (dir (getattr open search)))
(allow gcc_config_t rc_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_t self (process (setfscreate)))
(allow portage_t self (capability (kill sys_nice setfcap)))
(allow portage_t self (netlink_route_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_write)))
(allow portage_t portage_conf_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_t portage_log_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t var_t (dir (getattr open search)))
(allow portage_t var_log_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_t var_log_t file portage_log_t)
(allow portage_t var_log_t (lnk_file (read getattr)))
(allow portage_t portage_sandbox_t (process (signal)))
(allow portage_t portage_fetch_t (process (signal)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (dir (ioctl read getattr lock open search)))
(allow portage_t shell_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t portage_fetch_t (process (transition)))
(dontaudit portage_t portage_fetch_t (process (noatsecure siginh rlimitinh)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t rsync_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t portage_fetch_t (process (transition)))
(dontaudit portage_t portage_fetch_t (process (noatsecure siginh rlimitinh)))
(typetransition portage_t rsync_exec_t process portage_fetch_t)
(allow portage_fetch_t portage_t (fd (use)))
(allow portage_fetch_t portage_t (fifo_file (ioctl read write getattr lock append open)))
(allow portage_fetch_t portage_t (process (sigchld)))
(allow portage_t self (process (setexec)))
(allow portage_t portage_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t portage_sandbox_t (process (transition)))
(dontaudit portage_t portage_sandbox_t (process (noatsecure siginh rlimitinh)))
(allow portage_sandbox_t portage_t (fd (use)))
(allow portage_sandbox_t portage_t (fifo_file (ioctl read write getattr lock append)))
(allow portage_sandbox_t portage_t (process (sigchld)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (dir (ioctl read getattr lock open search)))
(allow portage_t shell_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t portage_sandbox_t (process (transition)))
(dontaudit portage_t portage_sandbox_t (process (noatsecure siginh rlimitinh)))
(allow portage_t portage_tmp_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(dontaudit portage_t kernel_t (system (module_request)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (file (ioctl write getattr lock append open)))
(dontaudit portage_t domain (dir (ioctl read getattr lock open search)))
(dontaudit portage_t domain (lnk_file (read getattr)))
(dontaudit portage_t domain (file (ioctl read getattr lock open)))
(dontaudit portage_t domain (sock_file (read getattr open)))
(dontaudit portage_t domain (fifo_file (ioctl read getattr lock open)))
(allow portage_t file_type (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t file_type (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_t file_type (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t file_type (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t file_type (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t file_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_t file_type (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t file_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t file_type (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t file_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t usr_t (file (map)))
(allow portage_t portage_ebuild_t (file (map)))
(allow portage_t security_t (filesystem (getattr)))
(allow portage_t sysfs_t (filesystem (getattr)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (file (ioctl read getattr lock open)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (lnk_file (read getattr)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t shadow_history_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t shadow_lock_t (dir (getattr open search)))
(allow portage_t shadow_lock_t (file (ioctl read write getattr lock append open)))
(allow portage_t shadow_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t init_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t ldconfig_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t ldconfig_t (process (transition)))
(dontaudit portage_t ldconfig_t (process (noatsecure siginh rlimitinh)))
(typetransition portage_t ldconfig_exec_t process ldconfig_t)
(allow ldconfig_t portage_t (fd (use)))
(allow ldconfig_t portage_t (fifo_file (ioctl read write getattr lock append)))
(allow ldconfig_t portage_t (process (sigchld)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t etc_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t locale_t (dir (ioctl read getattr lock open search)))
(allow portage_t locale_t (dir (getattr open search)))
(allow portage_t locale_t (file (ioctl read getattr lock open)))
(allow portage_t locale_t (dir (getattr open search)))
(allow portage_t locale_t (lnk_file (read getattr)))
(allow portage_t locale_t (file (map)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t fonts_t (dir (ioctl read getattr lock open search)))
(allow portage_t fonts_t (dir (getattr open search)))
(allow portage_t fonts_t (file (ioctl read getattr lock open)))
(allow portage_t fonts_t (file (map)))
(allow portage_t fonts_t (dir (getattr open search)))
(allow portage_t fonts_t (lnk_file (read getattr)))
(allow portage_t fonts_cache_t (dir (ioctl read getattr lock open search)))
(allow portage_t fonts_cache_t (dir (getattr open search)))
(allow portage_t fonts_cache_t (file (ioctl read getattr lock open)))
(allow portage_t fonts_cache_t (file (map)))
(allow portage_t fonts_cache_t (dir (getattr open search)))
(allow portage_t fonts_cache_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t setfiles_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t setfiles_t (process (transition)))
(dontaudit portage_t setfiles_t (process (noatsecure siginh rlimitinh)))
(typetransition portage_t setfiles_exec_t process setfiles_t)
(allow setfiles_t portage_t (fd (use)))
(allow setfiles_t portage_t (fifo_file (ioctl read write getattr lock append)))
(allow setfiles_t portage_t (process (sigchld)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t semanage_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t semanage_t (process (transition)))
(dontaudit portage_t semanage_t (process (noatsecure siginh rlimitinh)))
(typetransition portage_t semanage_exec_t process semanage_t)
(allow semanage_t portage_t (fd (use)))
(allow semanage_t portage_t (fifo_file (ioctl read write getattr lock append)))
(allow semanage_t portage_t (process (sigchld)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t gcc_config_exec_t (file (ioctl read getattr map execute open)))
(allow portage_t gcc_config_t (process (transition)))
(dontaudit portage_t gcc_config_t (process (noatsecure siginh rlimitinh)))
(typetransition portage_t gcc_config_exec_t process gcc_config_t)
(allow gcc_config_t portage_t (fd (use)))
(allow gcc_config_t portage_t (fifo_file (ioctl read write getattr lock append)))
(allow gcc_config_t portage_t (process (sigchld)))
(allow portage_t gcc_config_t (process2 (nnp_transition)))
(allow portage_t self (capability (chown dac_override dac_read_search fowner fsetid setgid setuid net_raw mknod)))
(dontaudit portage_t self (capability (sys_chroot)))
(allow portage_t self (process (transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh setrlimit rlimitinh dyntransition execmem setkeycreate setsockcreate getrlimit)))
(allow portage_t self (fd (use)))
(allow portage_t self (fifo_file (ioctl read write getattr lock append open)))
(allow portage_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow portage_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow portage_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow portage_t self (msg (send receive)))
(allow portage_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow portage_t self (unix_dgram_socket (sendto)))
(allow portage_t self (unix_stream_socket (connectto)))
(allow portage_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow portage_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_t self (rawip_socket (ioctl create)))
(allow portage_t self (netlink_selinux_socket (read create bind)))
(allow portage_t self (dbus (send_msg)))
(allow portage_t portage_devpts_t (chr_file (ioctl read write getattr setattr lock append open)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t device_t (lnk_file (read getattr)))
(allow portage_t ptmx_t (chr_file (ioctl read write getattr lock append open)))
(allow portage_t devpts_t (dir (ioctl read getattr lock open search)))
(allow portage_t devpts_t (filesystem (getattr)))
(dontaudit portage_t bsdpty_device_t (chr_file (read write getattr)))
(typetransition portage_t devpts_t chr_file portage_devpts_t)
(allow portage_t portage_log_t (dir (setattr)))
(allow portage_t portage_log_t (file (ioctl write getattr setattr lock append open)))
(allow portage_t portage_srcrepo_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_srcrepo_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_t portage_srcrepo_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_srcrepo_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t portage_srcrepo_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_srcrepo_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_t portage_srcrepo_t (file (map)))
(allow portage_sandbox_t portage_tmp_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmp_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmp_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmp_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_t tmp_t fifo_file portage_tmp_t)
(typetransition portage_t tmp_t sock_file portage_tmp_t)
(typetransition portage_t tmp_t lnk_file portage_tmp_t)
(typetransition portage_t tmp_t dir portage_tmp_t)
(typetransition portage_t tmp_t file portage_tmp_t)
(allow portage_t portage_tmp_t (file (getattr relabelfrom relabelto map)))
(allow portage_t portage_tmp_t (dir (getattr relabelfrom relabelto)))
(allow portage_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmpfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmpfs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmpfs_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t portage_tmpfs_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_t portage_tmpfs_t (file (map)))
(allow portage_tmpfs_t tmpfs_t (filesystem (associate)))
(allow portage_t tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_t tmpfs_t fifo_file portage_tmpfs_t)
(typetransition portage_t tmpfs_t sock_file portage_tmpfs_t)
