# Distro-specific customizations.

# Comment out all but the one that matches your distro.
# The policy .te files can then wrap distro-specific customizations with
# appropriate ifdefs.
















































































































#
# This file describes the security contexts to be applied to files
# when the security policy is installed.  The setfiles program
# reads this file and labels files accordingly.
#
# Each specification has the form:
#       regexp [ -type ] ( context | <<none>> )
#
# By default, the regexp is an anchored match on both ends (i.e. a 
# caret (^) is prepended and a dollar sign ($) is appended automatically).
# This default may be overridden by using .* at the beginning and/or
# end of the regular expression.  
#
# The optional type field specifies the file type as shown in the mode
# field by ls, e.g. use -d to match only directories or -- to match only
# regular files.
#
# The value of <<none> may be used to indicate that matching files
# should not be relabeled.
#
# The last matching specification is used.
#
# If there are multiple hard links to a file that match
# different specifications and those specifications indicate
# different security contexts, then a warning is displayed
# but the file is still labeled based on the last matching
# specification other than <<none>>.
#
# Some of the files listed here get re-created during boot and therefore
# need type transition rules to retain the correct type. These files are
# listed here anyway so that if the setfiles program is used on a running
# system it does not relabel them to something we do not want. An example of
# this is /var/run/utmp.
#

#
# The security context for all files not otherwise specified.
#
/.*				system_u:object_r:default_t

#
# The root directory.
#
/			-d	system_u:object_r:root_t

#
# Ordinary user home directories.
#

/root/\.default_contexts	-- 	system_u:object_r:default_context_t

#
# Mount points; do not relabel subdirectories, since
# we do not want to change any removable media by default.
/mnt(/[^/]*)?		-d	system_u:object_r:mnt_t
/mnt/[^/]*/.*			<<none>>
/media(/[^/]*)?		-d	system_u:object_r:mnt_t
/media/[^/]*/.*			<<none>>

#
# /var
#
/var(/.*)?			system_u:object_r:var_t
/var/cache/man(/.*)?		system_u:object_r:man_t
/var/yp(/.*)?			system_u:object_r:var_yp_t
/var/lib(/.*)?			system_u:object_r:var_lib_t
/var/lib/nfs(/.*)?		system_u:object_r:var_lib_nfs_t
/var/lib/abl(/.*)?		system_u:object_r:var_auth_t
/var/lib/texmf(/.*)?		system_u:object_r:tetex_data_t
/var/cache/fonts(/.*)?		system_u:object_r:tetex_data_t
/var/lock(/.*)?			system_u:object_r:var_lock_t
/var/tmp		-d	system_u:object_r:tmp_t
/var/tmp/.*			<<none>>
/var/tmp/vi\.recover	-d	system_u:object_r:tmp_t
/var/lib/nfs/rpc_pipefs(/.*)?	<<none>>
/var/mailman/bin(/.*)?		system_u:object_r:bin_t
/var/mailman/pythonlib(/.*)?/.*\.so(\..*)?	-- system_u:object_r:shlib_t

#
# /var/ftp
#
/var/ftp/bin(/.*)?		system_u:object_r:bin_t
/var/ftp/bin/ls		--	system_u:object_r:ls_exec_t
/var/ftp/lib(64)?(/.*)?		system_u:object_r:lib_t
/var/ftp/lib(64)?/ld[^/]*\.so(\.[^/]*)* --	system_u:object_r:ld_so_t
/var/ftp/lib(64)?/lib[^/]*\.so(\.[^/]*)* --	system_u:object_r:shlib_t
/var/ftp/etc(/.*)?		system_u:object_r:etc_t

#
# /bin
#
/bin(/.*)?			system_u:object_r:bin_t
/bin/tcsh		--	system_u:object_r:shell_exec_t
/bin/bash		--	system_u:object_r:shell_exec_t
/bin/bash2		--	system_u:object_r:shell_exec_t
/bin/sash		--	system_u:object_r:shell_exec_t
/bin/d?ash		--	system_u:object_r:shell_exec_t
/bin/zsh.*		--	system_u:object_r:shell_exec_t
/usr/sbin/sesh		--	system_u:object_r:shell_exec_t
/bin/ls			--	system_u:object_r:ls_exec_t

