# This is a permission map file for use in policy analysis.  This
# file maps object permissions (read, getattr, setattr, ..., etc.) 
# for an object class, to exactly one of the following: read, write, 
# both, or none.  This file may be edited as long as the specific 
# syntax rules are obeyed.
#
# For each object class, there is a set of object permissions that are 
# individually mapped to read, write, both, or none.  If a new object
# class is added, make sure that the current number of object classes
# is increased.
#
# The syntax for an object class definition is:
# class <class_name> <num_permissions>
# 
# This is followed by each permission and its individual mapping to one 
# of the following:
#
# 	r   =	Read
#	w   =	Write
#	n   =	None
#	b   =	Both
#
# Additionally, you can choose to follow the mapping with an optional  
# permission weight value from 1 (less importance) to 10 (higher importance). 
# 10 is the default weight value if one is not provided.
#
# Look to the examples below for further clarification.
#
# Number of object classes.
29


class blk_file 17
           getattr     r	7
         relabelto     w	10
            unlink     w	1
             ioctl     n	1
           execute     r	0
            append     w	1
              read     r	10
           setattr     w	7
            swapon     b	0
             write     w	10
              lock     n	1
            create     w	1
            rename     w	5
           mounton     b	1
           quotaon     b	1
       relabelfrom     r	10
              link     w	1


class file 19
           setattr     w	7
            swapon     b	0
             write     w	10
              lock     n	1
            create     w	1
            rename     w	5
           mounton     b	1
           quotaon     b	1
       relabelfrom     r	10
              link     w	1
        entrypoint     r	0
           getattr     r	7
         relabelto     w	10
            unlink     w	1
  execute_no_trans     r	0
             ioctl     n	1
           execute     r	0
            append     w	1
              read     r	10


class udp_socket 22
            listen     r	1
           setattr     w	7
          shutdown     w	1
         relabelto     w	10
          recv_msg     r	10
            accept     r	1
         name_bind     n	1
            append     w	1
       relabelfrom     r	10
            create     w	1
              read     r	10
            sendto     w	10
           connect     w	1
          recvfrom     r	10
          send_msg     w	10
              bind     w	1
              lock     n	1
             ioctl     n	1
           getattr     r	7
             write     w	10
            setopt     w	1
            getopt     r	1


class socket 22
            append     w	1
       relabelfrom     r	10
            create     w	1
              read     r	10
            sendto     w	10
           connect     w	1
          recvfrom     r	10
          send_msg     w	10
              bind     w	1
              lock     n	1
             ioctl     n	1
           getattr     r	7
             write     w	10
            setopt     w	1
            getopt     r	1
            listen     r	0
           setattr     w	7
          shutdown     w	1
         relabelto     w	10
          recv_msg     r	10
            accept     r	1
         name_bind     n	1


class fifo_file 17
         relabelto     w	10
           getattr     r	7
              lock     n	1
           execute     r	0
            unlink     w	1
             ioctl     n	1
           setattr     w	7
            append     w	1
             write     w	10
            swapon     b	0
            create     w	1
              link     w	1
            rename     w	5
       relabelfrom     r	10
           mounton     b	1
           quotaon     b	1
              read     r	10


class chr_file 17
            append     w	1
            swapon     b	0
           mounton     b	1
           quotaon     b	1
            create     w	1
            rename     w	5
             ioctl     n	1
           getattr     r	7
              link     w	1
             write     w	10
           execute     r	0
         relabelto     w	10
           setattr     w	7
       relabelfrom     r	10
              read     r	10
            unlink     w	1
              lock     n	1


class netlink_socket 22
            listen     r	1
            accept     r	1
              read     r	10
           setattr     w	7
            append     w	1
              bind     w	1
              lock     n	1
          shutdown     w	1
          recv_msg     r	10
            create     w	1
            sendto     w	10
         relabelto     w	10
             ioctl     n	1
         name_bind     n	1
           connect     w	1
             write     w	10
          recvfrom     r	10
          send_msg     w	10
       relabelfrom     r	10
            setopt     w	1
           getattr     r	7
            getopt     r	1