(typetransition portage_t tmpfs_t lnk_file portage_tmpfs_t)
(typetransition portage_t tmpfs_t dir portage_tmpfs_t)
(typetransition portage_t tmpfs_t file portage_tmpfs_t)
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (file (ioctl read getattr lock open)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (lnk_file (read getattr)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_net_t (dir (getattr open search)))
(allow portage_t proc_net_t (file (ioctl read getattr lock open)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_net_t (dir (getattr open search)))
(allow portage_t proc_net_t (lnk_file (read getattr)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_net_t (dir (ioctl read getattr lock open search)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_mdstat_t (file (ioctl read getattr lock open)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_kcore_t (file (getattr)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_kmsg_t (file (getattr)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t sysctl_t (dir (getattr open search)))
(allow portage_t sysctl_kernel_t (dir (getattr open search)))
(allow portage_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t sysctl_t (dir (getattr open search)))
(allow portage_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (dir (ioctl read getattr lock open search)))
(allow portage_t exec_type (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t exec_type (lnk_file (read getattr)))
(allow portage_t netlabel_peer_t (peer (recv)))
(allow portage_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow portage_t netlabel_peer_t (udp_socket (recvfrom)))
(allow portage_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow portage_t netif_t (netif (ingress egress)))
(allow portage_t netif_t (netif (egress)))
(allow portage_t netif_t (netif (ingress)))
(allow portage_t netif_t (netif (egress)))
(allow portage_t netif_t (netif (ingress)))
(allow portage_t node_t (node (recvfrom sendto)))
(allow portage_t node_t (node (sendto)))
(allow portage_t node_t (node (recvfrom)))
(allow portage_t node_t (node (sendto)))
(allow portage_t node_t (node (recvfrom)))
(allow portage_t reserved_port_type (tcp_socket (name_connect)))
(allow portage_t distccd_port_t (tcp_socket (name_connect)))
(allow portage_t git_port_t (tcp_socket (name_connect)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (file (ioctl read getattr lock open)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (lnk_file (read getattr)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (dir (ioctl read getattr lock open search)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_t privfd (fd (use)))
(dontaudit portage_t domain (dir (ioctl read getattr lock open search)))
(dontaudit portage_t domain (lnk_file (read getattr)))
(dontaudit portage_t domain (file (ioctl read getattr lock open)))
(dontaudit portage_t domain (sock_file (read getattr open)))
(dontaudit portage_t domain (fifo_file (ioctl read getattr lock open)))
(allow portage_t etc_t (dir (ioctl read getattr lock open search)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t etc_t (lnk_file (read getattr)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t etc_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t src_t (dir (ioctl read getattr lock open search)))
(allow portage_t src_t (dir (getattr open search)))
(allow portage_t src_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_t src_t (dir (getattr open search)))
(allow portage_t src_t (lnk_file (read getattr)))
(allow portage_t usr_t (file (map)))
(allow portage_t tmpfs_t (filesystem (getattr)))
(allow portage_t fs_t (filesystem (getattr)))
(allow portage_t noxattrfs (dir (ioctl read getattr lock open search)))
(allow portage_t noxattrfs (dir (ioctl read getattr lock open search)))
(allow portage_t noxattrfs (dir (getattr open search)))
(allow portage_t noxattrfs (file (ioctl read getattr lock open)))
(allow portage_t noxattrfs (dir (ioctl read getattr lock open search)))
(allow portage_t noxattrfs (dir (getattr open search)))
(allow portage_t noxattrfs (lnk_file (read getattr)))
(allow portage_t autofs_t (dir (getattr open search)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t security_t (dir (ioctl read getattr lock open search)))
(allow portage_t security_t (file (ioctl read write getattr map open)))
(allow portage_t security_t (security (check_context)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_t security_t (dir (ioctl read getattr lock open search)))
(allow portage_t security_t (file (ioctl read write getattr map open)))
(allow portage_t security_t (security (compute_av)))
(allow portage_t non_auth_file_type (dir (ioctl read getattr lock open search)))
(allow portage_t non_auth_file_type (dir (getattr open search)))
(allow portage_t non_auth_file_type (file (ioctl read getattr lock open)))
(allow portage_t non_auth_file_type (dir (getattr open search)))
(allow portage_t non_auth_file_type (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t lib_t (dir (ioctl read getattr lock open search)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t lib_t (lnk_file (read getattr)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t lib_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_t lib_t (dir (ioctl read getattr lock open search)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t lib_t (lnk_file (read getattr)))
(allow portage_t ld_so_t (lnk_file (read getattr)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t ld_so_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t ldconfig_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_t devlog_t (sock_file (write getattr append open)))
(allow portage_t var_run_t (lnk_file (read getattr)))
(allow portage_t var_t (dir (getattr open search)))
(allow portage_t var_run_t (dir (getattr open search)))
(allow portage_t init_runtime_t (dir (getattr open search)))
(allow portage_t syslogd_runtime_t (dir (getattr open search)))
(allow portage_t syslogd_t (unix_dgram_socket (sendto)))
(allow portage_t syslogd_t (unix_stream_socket (connectto)))
(allow portage_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t device_t (lnk_file (read getattr)))
(allow portage_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit portage_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t etc_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t locale_t (dir (ioctl read getattr lock open search)))
(allow portage_t locale_t (dir (getattr open search)))
(allow portage_t locale_t (file (ioctl read getattr lock open)))
(allow portage_t locale_t (dir (getattr open search)))
(allow portage_t locale_t (lnk_file (read getattr)))
(allow portage_t locale_t (file (map)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t device_t (lnk_file (read getattr)))
(allow portage_t devpts_t (dir (ioctl read getattr lock open search)))
(allow portage_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow portage_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(allow portage_t security_t (filesystem (getattr)))
(allow portage_t sysfs_t (filesystem (getattr)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t sysfs_t (dir (getattr open search)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (file (ioctl read getattr lock open)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (lnk_file (read getattr)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow portage_t selinux_config_t (dir (getattr open search)))
(allow portage_t selinux_config_t (file (ioctl read getattr lock open)))
(allow portage_t selinux_config_t (dir (getattr open search)))
(allow portage_t selinux_config_t (lnk_file (read getattr)))
(allow portage_t etc_t (dir (getattr open search)))
(allow portage_t selinux_config_t (dir (getattr open search)))
(allow portage_t default_context_t (dir (getattr open search)))
(allow portage_t file_context_t (dir (getattr open search)))
(allow portage_t file_context_t (file (ioctl read getattr lock open)))
(allow portage_t file_context_t (file (map)))
(allow portage_t tmpfs_t (filesystem (getattr)))
(allow portage_fetch_t self (process (signal)))
(allow portage_fetch_t self (capability (chown dac_override dac_read_search fowner fsetid)))
(allow portage_fetch_t self (fifo_file (ioctl read write getattr lock append open)))
(allow portage_fetch_t self (tcp_socket (listen accept)))
(allow portage_fetch_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown connectto)))
(dontaudit portage_fetch_t portage_cache_t (file (read)))
(allow portage_fetch_t portage_conf_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t portage_devpts_t (chr_file (ioctl read write getattr setattr lock append open)))
(allow portage_fetch_t portage_gpg_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_gpg_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_fetch_t portage_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch add_name remove_name reparent search rmdir)))
(allow portage_fetch_t portage_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_fetch_t portage_tmp_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_fetch_t portage_conf_t (dir (getattr open search)))
(allow portage_fetch_t portage_conf_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_ebuild_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_fetch_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_ebuild_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_fetch_t portage_fetch_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_fetch_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_fetch_t portage_fetch_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_fetch_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_fetch_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_fetch_t tmp_t dir portage_fetch_tmp_t)
(typetransition portage_fetch_t tmp_t file portage_fetch_tmp_t)
(allow portage_fetch_t portage_fetch_tmp_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_fetch_t proc_t (dir (getattr open search)))
(allow portage_fetch_t proc_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t proc_t (dir (getattr open search)))
(allow portage_fetch_t proc_t (lnk_file (read getattr)))
(allow portage_fetch_t proc_t (dir (getattr open search)))
(allow portage_fetch_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t proc_t (dir (getattr open search)))
(allow portage_fetch_t sysctl_t (dir (getattr open search)))
(allow portage_fetch_t sysctl_kernel_t (dir (getattr open search)))
(allow portage_fetch_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t proc_t (dir (getattr open search)))
(allow portage_fetch_t sysctl_t (dir (getattr open search)))