#
# /boot
#
/boot(/.*)?			system_u:object_r:boot_t
/boot/System\.map(-.*)?		system_u:object_r:system_map_t

#
# /dev
#
/dev(/.*)?			system_u:object_r:device_t
/dev/pts(/.*)?		<<none>>
/dev/cpu/.*		-c	system_u:object_r:cpu_device_t
/dev/microcode	-c	system_u:object_r:cpu_device_t
/dev/MAKEDEV		--	system_u:object_r:sbin_t
/dev/null		-c	system_u:object_r:null_device_t
/dev/full		-c	system_u:object_r:null_device_t
/dev/zero		-c	system_u:object_r:zero_device_t
/dev/console		-c	system_u:object_r:console_device_t
/dev/xconsole		-p	system_u:object_r:xconsole_device_t
/dev/(kmem|mem|port)	-c	system_u:object_r:memory_device_t
/dev/nvram		-c	system_u:object_r:memory_device_t
/dev/random		-c	system_u:object_r:random_device_t
/dev/urandom		-c	system_u:object_r:urandom_device_t
/dev/adb.*		-c	system_u:object_r:tty_device_t
/dev/capi.*		-c	system_u:object_r:tty_device_t
/dev/dcbri[0-9]+	-c	system_u:object_r:tty_device_t
/dev/irlpt[0-9]+	-c	system_u:object_r:printer_device_t
/dev/ircomm[0-9]+	-c	system_u:object_r:tty_device_t
/dev/rfcomm[0-9]+	-c	system_u:object_r:tty_device_t
/dev/isdn.*		-c	system_u:object_r:tty_device_t
/dev/.*tty[^/]*	-c	system_u:object_r:tty_device_t
/dev/[pt]ty[abcdepqrstuvwxyz][0-9a-f]	-c system_u:object_r:bsdpty_device_t
/dev/cu.*		-c	system_u:object_r:tty_device_t
/dev/vcs[^/]*		-c	system_u:object_r:tty_device_t
/dev/ip2[^/]*		-c	system_u:object_r:tty_device_t
/dev/hvc.*		-c	system_u:object_r:tty_device_t
/dev/hvsi.*		-c	system_u:object_r:tty_device_t
/dev/ttySG.*		-c	system_u:object_r:tty_device_t
/dev/tty		-c	system_u:object_r:devtty_t
/dev/lp.*		-c	system_u:object_r:printer_device_t
/dev/par.*		-c	system_u:object_r:printer_device_t
/dev/usb/lp.*		-c	system_u:object_r:printer_device_t
/dev/usblp.*		-c	system_u:object_r:printer_device_t