class unix_dgram_socket 22
           connect     w	1
            getopt     r	1
            listen     r	1
         relabelto     w	10
         name_bind     n	1
            accept     r	1
          shutdown     w	1
           getattr     r	7
          recv_msg     r	10
            append     w	1
              read     r	10
            create     w	1
            sendto     w	10
             ioctl     n	1
           setattr     w	7
              bind     w	1
              lock     n	1
          recvfrom     r	10
          send_msg     w	10
             write     w	10
       relabelfrom     r	10
            setopt     w	1


class node 7
        rawip_recv     r	10
        rawip_send     w	10
          tcp_recv     r	10
          tcp_send     w	10
      enforce_dest     n	1
          udp_recv     r	10
          udp_send     w	10


class netif 6
        rawip_recv     r	10
        rawip_send     w	10
          tcp_recv     r	10
          tcp_send     w	10
          udp_recv     r	10
          udp_send     w	10


class unix_stream_socket 25
         relabelto     w	10
            append     w	1
         name_bind     n	1
           setattr     w	7
         connectto     w	1
           newconn     w	1
          recvfrom     r	10
            create     w	1
            sendto     w	10
          send_msg     w	10
              read     r	10
              bind     w	1
              lock     n	1
           connect     w	1
            setopt     w	1
        acceptfrom     r	1
            getopt     r	1
             ioctl     n	1
           getattr     r	7
          shutdown     w	1
          recv_msg     r	10
            listen     r	1
            accept     r	1
       relabelfrom     r	10
             write     w	10


class tcp_socket 25
         connectto     w	1
           newconn     w	1
          recvfrom     r	10
            create     w	1
            sendto     w	10
          send_msg     w	10
              read     r	10
              bind     w	1
              lock     n	1
           connect     w	1
            setopt     w	1
        acceptfrom     r	1
            getopt     r	1
             ioctl     n	1
           getattr     r	7
          shutdown     w	1
          recv_msg     r	10
            listen     r	1
            accept     r	1
       relabelfrom     r	10
             write     w	10
         relabelto     w	10
            append     w	1
         name_bind     n	1
           setattr     w	7


class dir 22
           mounton     b	1
            search     r	1
              link     w	1
           quotaon     b	1
            append     w	1
            swapon     b	0
             rmdir     b	1
            create     w	1
             ioctl     n	1
           getattr     r	7
       remove_name     w	1
            rename     w	5
              read     r	10
             write     w	10
       relabelfrom     r	10
           execute     r	0
         relabelto     w	10
              lock     n	1
           setattr     w	7
          reparent     w	1
          add_name     w	5
            unlink     w	1


class shm 10
           destroy     w	1
             write     w	10
              read     r	10
           getattr     r	1
        unix_write     w	3
         unix_read     r	3
              lock     w	1
         associate     n	0
           setattr     w	1
            create     w	1


class security 9
        change_sid     n	1
    transition_sid     n	1
    sid_to_context     n	1
        member_sid     n	1
     get_user_sids     n	1
        compute_av     n	1
       load_policy     n	1
          get_sids     n	1
    context_to_sid     n	1


class packet_socket 22
           setattr     w	7
              read     r	10
         relabelto     w	10
          shutdown     w	1
         name_bind     n	1
          recv_msg     r	10
            setopt     w	1
              bind     w	1
              lock     n	1
             ioctl     n	1
            getopt     r	1
           connect     w	1
       relabelfrom     r	10
            listen     r	1
             write     w	10
            accept     r	1
            append     w	1
          recvfrom     r	10
          send_msg     w	10
           getattr     r	7
            create     w	1
            sendto     w	10


class msgq 10
           enqueue     w	1
            create     w	1
           destroy     w	1
             write     w	10
              read     r	10
           getattr     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           setattr     w	1


class key     r	1
        unix_write     w	3
         unix_read     r	3
         associate     n	0
           set