(allow portage_fetch_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t bin_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (lnk_file (read getattr)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_fetch_t bin_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (lnk_file (read getattr)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_fetch_t netlabel_peer_t (peer (recv)))
(allow portage_fetch_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow portage_fetch_t netlabel_peer_t (udp_socket (recvfrom)))
(allow portage_fetch_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow portage_fetch_t netif_t (netif (ingress egress)))
(allow portage_fetch_t node_t (node (recvfrom sendto)))
(allow portage_fetch_t http_cache_port_t (tcp_socket (name_connect)))
(allow portage_fetch_t git_port_t (tcp_socket (name_connect)))
(allow portage_fetch_t rsync_port_t (tcp_socket (name_connect)))
(allow portage_fetch_t http_client_packet_t (packet (send)))
(allow portage_fetch_t http_client_packet_t (packet (recv)))
(allow portage_fetch_t http_cache_client_packet_t (packet (send)))
(allow portage_fetch_t http_cache_client_packet_t (packet (recv)))
(allow portage_fetch_t git_client_packet_t (packet (send)))
(allow portage_fetch_t git_client_packet_t (packet (recv)))
(allow portage_fetch_t rsync_client_packet_t (packet (send)))
(allow portage_fetch_t rsync_client_packet_t (packet (recv)))
(allow portage_fetch_t reserved_port_type (tcp_socket (name_connect)))
(allow portage_fetch_t port_t (tcp_socket (name_connect)))
(allow portage_fetch_t unreserved_port_type (tcp_socket (name_connect)))
(allow portage_fetch_t node_t (udp_socket (node_bind)))
(allow portage_fetch_t unreserved_port_type (udp_socket (name_bind)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_fetch_t privfd (fd (use)))
(allow portage_fetch_t etc_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t etc_t (dir (getattr open search)))
(allow portage_fetch_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t etc_t (dir (getattr open search)))
(allow portage_fetch_t etc_runtime_t (lnk_file (read getattr)))
(allow portage_fetch_t usr_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t usr_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t usr_t (lnk_file (read getattr)))
(dontaudit portage_fetch_t var_run_t (lnk_file (read getattr)))
(dontaudit portage_fetch_t var_run_t (dir (getattr open search)))
(allow portage_fetch_t autofs_t (dir (getattr open search)))
(allow portage_fetch_t var_t (dir (getattr open search)))
(allow portage_fetch_t var_log_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t var_log_t (lnk_file (read getattr)))
(dontaudit portage_fetch_t var_log_t (dir (getattr open search)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t device_t (lnk_file (read getattr)))
(allow portage_fetch_t devpts_t (dir (getattr open search)))
(allow portage_fetch_t cert_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t cert_t (dir (getattr open search)))
(allow portage_fetch_t cert_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t cert_t (dir (getattr open search)))
(allow portage_fetch_t cert_t (lnk_file (read getattr)))
(allow portage_fetch_t etc_t (dir (getattr open search)))
(allow portage_fetch_t etc_t (lnk_file (read getattr)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t locale_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t locale_t (dir (getattr open search)))
(allow portage_fetch_t locale_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t locale_t (dir (getattr open search)))
(allow portage_fetch_t locale_t (lnk_file (read getattr)))
(allow portage_fetch_t locale_t (file (map)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t device_t (lnk_file (read getattr)))
(allow portage_fetch_t devpts_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow portage_fetch_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(allow portage_fetch_t bin_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (lnk_file (read getattr)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t rsync_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_sandbox_t self (capability (setfcap)))
(allow portage_sandbox_t self (process (ptrace)))
(dontaudit portage_sandbox_t self (netlink_route_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_write)))
(dontaudit portage_sandbox_t portage_cache_t (dir (setattr)))
(dontaudit portage_sandbox_t portage_cache_t (file (write setattr)))
(allow portage_sandbox_t portage_log_t (file (ioctl create getattr setattr lock append unlink open)))
(allow portage_sandbox_t var_t (dir (getattr open search)))
(allow portage_sandbox_t var_log_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_sandbox_t var_log_t file portage_log_t)
(allow portage_sandbox_t var_log_t (lnk_file (read getattr)))
(allow portage_sandbox_t portage_tmp_t (dir (watch)))
(allow portage_sandbox_t self (capability (chown dac_override dac_read_search fowner fsetid setgid setuid net_raw mknod)))
(dontaudit portage_sandbox_t self (capability (sys_chroot)))
(allow portage_sandbox_t self (process (transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh setrlimit rlimitinh dyntransition execmem setkeycreate setsockcreate getrlimit)))
(allow portage_sandbox_t self (fd (use)))
(allow portage_sandbox_t self (fifo_file (ioctl read write getattr lock append open)))
(allow portage_sandbox_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow portage_sandbox_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow portage_sandbox_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow portage_sandbox_t self (msg (send receive)))
(allow portage_sandbox_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_sandbox_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow portage_sandbox_t self (unix_dgram_socket (sendto)))
(allow portage_sandbox_t self (unix_stream_socket (connectto)))
(allow portage_sandbox_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow portage_sandbox_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_sandbox_t self (rawip_socket (ioctl create)))
(allow portage_sandbox_t self (netlink_selinux_socket (read create bind)))
(allow portage_sandbox_t self (dbus (send_msg)))
(allow portage_sandbox_t portage_devpts_t (chr_file (ioctl read write getattr setattr lock append open)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t device_t (lnk_file (read getattr)))
(allow portage_sandbox_t ptmx_t (chr_file (ioctl read write getattr lock append open)))
(allow portage_sandbox_t devpts_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t devpts_t (filesystem (getattr)))
(dontaudit portage_sandbox_t bsdpty_device_t (chr_file (read write getattr)))
(typetransition portage_sandbox_t devpts_t chr_file portage_devpts_t)
(allow portage_sandbox_t portage_log_t (dir (setattr)))
(allow portage_sandbox_t portage_log_t (file (ioctl write getattr setattr lock append open)))
(allow portage_sandbox_t portage_srcrepo_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_srcrepo_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_sandbox_t portage_srcrepo_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_srcrepo_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t portage_srcrepo_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_srcrepo_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_sandbox_t portage_srcrepo_t (file (map)))
(allow portage_sandbox_t portage_tmp_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_sandbox_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_sandbox_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmp_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_sandbox_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmp_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t portage_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmp_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_sandbox_t tmp_t fifo_file portage_tmp_t)
(typetransition portage_sandbox_t tmp_t sock_file portage_tmp_t)
(typetransition portage_sandbox_t tmp_t lnk_file portage_tmp_t)
(typetransition portage_sandbox_t tmp_t dir portage_tmp_t)
(typetransition portage_sandbox_t tmp_t file portage_tmp_t)
(allow portage_sandbox_t portage_tmp_t (file (getattr relabelfrom relabelto map)))
(allow portage_sandbox_t portage_tmp_t (dir (getattr relabelfrom relabelto)))
(allow portage_sandbox_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmpfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmpfs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_sandbox_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmpfs_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t portage_tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_tmpfs_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_sandbox_t portage_tmpfs_t (file (map)))
(allow portage_tmpfs_t tmpfs_t (filesystem (associate)))
(allow portage_sandbox_t tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition portage_sandbox_t tmpfs_t fifo_file portage_tmpfs_t)
(typetransition portage_sandbox_t tmpfs_t sock_file portage_tmpfs_t)
(typetransition portage_sandbox_t tmpfs_t lnk_file portage_tmpfs_t)
(typetransition portage_sandbox_t tmpfs_t dir portage_tmpfs_t)
(typetransition portage_sandbox_t tmpfs_t file portage_tmpfs_t)
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (lnk_file (read getattr)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_net_t (dir (getattr open search)))
(allow portage_sandbox_t proc_net_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_net_t (dir (getattr open search)))
(allow portage_sandbox_t proc_net_t (lnk_file (read getattr)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_net_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_mdstat_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_kcore_t (file (getattr)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_kmsg_t (file (getattr)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_kernel_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t bin_t (dir (getattr open search)))
(allow portage_sandbox_t bin_t (lnk_file (read getattr)))
(allow portage_sandbox_t usr_t (dir (getattr open search)))
(allow portage_sandbox_t bin_t (dir (getattr open search)))
(allow portage_sandbox_t bin_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t exec_type (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_sandbox_t bin_t (dir (getattr open search)))
(allow portage_sandbox_t exec_type (lnk_file (read getattr)))
(allow portage_sandbox_t netlabel_peer_t (peer (recv)))
(allow portage_sandbox_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow portage_sandbox_t netlabel_peer_t (udp_socket (recvfrom)))