/dev/root		-b	system_u:object_r:fixed_disk_device_t

/dev/[shmx]d[^/]*	-b	system_u:object_r:fixed_disk_device_t
/dev/dm-[0-9]+	-b	system_u:object_r:fixed_disk_device_t
/dev/sg[0-9]+		-c	system_u:object_r:scsi_generic_device_t
/dev/rd.*		-b	system_u:object_r:fixed_disk_device_t
/dev/i2o/hd[^/]*	-b	system_u:object_r:fixed_disk_device_t
/dev/ubd[^/]*		-b	system_u:object_r:fixed_disk_device_t
/dev/cciss/[^/]*	-b	system_u:object_r:fixed_disk_device_t
/dev/mapper/.*		-b	system_u:object_r:fixed_disk_device_t
/dev/ida/[^/]*	-b	system_u:object_r:fixed_disk_device_t
/dev/dasd[^/]*	-b	system_u:object_r:fixed_disk_device_t
/dev/flash[^/]*	-b	system_u:object_r:fixed_disk_device_t
/dev/nb[^/]+		-b	system_u:object_r:fixed_disk_device_t
/dev/ataraid/.*	-b	system_u:object_r:fixed_disk_device_t
/dev/loop.*		-b	system_u:object_r:fixed_disk_device_t
/dev/net/.*		-c	system_u:object_r:tun_tap_device_t
/dev/ram.*		-b	system_u:object_r:fixed_disk_device_t
/dev/rawctl		-c	system_u:object_r:fixed_disk_device_t
/dev/raw/raw[0-9]+	-c	system_u:object_r:fixed_disk_device_t
/dev/scramdisk/.*	-b	system_u:object_r:fixed_disk_device_t
/dev/initrd		-b	system_u:object_r:fixed_disk_device_t
/dev/jsfd		-b	system_u:object_r:fixed_disk_device_t
/dev/js.*		-c	system_u:object_r:mouse_device_t
/dev/jsflash		-c	system_u:object_r:fixed_disk_device_t
/dev/xvd.*		-b	system_u:object_r:fixed_disk_device_t
/dev/s(cd|r)[^/]*	-b	system_u:object_r:removable_device_t
/dev/usb/rio500	-c	system_u:object_r:removable_device_t
/dev/fd[^/]+		-b	system_u:object_r:removable_device_t
# I think a parallel port disk is a removable device...
/dev/pd[a-d][^/]*	-b	system_u:object_r:removable_device_t
/dev/p[fg][0-3]	-b	system_u:object_r:removable_device_t
/dev/aztcd		-b	system_u:object_r:removable_device_t
/dev/bpcd		-b	system_u:object_r:removable_device_t
/dev/gscd		-b	system_u:object_r:removable_device_t
/dev/hitcd		-b	system_u:object_r:removable_device_t
/dev/pcd[0-3]		-b	system_u:object_r:removable_device_t
/dev/mcdx?		-b	system_u:object_r:removable_device_t
/dev/cdu.*		-b	system_u:object_r:removable_device_t
/dev/cm20.*		-b	system_u:object_r:removable_device_t
/dev/optcd		-b	system_u:object_r:removable_device_t
/dev/sbpcd.*		-b	system_u:object_r:removable_device_t
/dev/sjcd		-b	system_u:object_r:removable_device_t
/dev/sonycd		-b	system_u:object_r:removable_device_t
# parallel port ATAPI generic device
/dev/pg[0-3]		-c	system_u:object_r:removable_device_t
/dev/rtc		-c	system_u:object_r:clock_device_t
/dev/psaux		-c	system_u:object_r:mouse_device_t
/dev/atibm		-c	system_u:object_r:mouse_device_t
/dev/logibm		-c	system_u:object_r:mouse_device_t
/dev/.*mouse.*	-c	system_u:object_r:mouse_device_t
/dev/input/.*mouse.*	-c	system_u:object_r:mouse_device_t
/dev/input/event.*	-c	system_u:object_r:event_device_t
/dev/input/mice	-c	system_u:object_r:mouse_device_t
/dev/input/js.*	-c	system_u:object_r:mouse_device_t
/dev/ptmx		-c	system_u:object_r:ptmx_t
/dev/sequencer	-c	system_u:object_r:misc_device_t
/dev/fb[0-9]*		-c	system_u:object_r:framebuf_device_t
/dev/apm_bios		-c	system_u:object_r:apm_bios_t
/dev/cpu/mtrr		-c	system_u:object_r:mtrr_device_t
/dev/pmu		-c	system_u:object_r:power_device_t
/dev/(radio|video|vbi|vtx).* -c	system_u:object_r:v4l_device_t
/dev/winradio.	-c	system_u:object_r:v4l_device_t
/dev/vttuner		-c	system_u:object_r:v4l_device_t
/dev/tlk[0-3]		-c	system_u:object_r:v4l_device_t
/dev/adsp		-c	system_u:object_r:sound_device_t
/dev/mixer.*		-c	system_u:object_r:sound_device_t
/dev/dsp.*		-c	system_u:object_r:sound_device_t
/dev/audio.*		-c	system_u:object_r:sound_device_t
/dev/r?midi.*		-c	system_u:object_r:sound_device_t
/dev/sequencer2	-c	system_u:object_r:sound_device_t
/dev/smpte.*		-c	system_u:object_r:sound_device_t
/dev/sndstat		-c	system_u:object_r:sound_device_t
/dev/beep		-c	system_u:object_r:sound_device_t
/dev/patmgr[01]	-c	system_u:object_r:sound_device_t
/dev/mpu401.*		-c	system_u:object_r:sound_device_t
/dev/srnd[0-7]	-c	system_u:object_r:sound_device_t
/dev/aload.*		-c	system_u:object_r:sound_device_t
/dev/amidi.*		-c	system_u:object_r:sound_device_t
/dev/amixer.*		-c	system_u:object_r:sound_device_t
/dev/snd/.*		-c	system_u:object_r:sound_device_t
/dev/n?[hs]t[0-9].*	-c	system_u:object_r:tape_device_t
/dev/n?(raw)?[qr]ft[0-3] -c	system_u:object_r:tape_device_t
/dev/n?z?qft[0-3]	-c	system_u:object_r:tape_device_t
/dev/n?tpqic[12].*	-c	system_u:object_r:tape_device_t
/dev/ht[0-1]		-b	system_u:object_r:tape_device_t
/dev/n?osst[0-3].*	-c	system_u:object_r:tape_device_t
/dev/n?pt[0-9]+	-c	system_u:object_r:tape_device_t
/dev/tape.*		-c	system_u:object_r:tape_device_t

/dev/usb/scanner.*	-c	system_u:object_r:scanner_device_t
/dev/usb/dc2xx.*	-c	system_u:object_r:scanner_device_t
/dev/usb/mdc800.*	-c	system_u:object_r:scanner_device_t
/dev/usb/tty.*	-c	system_u:object_r:usbtty_device_t
/dev/mmetfgrab	-c	system_u:object_r:scanner_device_t
/dev/nvidia.*		-c	system_u:object_r:xserver_misc_device_t
/dev/dri/.+		-c	system_u:object_r:dri_device_t
/dev/radeon		-c	system_u:object_r:dri_device_t
/dev/agpgart		-c	system_u:object_r:agp_device_t
/dev/z90crypt		-c	system_u:object_r:crypt_device_t