(allow portage_sandbox_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow portage_sandbox_t netif_t (netif (ingress egress)))
(allow portage_sandbox_t netif_t (netif (egress)))
(allow portage_sandbox_t netif_t (netif (ingress)))
(allow portage_sandbox_t netif_t (netif (egress)))
(allow portage_sandbox_t netif_t (netif (ingress)))
(allow portage_sandbox_t node_t (node (recvfrom sendto)))
(allow portage_sandbox_t node_t (node (sendto)))
(allow portage_sandbox_t node_t (node (recvfrom)))
(allow portage_sandbox_t node_t (node (sendto)))
(allow portage_sandbox_t node_t (node (recvfrom)))
(allow portage_sandbox_t reserved_port_type (tcp_socket (name_connect)))
(allow portage_sandbox_t distccd_port_t (tcp_socket (name_connect)))
(allow portage_sandbox_t git_port_t (tcp_socket (name_connect)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (lnk_file (read getattr)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_sandbox_t privfd (fd (use)))
(dontaudit portage_sandbox_t domain (dir (ioctl read getattr lock open search)))
(dontaudit portage_sandbox_t domain (lnk_file (read getattr)))
(dontaudit portage_sandbox_t domain (file (ioctl read getattr lock open)))
(dontaudit portage_sandbox_t domain (sock_file (read getattr open)))
(dontaudit portage_sandbox_t domain (fifo_file (ioctl read getattr lock open)))
(allow portage_sandbox_t etc_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t etc_t (dir (getattr open search)))
(allow portage_sandbox_t etc_t (lnk_file (read getattr)))
(allow portage_sandbox_t etc_t (dir (getattr open search)))
(allow portage_sandbox_t etc_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_sandbox_t usr_t (dir (getattr open search)))
(allow portage_sandbox_t src_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t src_t (dir (getattr open search)))
(allow portage_sandbox_t src_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_sandbox_t src_t (dir (getattr open search)))
(allow portage_sandbox_t src_t (lnk_file (read getattr)))
(allow portage_sandbox_t usr_t (file (map)))
(allow portage_sandbox_t tmpfs_t (filesystem (getattr)))
(allow portage_sandbox_t fs_t (filesystem (getattr)))
(allow portage_sandbox_t noxattrfs (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t noxattrfs (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t noxattrfs (dir (getattr open search)))
(allow portage_sandbox_t noxattrfs (file (ioctl read getattr lock open)))
(allow portage_sandbox_t noxattrfs (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t noxattrfs (dir (getattr open search)))
(allow portage_sandbox_t noxattrfs (lnk_file (read getattr)))
(allow portage_sandbox_t autofs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t security_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t security_t (file (ioctl read write getattr map open)))
(allow portage_sandbox_t security_t (security (check_context)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_sandbox_t security_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t security_t (file (ioctl read write getattr map open)))
(allow portage_sandbox_t security_t (security (compute_av)))
(allow portage_sandbox_t non_auth_file_type (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t non_auth_file_type (dir (getattr open search)))
(allow portage_sandbox_t non_auth_file_type (file (ioctl read getattr lock open)))
(allow portage_sandbox_t non_auth_file_type (dir (getattr open search)))
(allow portage_sandbox_t non_auth_file_type (lnk_file (read getattr)))
(allow portage_sandbox_t usr_t (dir (getattr open search)))
(allow portage_sandbox_t lib_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t lib_t (dir (getattr open search)))
(allow portage_sandbox_t lib_t (lnk_file (read getattr)))
(allow portage_sandbox_t lib_t (dir (getattr open search)))
(allow portage_sandbox_t lib_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_sandbox_t lib_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t lib_t (dir (getattr open search)))
(allow portage_sandbox_t lib_t (lnk_file (read getattr)))
(allow portage_sandbox_t ld_so_t (lnk_file (read getattr)))
(allow portage_sandbox_t lib_t (dir (getattr open search)))
(allow portage_sandbox_t ld_so_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow portage_sandbox_t bin_t (dir (getattr open search)))
(allow portage_sandbox_t bin_t (lnk_file (read getattr)))
(allow portage_sandbox_t usr_t (dir (getattr open search)))
(allow portage_sandbox_t ldconfig_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_sandbox_t devlog_t (sock_file (write getattr append open)))
(allow portage_sandbox_t var_run_t (lnk_file (read getattr)))
(allow portage_sandbox_t var_t (dir (getattr open search)))
(allow portage_sandbox_t var_run_t (dir (getattr open search)))
(allow portage_sandbox_t init_runtime_t (dir (getattr open search)))
(allow portage_sandbox_t syslogd_runtime_t (dir (getattr open search)))
(allow portage_sandbox_t syslogd_t (unix_dgram_socket (sendto)))
(allow portage_sandbox_t syslogd_t (unix_stream_socket (connectto)))
(allow portage_sandbox_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_sandbox_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t device_t (lnk_file (read getattr)))
(allow portage_sandbox_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit portage_sandbox_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow portage_sandbox_t etc_t (dir (getattr open search)))
(allow portage_sandbox_t etc_t (lnk_file (read getattr)))
(allow portage_sandbox_t usr_t (dir (getattr open search)))
(allow portage_sandbox_t locale_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t locale_t (dir (getattr open search)))
(allow portage_sandbox_t locale_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t locale_t (dir (getattr open search)))
(allow portage_sandbox_t locale_t (lnk_file (read getattr)))
(allow portage_sandbox_t locale_t (file (map)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t device_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t device_t (lnk_file (read getattr)))
(allow portage_sandbox_t devpts_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow portage_sandbox_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(allow portage_sandbox_t security_t (filesystem (getattr)))
(allow portage_sandbox_t sysfs_t (filesystem (getattr)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t sysfs_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (lnk_file (read getattr)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t proc_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t etc_t (dir (getattr open search)))
(allow portage_sandbox_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow portage_sandbox_t selinux_config_t (dir (getattr open search)))
(allow portage_sandbox_t selinux_config_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t selinux_config_t (dir (getattr open search)))
(allow portage_sandbox_t selinux_config_t (lnk_file (read getattr)))
(allow portage_sandbox_t etc_t (dir (getattr open search)))
(allow portage_sandbox_t selinux_config_t (dir (getattr open search)))
(allow portage_sandbox_t default_context_t (dir (getattr open search)))
(allow portage_sandbox_t file_context_t (dir (getattr open search)))
(allow portage_sandbox_t file_context_t (file (ioctl read getattr lock open)))
(allow portage_sandbox_t file_context_t (file (map)))
(allow portage_sandbox_t tmpfs_t (filesystem (getattr)))
(allow portage_fetch_t portage_cache_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_cache_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow portage_fetch_t portage_cache_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_cache_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow portage_fetch_t portage_conf_t (dir (getattr open search)))
(allow portage_fetch_t portage_conf_t (lnk_file (read getattr)))
(allow portage_fetch_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_fetch_t portage_ebuild_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow portage_fetch_t device_t (dir (getattr open search)))
(allow portage_fetch_t autofs_device_t (chr_file (ioctl read write getattr lock append open)))
(allow portage_fetch_t xdg_config_t (dir (getattr open search)))
(allow portage_fetch_t xdg_config_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t xdg_config_t (file (map)))
(allow portage_fetch_t xdg_config_t (dir (getattr open search)))
(allow portage_fetch_t xdg_config_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t xdg_config_t (dir (getattr open search)))
(allow portage_fetch_t xdg_config_t (lnk_file (read getattr)))
(allow portage_fetch_t user_home_dir_t (dir (getattr open search)))
(allow portage_fetch_t home_root_t (dir (getattr open search)))
(allow portage_fetch_t home_root_t (lnk_file (read getattr)))
(allow portage_fetch_t bin_t (dir (getattr open search)))
(allow portage_fetch_t bin_t (lnk_file (read getattr)))
(allow portage_fetch_t usr_t (dir (getattr open search)))
(allow portage_fetch_t portage_exec_t (file (ioctl read getattr map execute open)))
(allow portage_fetch_t portage_t (process (transition)))
(dontaudit portage_fetch_t portage_t (process (noatsecure siginh rlimitinh)))
(typetransition portage_fetch_t portage_exec_t process portage_t)
(allow portage_t portage_fetch_t (fd (use)))
(allow portage_t portage_fetch_t (fifo_file (ioctl read write getattr lock append)))
(allow portage_t portage_fetch_t (process (sigchld)))
(allow portage_fetch_t portage_tmp_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_fetch_t etc_t (dir (getattr open search)))
(allow portage_fetch_t portage_conf_t (dir (getattr open search)))
(allow portage_fetch_t portage_conf_t (dir (ioctl read getattr lock open search)))
(allow portage_fetch_t portage_conf_t (dir (getattr open search)))
(allow portage_fetch_t portage_conf_t (file (ioctl read getattr lock open)))
(allow portage_fetch_t portage_conf_t (file (map)))
(allow portage_fetch_t portage_conf_t (dir (getattr open search)))
(allow portage_fetch_t portage_conf_t (lnk_file (read getattr)))
(allow gcc_config_t self (capability (dac_override)))
(allow gcc_config_t gcc_config_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t gcc_config_tmp_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow gcc_config_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition gcc_config_t tmp_t file gcc_config_tmp_t)
(allow gcc_config_t portage_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow gcc_config_t portage_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t etc_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t etc_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow gcc_config_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t etc_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow gcc_config_t etc_runtime_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow gcc_config_t etc_t (dir (getattr open search)))