#
# Misc
#
/proc(/.*)?			<<none>>
/sys(/.*)?			<<none>>
/selinux(/.*)?			<<none>>

#
# /opt
#
/opt(/.*)?			system_u:object_r:usr_t
/opt(/.*)?/lib(64)?(/.*)?				system_u:object_r:lib_t
/opt(/.*)?/.*\.so(\.[^/]*)*	--	system_u:object_r:shlib_t
/opt(/.*)?/libexec(/.*)?	system_u:object_r:bin_t
/opt(/.*)?/bin(/.*)?		system_u:object_r:bin_t
/opt(/.*)?/sbin(/.*)?		system_u:object_r:sbin_t
/opt(/.*)?/man(/.*)?		system_u:object_r:man_t
/opt(/.*)?/var/lib(64)?(/.*)?		system_u:object_r:var_lib_t

#
# /etc
#
/etc(/.*)?			system_u:object_r:etc_t
/var/db/.*\.db		--	system_u:object_r:etc_t
/etc/\.pwd\.lock	--	system_u:object_r:shadow_t
/etc/passwd\.lock	--	system_u:object_r:shadow_t
/etc/group\.lock	--	system_u:object_r:shadow_t
/etc/shadow.*		--	system_u:object_r:shadow_t
/etc/gshadow.*		--	system_u:object_r:shadow_t
/var/db/shadow.*	--	system_u:object_r:shadow_t
/etc/blkid\.tab.*	--	system_u:object_r:etc_runtime_t
/etc/fstab\.REVOKE	--	system_u:object_r:etc_runtime_t
/etc/\.fstab\.hal\..+	--	system_u:object_r:etc_runtime_t
/etc/HOSTNAME		--	system_u:object_r:etc_runtime_t
/etc/ioctl\.save	--	system_u:object_r:etc_runtime_t
/etc/mtab		--	system_u:object_r:etc_runtime_t
/etc/motd		--	system_u:object_r:etc_runtime_t
/etc/issue		--	system_u:object_r:etc_runtime_t
/etc/issue\.net		--	system_u:object_r:etc_runtime_t
/etc/sysconfig/hwconf	--	system_u:object_r:etc_runtime_t
/etc/sysconfig/iptables\.save -- system_u:object_r:etc_runtime_t
/etc/sysconfig/firstboot --	system_u:object_r:etc_runtime_t
/etc/asound\.state	--	system_u:object_r:etc_runtime_t
/etc/ptal/ptal-printd-like -- 	system_u:object_r:etc_runtime_t

/etc/ld\.so\.cache	--	system_u:object_r:ld_so_cache_t
/etc/ld\.so\.preload	--	system_u:object_r:ld_so_cache_t
/etc/yp\.conf.*		--	system_u:object_r:net_conf_t
/etc/resolv\.conf.*	--	system_u:object_r:net_conf_t

/etc/selinux(/.*)?		system_u:object_r:selinux_config_t
/etc/selinux/([^/]*/)?policy(/.*)?	system_u:object_r:policy_config_t
/etc/selinux/([^/]*/)?src(/.*)?	system_u:object_r:policy_src_t
/etc/selinux/([^/]*/)?contexts(/.*)?	system_u:object_r:default_context_t
/etc/selinux/([^/]*/)?contexts/files(/.*)? system_u:object_r:file_context_t


#
# /lib(64)?
#
/lib(64)?(/.*)?					system_u:object_r:lib_t
/lib(64)?/.*\.so(\.[^/]*)*		--	system_u:object_r:shlib_t
/lib(64)?(/.*)?/ld-[^/]*\.so(\.[^/]*)*	--	system_u:object_r:ld_so_t

#
# /sbin
#
/sbin(/.*)?			system_u:object_r:sbin_t

#
# /tmp
#
/tmp			-d	system_u:object_r:tmp_t
/tmp/.*				<<none>>

#
# /usr
#
/usr(/.*)?			system_u:object_r:usr_t
/usr(/.*)?/lib(64)?(/.*)?	system_u:object_r:lib_t
/usr(/.*)?/lib(64)?/.*\.so(\.[^/]*)*	--	system_u:object_r:shlib_t
/usr/lib/win32/.*	--	system_u:object_r:shlib_t
/usr(/.*)?/java/.*\.so(\.[^/]*)*	--	system_u:object_r:texrel_shlib_t
/usr(/.*)?/java/.*\.jar	--	system_u:object_r:shlib_t
/usr(/.*)?/java/.*\.jsa	--	system_u:object_r:shlib_t
/usr(/.*)?/HelixPlayer/.*\.so(\.[^/]*)*	--	system_u:object_r:texrel_shlib_t
/usr(/.*)?/lib(64)?(/.*)?/ld-[^/]*\.so(\.[^/]*)* system_u:object_r:ld_so_t
/usr(/.*)?/bin(/.*)?		system_u:object_r:bin_t
/usr(/.*)?/Bin(/.*)?		system_u:object_r:bin_t
/usr(/.*)?/sbin(/.*)?		system_u:object_r:sbin_t
/usr/etc(/.*)?			system_u:object_r:etc_t
/usr/inclu.e(/.*)?		system_u:object_r:usr_t
/usr/libexec(/.*)?		system_u:object_r:bin_t
/usr/src(/.*)?			system_u:object_r:src_t
/usr/tmp		-d	system_u:object_r:tmp_t
/usr/tmp/.*			<<none>>
/usr/man(/.*)?			system_u:object_r:man_t
/usr/share/man(/.*)?		system_u:object_r:man_t
/usr/share/mc/extfs/.*	--	system_u:object_r:bin_t
/usr/share(/.*)?/lib(64)?(/.*)?	system_u:object_r:usr_t
/usr/share/ssl/certs(/.*)?	system_u:object_r:cert_t
/usr/share/ssl/private(/.*)?	system_u:object_r:cert_t

# nvidia share libraries
/usr/x11R6/lib/modules/extensions/libglx\.so(\.[^/]*)* -- system_u:object_r:texrel_shlib_t
/usr/lib(64)?/libGL(core)?/.so(\.[^/]*)* -- system_u:object_r:texrel_shlib_t
/usr(/.*)?/nvidia/.*\.so(\..*)?	-- system_u:object_r:texrel_shlib_t
/usr/lib(64)?(/.*)?/libnvidia.*\.so(\.[^/]*)*	--	system_u:object_r:texrel_shlib_t
/usr/X11R6/lib/libXvMCNVIDIA\.so.* 	-- system_u:object_r:texrel_shlib_t

# libGL
/usr/X11R6/lib/libGL\.so.* 	-- system_u:object_r:texrel_shlib_t




#
# /usr/lib(64)?
#
/usr/lib(64)?/perl5/man(/.*)?	system_u:object_r:man_t
/usr/lib(64)?/selinux(/.*)?		system_u:object_r:policy_src_t
/usr/lib(64)?/emacsen-common/.*	system_u:object_r:bin_t

#
# /usr/local
#
/usr/local/etc(/.*)?		system_u:object_r:etc_t
/usr/local/src(/.*)?		system_u:object_r:src_t
/usr/local/man(/.*)?		system_u:object_r:man_t
/usr/local/.*\.so(\.[^/]*)*	--	system_u:object_r:shlib_t
/usr/(local/)?lib/wine/.*\.so   --	system_u:object_r:texrel_shlib_t
/usr/(local/)?lib/libfame-.*\.so.*    --	system_u:object_r:texrel_shlib_t


#
# /usr/X11R6/man
#
/usr/X11R6/man(/.*)?		system_u:object_r:man_t

#
# Fonts dir
#
/usr/X11R6/lib/X11/fonts(/.*)?		system_u:object_r:fonts_t

/usr/share/fonts(/.*)?			system_u:object_r:fonts_t
/usr/share/ghostscript/fonts(/.*)?	system_u:object_r:fonts_t
/usr/local/share/fonts(/.*)?		system_u:object_r:fonts_t

#
# /var/run
#
/var/run(/.*)?			system_u:object_r:var_run_t
/var/run/.*\.*pid		<<none>>

#
# /var/spool
#
/var/spool(/.*)?		system_u:object_r:var_spool_t
/var/spool/texmf(/.*)?		system_u:object_r:tetex_data_t
/var/spool/(client)?mqueue(/.*)?	system_u:object_r:mqueue_spool_t

# 
# /var/log
#
/var/log(/.*)?			system_u:object_r:var_log_t
/var/log/wtmp.*		--	system_u:object_r:wtmp_t
/var/log/btmp.*		--	system_u:object_r:faillog_t
/var/log/faillog	--	system_u:object_r:faillog_t
/var/log/ksyms.*	--	system_u:object_r:var_log_ksyms_t
/var/log/dmesg		--	system_u:object_r:var_log_t
/var/log/lastlog	--	system_u:object_r:lastlog_t
/var/log/ksymoops(/.*)?		system_u:object_r:var_log_ksyms_t
/var/log/syslog		--	system_u:object_r:var_log_t