(allow gcc_config_t portage_conf_t (dir (getattr open search)))
(allow gcc_config_t portage_conf_t (dir (ioctl read getattr lock open search)))
(allow gcc_config_t portage_conf_t (dir (getattr open search)))
(allow gcc_config_t portage_conf_t (file (ioctl read getattr lock open)))
(allow gcc_config_t portage_conf_t (file (map)))
(allow gcc_config_t portage_conf_t (dir (getattr open search)))
(allow gcc_config_t portage_conf_t (lnk_file (read getattr)))
(allow portage_t self (capability (net_admin sys_admin)))
(allow portage_t self (capability2 (block_suspend)))
(allow portage_t portage_sandbox_t (process (sigchld sigkill sigstop signull signal)))
(allow portage_t portage_fetch_t (process (sigchld sigkill sigstop signull signal)))
(allow portage_t portage_tmp_t (dir (getattr relabelfrom relabelto)))
(allow portage_t portage_tmp_t (lnk_file (getattr relabelfrom relabelto)))
(allow portage_t portage_exec_t (file (getattr relabelfrom relabelto)))
(allow portage_t portage_fetch_exec_t (file (getattr relabelfrom relabelto)))
(allow portage_t proc_t (dir (getattr open search)))
(allow portage_t sysctl_t (dir (getattr open search)))
(allow portage_t sysctl_vm_t (dir (getattr open search)))
(allow portage_t sysctl_vm_overcommit_t (file (ioctl read getattr lock open)))
(allow portage_t bin_t (file (entrypoint)))
(allow portage_t bin_t (file (ioctl read getattr lock map execute open)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr relabelfrom relabelto)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (read getattr)))
(allow portage_t usr_t (dir (getattr open search)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (file (getattr relabelfrom relabelto)))
(allow portage_t bin_t (dir (getattr open search)))
(allow portage_t bin_t (lnk_file (getattr relabelfrom relabelto)))
(allow portage_t device_t (dir (getattr open search)))
(allow portage_t xserver_misc_device_t (chr_file (getattr)))
(allow portage_t cgroup_types (filesystem (mount)))
(allow portage_t cgroup_types (dir (mounton)))
(allow portage_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t lib_t (dir (getattr relabelfrom relabelto)))
(allow portage_t lib_t (dir (getattr open search)))
(allow portage_t lib_t (file (getattr relabelfrom relabelto)))
(allow portage_sandbox_t self (capability2 (block_suspend)))
(allow portage_sandbox_t portage_log_t (dir (getattr open search)))
(allow portage_sandbox_t portage_log_t (dir (ioctl write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_sandbox_t portage_ebuild_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(dontaudit portage_sandbox_t self (capability (sys_admin)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t xserver_misc_device_t (chr_file (getattr)))
(allow portage_sandbox_t device_t (dir (getattr open search)))
(allow portage_sandbox_t zero_device_t (chr_file (ioctl read write getattr lock append open)))
(allow portage_sandbox_t zero_device_t (chr_file (map execute)))
(allow portage_sandbox_t proc_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_vm_t (dir (getattr open search)))
(allow portage_sandbox_t sysctl_vm_overcommit_t (file (ioctl read getattr lock open)))
(allow portage_eselect_domain self (fifo_file (ioctl read write getattr lock append)))
(allow portage_eselect_domain bin_t (dir (getattr open search)))
(allow portage_eselect_domain bin_t (lnk_file (read getattr)))
(allow portage_eselect_domain usr_t (dir (getattr open search)))
(allow portage_eselect_domain bin_t (dir (getattr open search)))
(allow portage_eselect_domain bin_t (dir (ioctl read getattr lock open search)))
(allow portage_eselect_domain shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow portage_eselect_domain etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_eselect_domain etc_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow portage_eselect_domain etc_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(typetransition portage_sandbox_t portage_ebuild_t dir "svn-src" portage_srcrepo_t)
(typetransition portage_sandbox_t portage_ebuild_t dir "hg-src" portage_srcrepo_t)
(typetransition portage_sandbox_t portage_ebuild_t dir "go-src" portage_srcrepo_t)
(typetransition portage_sandbox_t portage_ebuild_t dir "git3-src" portage_srcrepo_t)
(typetransition portage_sandbox_t portage_ebuild_t dir "egit-src" portage_srcrepo_t)
(typetransition portage_sandbox_t portage_ebuild_t dir "cvs-src" portage_srcrepo_t)
(typetransition portage_t etc_t file "ld.so.cache~" ld_so_cache_t)
(booleanif (portage_enable_test)
    (true
        (allow portage_sandbox_t node_t (udp_socket (node_bind)))
        (allow portage_sandbox_t unreserved_port_type (udp_socket (name_bind)))
        (allow portage_sandbox_t unreserved_port_type (tcp_socket (name_connect)))
        (allow portage_sandbox_t node_t (tcp_socket (node_bind)))
        (allow portage_sandbox_t unreserved_port_type (tcp_socket (name_bind)))
    )
)
(booleanif (portage_read_user_content)
    (true
        (allow portage_fetch_t user_home_t (dir (ioctl read getattr lock open search)))
        (allow portage_fetch_t home_root_t (lnk_file (read getattr)))
        (allow portage_fetch_t home_root_t (dir (getattr open search)))
        (allow portage_fetch_t user_home_t (file (ioctl read getattr lock open)))
        (allow portage_fetch_t user_home_dir_t (dir (getattr open search)))
        (allow portage_fetch_t user_home_t (dir (getattr open search)))
    )
    (false
        (dontaudit portage_fetch_t user_home_t (file (ioctl read getattr lock open)))
        (dontaudit portage_fetch_t user_home_t (dir (ioctl read getattr lock open search)))
    )
)
(booleanif (portage_use_nfs)
    (true
        (allow gcc_config_t nfs_t (file (ioctl read getattr lock open)))
        (allow gcc_config_t nfs_t (dir (getattr open search)))
        (allow gcc_config_t nfs_t (dir (ioctl read getattr lock open search)))
        (allow portage_t nfs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
        (allow portage_t nfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
        (allow portage_t nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
        (allow portage_t nfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
        (allow portage_t nfs_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
        (allow portage_t nfs_t (filesystem (getattr)))
        (allow portage_fetch_t nfs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
        (allow portage_fetch_t nfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
        (allow portage_fetch_t nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
        (allow portage_fetch_t nfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
        (allow portage_fetch_t nfs_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
        (allow portage_fetch_t nfs_t (filesystem (getattr)))
        (allow portage_sandbox_t nfs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
        (allow portage_sandbox_t nfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
        (allow portage_sandbox_t nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
        (allow portage_sandbox_t nfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
        (allow portage_sandbox_t nfs_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
        (allow portage_sandbox_t nfs_t (filesystem (getattr)))
    )
)
(optional portage_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow gcc_config_t init_t (process (sigchld)))
    (allow gcc_config_t init_t (process (signull)))
)
(optional portage_optional_3
    (typeattributeset cil_gen_require rpm_t)
    (allow gcc_config_t rpm_t (fd (use)))
    (allow gcc_config_t rpm_t (fifo_file (ioctl read getattr lock open)))
)
(optional portage_optional_4
    (typeattributeset cil_gen_require security_t)
    (typeattributeset cil_gen_require sysfs_t)
    (dontaudit gcc_config_t security_t (filesystem (getattr)))
    (dontaudit gcc_config_t sysfs_t (filesystem (getattr)))
    (dontaudit gcc_config_t sysfs_t (dir (getattr open search)))
    (dontaudit gcc_config_t security_t (dir (getattr open search)))
    (dontaudit gcc_config_t security_t (file (ioctl read getattr lock open)))
    (optional portage_optional_5
        (typeattributeset cil_gen_require selinux_config_t)
        (dontaudit gcc_config_t selinux_config_t (dir (getattr open search)))
        (dontaudit gcc_config_t selinux_config_t (file (ioctl read getattr lock open)))
        (optional portage_optional_6
            (typeattributeset cil_gen_require init_t)
            (allow portage_t init_t (process (sigchld)))
            (allow portage_t init_t (process (signull)))
        )
        (optional portage_optional_7
            (typeattributeset cil_gen_require rpm_t)
            (allow portage_t rpm_t (fd (use)))
            (allow portage_t rpm_t (fifo_file (ioctl read getattr lock open)))
        )
        (optional portage_optional_8
            (typeattributeset cil_gen_require security_t)
            (typeattributeset cil_gen_require sysfs_t)
            (dontaudit portage_t security_t (filesystem (getattr)))
            (dontaudit portage_t sysfs_t (filesystem (getattr)))
            (dontaudit portage_t sysfs_t (dir (getattr open search)))
            (dontaudit portage_t security_t (dir (getattr open search)))
            (dontaudit portage_t security_t (file (ioctl read getattr lock open)))
            (optional portage_optional_9
                (typeattributeset cil_gen_require selinux_config_t)
                (dontaudit portage_t selinux_config_t (dir (getattr open search)))
                (dontaudit portage_t selinux_config_t (file (ioctl read getattr lock open)))
                (optional portage_optional_10
                    (typeattributeset cil_gen_require init_t)
                    (allow portage_sandbox_t init_t (process (sigchld)))
                    (allow portage_sandbox_t init_t (process (signull)))
                )
                (optional portage_optional_11
                    (typeattributeset cil_gen_require rpm_t)
                    (allow portage_sandbox_t rpm_t (fd (use)))
                    (allow portage_sandbox_t rpm_t (fifo_file (ioctl read getattr lock open)))
                )
                (optional portage_optional_12
                    (typeattributeset cil_gen_require security_t)
                    (typeattributeset cil_gen_require sysfs_t)
                    (dontaudit portage_sandbox_t security_t (filesystem (getattr)))
                    (dontaudit portage_sandbox_t sysfs_t (filesystem (getattr)))
                    (dontaudit portage_sandbox_t sysfs_t (dir (getattr open search)))
                    (dontaudit portage_sandbox_t security_t (dir (getattr open search)))
                    (dontaudit portage_sandbox_t security_t (file (ioctl read getattr lock open)))
                    (optional portage_optional_13
                        (typeattributeset cil_gen_require selinux_config_t)
                        (dontaudit portage_sandbox_t selinux_config_t (dir (getattr open search)))
                        (dontaudit portage_sandbox_t selinux_config_t (file (ioctl read getattr lock open)))
                        (optional portage_optional_14
                            (typeattributeset cil_gen_require init_t)
                            (allow portage_fetch_t init_t (process (sigchld)))
                            (allow portage_fetch_t init_t (process (signull)))
                        )
                        (optional portage_optional_15
                            (typeattributeset cil_gen_require rpm_t)
                            (allow portage_fetch_t rpm_t (fd (use)))
                            (allow portage_fetch_t rpm_t (fifo_file (ioctl read getattr lock open)))
                        )
                        (optional portage_optional_16
                            (typeattributeset cil_gen_require security_t)
                            (typeattributeset cil_gen_require sysfs_t)
                            (dontaudit portage_fetch_t security_t (filesystem (getattr)))
                            (dontaudit portage_fetch_t sysfs_t (filesystem (getattr)))
                            (dontaudit portage_fetch_t sysfs_t (dir (getattr open search)))
                            (dontaudit portage_fetch_t security_t (dir (getattr open search)))
                            (dontaudit portage_fetch_t security_t (file (ioctl read getattr lock open)))
                            (optional portage_optional_17
                                (typeattributeset cil_gen_require selinux_config_t)
                                (dontaudit portage_fetch_t selinux_config_t (dir (getattr open search)))
                                (dontaudit portage_fetch_t selinux_config_t (file (ioctl read getattr lock open)))
                                (optional portage_optional_18
                                    (typeattributeset cil_gen_require init_mountpoint_type)
                                    (typeattributeset cil_gen_require init_mountpoint_type)
                                    (typeattributeset init_mountpoint_type (portage_ebuild_t ))
                                )
                                (optional portage_optional_19
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require consoletype_exec_t)
                                    (allow gcc_config_t bin_t (dir (getattr open search)))
                                    (allow gcc_config_t bin_t (lnk_file (read getattr)))
                                    (allow gcc_config_t usr_t (dir (getattr open search)))
                                    (allow gcc_config_t consoletype_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
                                )
                                (optional portage_optional_20
                                    (typeattributeset cil_gen_require newrole_t)
                                    (allow gcc_config_t newrole_t (fd (use)))
                                )
                                (optional portage_optional_21
                                    (roleattributeset cil_gen_require bootloader_roles)
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require bootloader_t)
                                    (typeattributeset cil_gen_require bootloader_exec_t)
                                    (roleattributeset cil_gen_require bootloader_roles)
                                    (roleattributeset bootloader_roles (portage_roles ))
                                    (allow portage_t bin_t (dir (getattr open search)))
                                    (allow portage_t bin_t (lnk_file (read getattr)))
                                    (allow portage_t usr_t (dir (getattr open search)))
                                    (allow portage_t bootloader_exec_t (file (ioctl read getattr map execute open)))
                                    (allow portage_t bootloader_t (process (transition)))
                                    (dontaudit portage_t bootloader_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition portage_t bootloader_exec_t process bootloader_t)
                                    (allow bootloader_t portage_t (fd (use)))
                                    (allow bootloader_t portage_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow bootloader_t portage_t (process (sigchld)))
                                )
                                (optional portage_optional_22
                                    (typeattributeset cil_gen_require crond_t)
                                    (typeattributeset cil_gen_require system_cronjob_t)
                                    (roleattributeset cil_gen_require system_r)
                                    (roletype system_r portage_t)
                                    (roletype system_r portage_fetch_t)
                                    (allow system_cronjob_t portage_exec_t (file (ioctl read getattr map execute open)))
                                    (allow system_cronjob_t portage_t (process (transition)))
                                    (dontaudit system_cronjob_t portage_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition system_cronjob_t portage_exec_t process portage_t)
                                    (allow portage_t system_cronjob_t (fd (use)))
                                    (allow portage_t system_cronjob_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow portage_t system_cronjob_t (process (sigchld)))
                                    (allow crond_t portage_exec_t (file (ioctl read getattr map execute open)))
                                    (allow crond_t portage_t (process (transition)))
                                    (dontaudit crond_t portage_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition crond_t portage_exec_t process portage_t)
                                    (allow portage_t crond_t (fd (use)))
                                    (allow portage_t crond_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow portage_t crond_t (process (sigchld)))
                                    (allow system_cronjob_t portage_fetch_exec_t (file (ioctl read getattr map execute open)))
                                    (allow system_cronjob_t portage_fetch_t (process (transition)))
                                    (dontaudit system_cronjob_t portage_fetch_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition system_cronjob_t portage_fetch_exec_t process portage_fetch_t)
                                    (allow portage_fetch_t system_cronjob_t (fd (use)))
                                    (allow portage_fetch_t system_cronjob_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow portage_fetch_t system_cronjob_t (process (sigchld)))
                                    (allow crond_t portage_fetch_exec_t (file (ioctl read getattr map execute open)))
                                    (allow crond_t portage_fetch_t (process (transition)))
                                    (dontaudit crond_t portage_fetch_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition crond_t portage_fetch_exec_t process portage_fetch_t)
                                    (allow portage_fetch_t crond_t (fd (use)))
                                    (allow portage_fetch_t crond_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow portage_fetch_t crond_t (process (sigchld)))
                                )
                                (optional portage_optional_23
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require gpg_exec_t)
                                    (allow portage_t bin_t (dir (getattr open search)))
                                    (allow portage_t bin_t (lnk_file (read getattr)))
                                    (allow portage_t usr_t (dir (getattr open search)))
                                    (allow portage_t gpg_exec_t (file (ioctl read getattr map execute open)))
                                    (allow portage_t portage_fetch_t (process (transition)))
                                    (dontaudit portage_t portage_fetch_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition portage_t gpg_exec_t process portage_fetch_t)
                                )
                                (optional portage_optional_24
                                    (roleattributeset cil_gen_require kmod_roles)
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require kmod_t)
                                    (typeattributeset cil_gen_require kmod_exec_t)
                                    (roleattributeset cil_gen_require kmod_roles)
                                    (roleattributeset kmod_roles (portage_roles ))
                                    (allow portage_t bin_t (dir (getattr open search)))
                                    (allow portage_t bin_t (lnk_file (read getattr)))
                                    (allow portage_t usr_t (dir (getattr open search)))
                                    (allow portage_t kmod_exec_t (file (ioctl read getattr map execute open)))
                                    (allow portage_t kmod_t (process (transition)))
                                    (dontaudit portage_t kmod_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition portage_t kmod_exec_t process kmod_t)
                                    (allow kmod_t portage_t (fd (use)))
                                    (allow kmod_t portage_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow kmod_t portage_t (process (sigchld)))
                                )
                                (optional portage_optional_25
                                    (roleattributeset cil_gen_require groupadd_roles)
                                    (roleattributeset cil_gen_require useradd_roles)
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require groupadd_t)
                                    (typeattributeset cil_gen_require groupadd_exec_t)
                                    (typeattributeset cil_gen_require useradd_t)
                                    (typeattributeset cil_gen_require useradd_exec_t)