#
# Journal files
#
/\.journal			<<none>>
/usr/\.journal			<<none>>
/boot/\.journal			<<none>>
/var/\.journal			<<none>>
/tmp/\.journal			<<none>>
/usr/local/\.journal		<<none>>

#
# Lost and found directories.
#
/lost\+found		-d	system_u:object_r:lost_found_t
/lost\+found/.*			<<none>>
/usr/lost\+found	-d	system_u:object_r:lost_found_t
/usr/lost\+found/.*		<<none>>
/boot/lost\+found	-d	system_u:object_r:lost_found_t
/boot/lost\+found/.*		<<none>>
/var/lost\+found	-d	system_u:object_r:lost_found_t
/var/lost\+found/.*		<<none>>
/tmp/lost\+found	-d	system_u:object_r:lost_found_t
/tmp/lost\+found/.*		<<none>>
/var/tmp/lost\+found	-d	system_u:object_r:lost_found_t
/var/tmp/lost\+found/.*		<<none>>
/usr/local/lost\+found	-d	system_u:object_r:lost_found_t
/usr/local/lost\+found/.*	<<none>>

#
# system localization
#
/usr/share/zoneinfo(/.*)?	system_u:object_r:locale_t
/usr/share/locale(/.*)?		system_u:object_r:locale_t
/usr/lib/locale(/.*)?		system_u:object_r:locale_t
/etc/localtime		--	system_u:object_r:locale_t
/etc/localtime		-l	system_u:object_r:etc_t
/etc/pki(/.*)?				system_u:object_r:cert_t

#
# Gnu Cash
#
/usr/share/gnucash/finance-quote-check -- system_u:object_r:bin_t
/usr/share/gnucash/finance-quote-helper -- system_u:object_r:bin_t

#
# Turboprint
#
/usr/share/turboprint/lib(/.*)? 	--     system_u:object_r:bin_t
/usr/share/hwdata(/.*)? 	        system_u:object_r:hwdata_t

#
# initrd mount point, only used during boot
#
/initrd			-d	system_u:object_r:root_t

#
#  The krb5.conf file is always being tested for writability, so
#  we defined a type to dontaudit
#
/etc/krb5\.conf		--	system_u:object_r:krb5_conf_t

#
# Thunderbird
#
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird --      system_u:object_r:bin_t
/usr/lib(64)?/[^/]*thunderbird[^/]*/thunderbird-bin -- system_u:object_r:bin_t
/usr/lib(64)?/[^/]*thunderbird[^/]*/open-browser\.sh -- system_u:object_r:bin_t
/usr/lib(64)?/[^/]*/run-mozilla\.sh -- system_u:object_r:bin_t
/usr/lib(64)?/[^/]*/mozilla-xremote-client -- system_u:object_r:bin_t

#
# /srv
#
/srv(/.*)?			system_u:object_r:var_t

/etc/sysconfig/network-scripts/ifup-.* 		-- system_u:object_r:bin_t
/etc/sysconfig/network-scripts/ifdown-.* 	-- system_u:object_r:bin_t
# NetworkManager 
/usr/bin/NetworkManager	--	system_u:object_r:NetworkManager_exec_t
# berkeley process accounting
/sbin/accton	--	system_u:object_r:acct_exec_t
/usr/sbin/accton	--	system_u:object_r:acct_exec_t
/var/account(/.*)?		system_u:object_r:acct_data_t
/etc/cron\.(daily|monthly)/acct -- system_u:object_r:acct_exec_t
#
# Author:  Carsten Grohmann <carstengrohmann@gmx.de>
#

# amanda
/etc/amanda(/.*)?			system_u:object_r:amanda_config_t
/etc/amanda/.*/tapelist(/.*)?		system_u:object_r:amanda_data_t
/etc/amandates				system_u:object_r:amanda_amandates_t
/etc/dumpdates				system_u:object_r:amanda_dumpdates_t
/root/restore			-d	system_u:object_r:amanda_recover_dir_t
/tmp/amanda(/.*)?			system_u:object_r:amanda_tmp_t
/usr/lib(64)?/amanda			-d	system_u:object_r:amanda_usr_lib_t
/usr/lib(64)?/amanda/amandad		--	system_u:object_r:amanda_inetd_exec_t
/usr/lib(64)?/amanda/amcat\.awk	--	system_u:object_r:amanda_script_exec_t
/usr/lib(64)?/amanda/amcleanupdisk	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/amidxtaped	--	system_u:object_r:amanda_inetd_exec_t
/usr/lib(64)?/amanda/amindexd	--	system_u:object_r:amanda_inetd_exec_t
/usr/lib(64)?/amanda/amlogroll	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/amplot\.awk	--	system_u:object_r:amanda_script_exec_t
/usr/lib(64)?/amanda/amplot\.g	--	system_u:object_r:amanda_script_exec_t
/usr/lib(64)?/amanda/amplot\.gp	--	system_u:object_r:amanda_script_exec_t
/usr/lib(64)?/amanda/amtrmidx	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/amtrmlog	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/calcsize	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-chio	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-chs		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-manual	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-mtx		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-multi	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-rth		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-scsi	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/chg-zd-mtx	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/driver		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/dumper		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/killpgrp	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/patch-system	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/planner		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/rundump		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/runtar		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/selfcheck	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/sendbackup	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/sendsize	--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/taper		--	system_u:object_r:amanda_exec_t
/usr/lib(64)?/amanda/versionsuffix	--	system_u:object_r:amanda_exec_t
/usr/sbin/amadmin		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amcheck		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amcheckdb		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amcleanup		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amdump		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amflush		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amgetconf		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amlabel		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amoverview		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amplot		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amrecover		--	system_u:object_r:amanda_recover_exec_t
/usr/sbin/amreport		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amrestore		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amrmtape		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amstatus		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amtape		--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amtoc			--	system_u:object_r:amanda_user_exec_t
/usr/sbin/amverify		--	system_u:object_r:amanda_user_exec_t
/var/lib/amanda			-d	system_u:object_r:amanda_var_lib_t
/var/lib/amanda/\.amandahosts	--	system_u:object_r:amanda_config_t
/var/lib/amanda/\.bashrc	--	system_u:object_r:amanda_shellconfig_t
/var/lib/amanda/\.profile	--	system_u:object_r:amanda_shellconfig_t
/var/lib/amanda/disklist	--	system_u:object_r:amanda_data_t
/var/lib/amanda/gnutar-lists(/.*)?	system_u:object_r:amanda_gnutarlists_t
/var/lib/amanda/index			system_u:object_r:amanda_data_t
/var/log/amanda(/.*)?			system_u:object_r:amanda_log_t
#
# Anaconda file context
# currently anaconda does not have any file context since it is started during install
# This is a placeholder to stop makefile from complaining
#
# apache
/var/www(/.*)?			system_u:object_r:httpd_sys_content_t
/srv/([^/]*/)?www(/.*)?		system_u:object_r:httpd_sys_content_t
/var/www/cgi-bin(/.*)?		system_u:object_r:httpd_sys_script_exec_t
/usr/lib/cgi-bin(/.*)?		system_u:object_r:httpd_sys_script_exec_t
/var/www/perl(/.*)?		system_u:object_r:httpd_sys_script_exec_t
/var/www/icons(/.*)?		system_u:object_r:httpd_sys_content_t
/var/cache/httpd(/.*)?		system_u:object_r:httpd_cache_t
/var/cache/php-eaccelerator(/.*)? system_u:object_r:httpd_cache_t
/var/cache/php-mmcache(/.*)?	system_u:object_r:httpd_cache_t
/var/cache/mason(/.*)?	system_u:object_r:httpd_cache_t
/var/cache/rt3(/.*)?	system_u:object_r:httpd_cache_t
/etc/httpd		-d	system_u:object_r:httpd_config_t
/etc/httpd/conf.*		system_u:object_r:httpd_config_t
/etc/httpd/logs			system_u:object_r:httpd_log_t
/etc/httpd/modules		system_u:object_r:httpd_modules_t
/etc/apache(2)?(/.*)?		system_u:object_r:httpd_config_t
/etc/vhosts		--	system_u:object_r:httpd_config_t
/usr/lib(64)?/apache(/.*)?		system_u:object_r:httpd_modules_t
/usr/lib(64)?/apache2/modules(/.*)?	system_u:object_r:httpd_modules_t
/usr/lib(64)?/httpd(/.*)?		system_u:object_r:httpd_modules_t
/usr/sbin/httpd(\.worker)?	--	system_u:object_r:httpd_exec_t
/usr/sbin/apache(2)?	--	system_u:object_r:httpd_exec_t
/usr/sbin/suexec	--	system_u:object_r:httpd_suexec_exec_t
/usr/lib(64)?/cgi-bin/(nph-)?cgiwrap(d)? -- system_u:object_r:httpd_suexec_exec_t
/usr/lib(64)?/apache(2)?/suexec(2)? -- system_u:object_r:httpd_suexec_exec_t
/var/log/httpd(/.*)?		system_u:object_r:httpd_log_t
/var/log/apache(2)?(/.*)?	system_u:object_r:httpd_log_t
/var/log/cgiwrap\.log.*	--	system_u:object_r:httpd_log_t
/var/cache/ssl.*\.sem	--	system_u:object_r:httpd_cache_t
/var/cache/mod_ssl(/.*)?	system_u:object_r:httpd_cache_t
/var/run/apache.*		system_u:object_r:httpd_var_run_t
/var/lib/httpd(/.*)?		system_u:object_r:httpd_var_lib_t
/var/lib/dav(/.*)?		system_u:object_r:httpd_var_lib_t
/var/lib/php/session(/.*)?	system_u:object_r:httpd_var_run_t
/etc/apache-ssl(2)?(/.*)?	system_u:object_r:httpd_config_t
/usr/lib/apache-ssl/.+	 --	system_u:object_r:httpd_exec_t
/usr/sbin/apache-ssl(2)? --	system_u:object_r:httpd_exec_t
/var/log/apache-ssl(2)?(/.*)?	system_u:object_r:httpd_log_t
/var/run/gcache_port	-s	system_u:object_r:httpd_var_run_t