                                    (roleattributeset cil_gen_require groupadd_roles)
                                    (roleattributeset groupadd_roles (portage_roles ))
                                    (roleattributeset cil_gen_require useradd_roles)
                                    (roleattributeset useradd_roles (portage_roles ))
                                    (allow portage_t bin_t (dir (getattr open search)))
                                    (allow portage_t bin_t (lnk_file (read getattr)))
                                    (allow portage_t usr_t (dir (getattr open search)))
                                    (allow portage_t groupadd_exec_t (file (ioctl read getattr map execute open)))
                                    (allow portage_t groupadd_t (process (transition)))
                                    (dontaudit portage_t groupadd_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition portage_t groupadd_exec_t process groupadd_t)
                                    (allow groupadd_t portage_t (fd (use)))
                                    (allow groupadd_t portage_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow groupadd_t portage_t (process (sigchld)))
                                    (dontaudit groupadd_t portage_t (tcp_socket (read write)))
                                    (dontaudit groupadd_t portage_t (udp_socket (read write)))
                                    (dontaudit groupadd_t portage_t (rawip_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_socket (read write)))
                                    (dontaudit groupadd_t portage_t (packet_socket (read write)))
                                    (dontaudit groupadd_t portage_t (unix_stream_socket (read write)))
                                    (dontaudit groupadd_t portage_t (unix_dgram_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_route_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_tcpdiag_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_nflog_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_xfrm_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_selinux_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_audit_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_dnrt_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_kobject_uevent_socket (read write)))
                                    (dontaudit groupadd_t portage_t (appletalk_socket (read write)))
                                    (dontaudit groupadd_t portage_t (tun_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_iscsi_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_fib_lookup_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_connector_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_netfilter_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_generic_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_scsitransport_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_rdma_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netlink_crypto_socket (read write)))
                                    (dontaudit groupadd_t portage_t (sctp_socket (read write)))
                                    (dontaudit groupadd_t portage_t (icmp_socket (read write)))
                                    (dontaudit groupadd_t portage_t (ax25_socket (read write)))
                                    (dontaudit groupadd_t portage_t (ipx_socket (read write)))
                                    (dontaudit groupadd_t portage_t (netrom_socket (read write)))
                                    (dontaudit groupadd_t portage_t (atmpvc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (x25_socket (read write)))
                                    (dontaudit groupadd_t portage_t (rose_socket (read write)))
                                    (dontaudit groupadd_t portage_t (decnet_socket (read write)))
                                    (dontaudit groupadd_t portage_t (atmsvc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (rds_socket (read write)))
                                    (dontaudit groupadd_t portage_t (irda_socket (read write)))
                                    (dontaudit groupadd_t portage_t (pppox_socket (read write)))
                                    (dontaudit groupadd_t portage_t (llc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (can_socket (read write)))
                                    (dontaudit groupadd_t portage_t (tipc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (bluetooth_socket (read write)))
                                    (dontaudit groupadd_t portage_t (iucv_socket (read write)))
                                    (dontaudit groupadd_t portage_t (rxrpc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (isdn_socket (read write)))
                                    (dontaudit groupadd_t portage_t (phonet_socket (read write)))
                                    (dontaudit groupadd_t portage_t (ieee802154_socket (read write)))
                                    (dontaudit groupadd_t portage_t (caif_socket (read write)))
                                    (dontaudit groupadd_t portage_t (alg_socket (read write)))
                                    (dontaudit groupadd_t portage_t (nfc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (vsock_socket (read write)))
                                    (dontaudit groupadd_t portage_t (kcm_socket (read write)))
                                    (dontaudit groupadd_t portage_t (qipcrtr_socket (read write)))
                                    (dontaudit groupadd_t portage_t (smc_socket (read write)))
                                    (dontaudit groupadd_t portage_t (xdp_socket (read write)))
                                    (allow portage_t bin_t (dir (getattr open search)))
                                    (allow portage_t bin_t (lnk_file (read getattr)))
                                    (allow portage_t usr_t (dir (getattr open search)))
                                    (allow portage_t useradd_exec_t (file (ioctl read getattr map execute open)))
                                    (allow portage_t useradd_t (process (transition)))
                                    (dontaudit portage_t useradd_t (process (noatsecure siginh rlimitinh)))
                                    (typetransition portage_t useradd_exec_t process useradd_t)
                                    (allow useradd_t portage_t (fd (use)))
                                    (allow useradd_t portage_t (fifo_file (ioctl read write getattr lock append)))
                                    (allow useradd_t portage_t (process (sigchld)))
                                    (dontaudit useradd_t portage_t (tcp_socket (read write)))
                                    (dontaudit useradd_t portage_t (udp_socket (read write)))
                                    (dontaudit useradd_t portage_t (rawip_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_socket (read write)))
                                    (dontaudit useradd_t portage_t (packet_socket (read write)))
                                    (dontaudit useradd_t portage_t (unix_stream_socket (read write)))
                                    (dontaudit useradd_t portage_t (unix_dgram_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_route_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_tcpdiag_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_nflog_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_xfrm_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_selinux_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_audit_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_dnrt_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_kobject_uevent_socket (read write)))
                                    (dontaudit useradd_t portage_t (appletalk_socket (read write)))
                                    (dontaudit useradd_t portage_t (tun_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_iscsi_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_fib_lookup_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_connector_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_netfilter_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_generic_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_scsitransport_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_rdma_socket (read write)))
                                    (dontaudit useradd_t portage_t (netlink_crypto_socket (read write)))
                                    (dontaudit useradd_t portage_t (sctp_socket (read write)))
                                    (dontaudit useradd_t portage_t (icmp_socket (read write)))
                                    (dontaudit useradd_t portage_t (ax25_socket (read write)))
                                    (dontaudit useradd_t portage_t (ipx_socket (read write)))
                                    (dontaudit useradd_t portage_t (netrom_socket (read write)))
                                    (dontaudit useradd_t portage_t (atmpvc_socket (read write)))
                                    (dontaudit useradd_t portage_t (x25_socket (read write)))
                                    (dontaudit useradd_t portage_t (rose_socket (read write)))
                                    (dontaudit useradd_t portage_t (decnet_socket (read write)))
                                    (dontaudit useradd_t portage_t (atmsvc_socket (read write)))
                                    (dontaudit useradd_t portage_t (rds_socket (read write)))
                                    (dontaudit useradd_t portage_t (irda_socket (read write)))
                                    (dontaudit useradd_t portage_t (pppox_socket (read write)))
                                    (dontaudit useradd_t portage_t (llc_socket (read write)))
                                    (dontaudit useradd_t portage_t (can_socket (read write)))
                                    (dontaudit useradd_t portage_t (tipc_socket (read write)))
                                    (dontaudit useradd_t portage_t (bluetooth_socket (read write)))
                                    (dontaudit useradd_t portage_t (iucv_socket (read write)))
                                    (dontaudit useradd_t portage_t (rxrpc_socket (read write)))
                                    (dontaudit useradd_t portage_t (isdn_socket (read write)))
                                    (dontaudit useradd_t portage_t (phonet_socket (read write)))
                                    (dontaudit useradd_t portage_t (ieee802154_socket (read write)))
                                    (dontaudit useradd_t portage_t (caif_socket (read write)))
                                    (dontaudit useradd_t portage_t (alg_socket (read write)))
                                    (dontaudit useradd_t portage_t (nfc_socket (read write)))
                                    (dontaudit useradd_t portage_t (vsock_socket (read write)))
                                    (dontaudit useradd_t portage_t (kcm_socket (read write)))
                                    (dontaudit useradd_t portage_t (qipcrtr_socket (read write)))
                                    (dontaudit useradd_t portage_t (smc_socket (read write)))
                                    (dontaudit useradd_t portage_t (xdp_socket (read write)))
                                )
                                (optional portage_optional_26
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require dirmngr_exec_t)
                                    (allow portage_fetch_t bin_t (dir (getattr open search)))
                                    (allow portage_fetch_t bin_t (lnk_file (read getattr)))
                                    (allow portage_fetch_t usr_t (dir (getattr open search)))
                                    (allow portage_fetch_t dirmngr_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
                                )
                                (optional portage_optional_27
                                    (typeattributeset cil_gen_require exec_type)
                                    (typeattributeset exec_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t bin_t ))
                                    (typeattributeset cil_gen_require file_type)
                                    (typeattributeset file_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t portage_ebuild_t portage_fetch_tmp_t portage_db_t portage_conf_t portage_cache_t portage_gpg_t portage_log_t portage_srcrepo_t portage_tmp_t portage_tmpfs_t bin_t gcc_config_tmp_t ))
                                    (typeattributeset cil_gen_require non_security_file_type)
                                    (typeattributeset non_security_file_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t portage_ebuild_t portage_fetch_tmp_t portage_db_t portage_conf_t portage_cache_t portage_gpg_t portage_log_t portage_srcrepo_t portage_tmp_t portage_tmpfs_t bin_t gcc_config_tmp_t ))
                                    (typeattributeset cil_gen_require non_auth_file_type)
                                    (typeattributeset non_auth_file_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t portage_ebuild_t portage_fetch_tmp_t portage_db_t portage_conf_t portage_cache_t portage_gpg_t portage_log_t portage_srcrepo_t portage_tmp_t portage_tmpfs_t bin_t gcc_config_tmp_t ))
                                    (typeattributeset cil_gen_require entry_type)
                                    (typeattributeset entry_type (gcc_config_exec_t portage_exec_t rsync_exec_t shell_exec_t portage_fetch_exec_t bin_t ))
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require gpg_exec_t)
                                    (typeattributeset cil_gen_require gpg_agent_exec_t)
                                    (typeattributeset cil_gen_require non_auth_file_type)
                                    (typeattributeset non_auth_file_type (gpg_exec_t ))
                                    (typeattributeset cil_gen_require file_type)
                                    (typeattributeset file_type (gpg_exec_t ))
                                    (typeattributeset cil_gen_require entry_type)
                                    (typeattributeset entry_type (gpg_exec_t ))
                                    (typeattributeset cil_gen_require exec_type)
                                    (typeattributeset exec_type (gpg_exec_t ))
                                    (typeattributeset cil_gen_require non_security_file_type)
                                    (typeattributeset non_security_file_type (gpg_exec_t ))
                                    (allow portage_fetch_t gpg_exec_t (file (entrypoint)))
                                    (allow portage_fetch_t gpg_exec_t (file (ioctl read getattr lock map execute open)))
                                    (allow portage_fetch_t bin_t (dir (getattr open search)))
                                    (allow portage_fetch_t bin_t (lnk_file (read getattr)))
                                    (allow portage_fetch_t usr_t (dir (getattr open search)))
                                    (allow portage_fetch_t gpg_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
                                    (allow portage_fetch_t bin_t (dir (getattr open search)))
                                    (allow portage_fetch_t bin_t (lnk_file (read getattr)))
                                    (allow portage_fetch_t usr_t (dir (getattr open search)))
                                    (allow portage_fetch_t gpg_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
                                )
                                (optional portage_optional_28
                                    (typeattributeset cil_gen_require bin_t)
                                    (typeattributeset cil_gen_require usr_t)
                                    (typeattributeset cil_gen_require mount_t)
                                    (typeattributeset cil_gen_require mount_exec_t)
                                    (booleanif (portage_mount_fs)
                                        (true
                                            (allow mount_t portage_t (process (sigchld)))
                                            (allow mount_t portage_t (fifo_file (ioctl read write getattr lock append)))
                                            (allow mount_t portage_t (fd (use)))
                                            (typetransition portage_t mount_exec_t process mount_t)
                                            (dontaudit portage_t mount_t (process (noatsecure siginh rlimitinh)))
                                            (allow portage_t mount_t (process (transition)))
                                            (allow portage_t mount_exec_t (file (ioctl read getattr map execute open)))
                                            (allow portage_t usr_t (dir (getattr open search)))
                                            (allow portage_t bin_t (lnk_file (read getattr)))
                                            (allow portage_t bin_t (dir (getattr open search)))
                                        )
                                    )
                                )
                            )
                        )
                    )
                )
            )
        )
    )
)
(filecon "/etc/make\.conf" file (system_u object_r portage_conf_t ((s0) (s0))))
(filecon "/etc/make\.globals" file (system_u object_r portage_conf_t ((s0) (s0))))
(filecon "/etc/make\.profile" symlink (system_u object_r portage_conf_t ((s0) (s0))))
(filecon "/etc/portage(/.*)?" any (system_u object_r portage_conf_t ((s0) (s0))))
(filecon "/etc/portage/gpg(/.*)?" any (system_u object_r portage_gpg_t ((s0) (s0))))
(filecon "/usr/bin/emerge" file (system_u object_r portage_exec_t ((s0) (s0))))
(filecon "/usr/bin/emerge-webrsync" file (system_u object_r portage_fetch_exec_t ((s0) (s0))))
(filecon "/usr/bin/gcc-config" file (system_u object_r gcc_config_exec_t ((s0) (s0))))
(filecon "/usr/bin/glsa-check" file (system_u object_r portage_exec_t ((s0) (s0))))
(filecon "/usr/bin/layman" file (system_u object_r portage_fetch_exec_t ((s0) (s0))))
(filecon "/usr/bin/sandbox" file (system_u object_r portage_exec_t ((s0) (s0))))
(filecon "/usr/lib/python-exec/python[0-9]\.[0-9]*/glsa-check" file (system_u object_r portage_exec_t ((s0) (s0))))
(filecon "/usr/lib/python-exec/python[0-9]\.[0-9]*/layman" file (system_u object_r portage_fetch_exec_t ((s0) (s0))))
(filecon "/usr/lib/python-exec/python[0-9]\.[0-9]*/emaint" file (system_u object_r portage_exec_t ((s0) (s0))))
(filecon "/usr/lib/python-exec/python[0-9]\.[0-9]*/emerge" file (system_u object_r portage_exec_t ((s0) (s0))))
(filecon "/usr/portage(/.*)?" any (system_u object_r portage_ebuild_t ((s0) (s0))))
(filecon "/usr/portage/distfiles/cvs-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/usr/portage/distfiles/egit-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/usr/portage/distfiles/git[0-9]-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/usr/portage/distfiles/go-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/usr/portage/distfiles/hg-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/usr/portage/distfiles/svn-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/db/pkg(/.*)?" any (system_u object_r portage_db_t ((s0) (s0))))
(filecon "/var/db/repos(/.*)?" any (system_u object_r portage_ebuild_t ((s0) (s0))))
(filecon "/var/cache/binpkgs(/.*)?" any (system_u object_r portage_ebuild_t ((s0) (s0))))
(filecon "/var/cache/distfiles(/.*)?" any (system_u object_r portage_ebuild_t ((s0) (s0))))
(filecon "/var/cache/distfiles/cvs-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/cache/distfiles/egit-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/cache/distfiles/git[0-9]-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/cache/distfiles/go-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/cache/distfiles/hg-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/cache/distfiles/svn-src(/.*)?" any (system_u object_r portage_srcrepo_t ((s0) (s0))))
(filecon "/var/cache/edb(/.*)?" any (system_u object_r portage_cache_t ((s0) (s0))))
(filecon "/var/cache/eix(/.*)?" any (system_u object_r portage_cache_t ((s0) (s0))))
(filecon "/var/log/emerge\.log.*" file (system_u object_r portage_log_t ((s0) (s0))))
(filecon "/var/log/emerge-fetch\.log" file (system_u object_r portage_log_t ((s0) (s0))))
(filecon "/var/log/portage(/.*)?" any (system_u object_r portage_log_t ((s0) (s0))))
(filecon "/var/log/sandbox(/.*)?" any (system_u object_r portage_log_t ((s0) (s0))))
(filecon "/var/lib/layman(/.*)?" any (system_u object_r portage_ebuild_t ((s0) (s0))))
(filecon "/var/lib/portage(/.*)?" any (system_u object_r portage_cache_t ((s0) (s0))))
(filecon "/var/tmp/binpkgs(/.*)?" any (system_u object_r portage_tmp_t ((s0) (s0))))
(filecon "/var/tmp/emerge-webrsync(/.*)?" any (system_u object_r portage_tmp_t ((s0) (s0))))
(filecon "/var/tmp/portage(/.*)?" any (system_u object_r portage_tmp_t ((s0) (s0))))
(filecon "/var/tmp/portage-pkg(/.*)?" any (system_u object_r portage_tmp_t ((s0) (s0))))