/var/lib/squirrelmail/prefs(/.*)?	system_u:object_r:httpd_squirrelmail_t
/var/spool/squirrelmail(/.*)?	system_u:object_r:squirrelmail_spool_t
/usr/bin/htsslpass --	system_u:object_r:httpd_helper_exec_t
/usr/share/htdig(/.*)?		system_u:object_r:httpd_sys_content_t
/var/lib/htdig(/.*)?		system_u:object_r:httpd_sys_content_t
/etc/htdig(/.*)?		system_u:object_r:httpd_sys_content_t
/var/spool/gosa(/.*)?		system_u:object_r:httpd_sys_script_rw_t

/usr/sbin/apachectl		-- 	system_u:object_r:initrc_exec_t

# apmd
/usr/sbin/apmd		--	system_u:object_r:apmd_exec_t
/usr/sbin/acpid		--	system_u:object_r:apmd_exec_t
/usr/sbin/powersaved	--	system_u:object_r:apmd_exec_t
/usr/bin/apm		--	system_u:object_r:apm_exec_t
/var/run/apmd\.pid	--	system_u:object_r:apmd_var_run_t
/var/run/\.?acpid\.socket	-s	system_u:object_r:apmd_var_run_t
/var/run/powersaved\.pid	--	system_u:object_r:apmd_var_run_t
/var/run/powersave_socket	-s	system_u:object_r:apmd_var_run_t
/var/log/acpid		--	system_u:object_r:apmd_log_t


# arpwatch - keep track of ethernet/ip address pairings
/usr/sbin/arpwatch	--	system_u:object_r:arpwatch_exec_t
/var/arpwatch(/.*)?		system_u:object_r:arpwatch_data_t
/var/lib/arpwatch(/.*)?		system_u:object_r:arpwatch_data_t
# auditd
/sbin/auditctl		--	system_u:object_r:auditctl_exec_t
/sbin/auditd		--	system_u:object_r:auditd_exec_t
/var/log/audit.log 	-- 	system_u:object_r:auditd_log_t
/var/log/audit(/.*)?  	 	system_u:object_r:auditd_log_t
/etc/auditd.conf	--	system_u:object_r:auditd_etc_t
/etc/audit.rules	--	system_u:object_r:auditd_etc_t

# bluetooth
/etc/bluetooth(/.*)?		system_u:object_r:bluetooth_conf_t
/etc/bluetooth/link_key		system_u:object_r:bluetooth_conf_rw_t
/usr/bin/rfcomm		--	system_u:object_r:bluetooth_exec_t
/usr/sbin/hcid		--	system_u:object_r:bluetooth_exec_t
/usr/sbin/sdpd		--	system_u:object_r:bluetooth_exec_t
/usr/sbin/hciattach	--	system_u:object_r:bluetooth_exec_t
/var/run/sdp		-s	system_u:object_r:bluetooth_var_run_t
/usr/sbin/hid2hci	--	system_u:object_r:bluetooth_exec_t
/usr/bin/blue.*pin	--	system_u:object_r:bluetooth_helper_exec_t
/var/lib/bluetooth(/.*)?	system_u:object_r:bluetooth_var_lib_t
# canna.fc
/usr/sbin/cannaserver	--	system_u:object_r:canna_exec_t
/usr/sbin/jserver	--	system_u:object_r:canna_exec_t
/usr/bin/cannaping	--	system_u:object_r:canna_exec_t
/usr/bin/catdic		--	system_u:object_r:canna_exec_t
/var/log/canna(/.*)?		system_u:object_r:canna_log_t
/var/log/wnn(/.*)?		system_u:object_r:canna_log_t
/var/lib/canna/dic(/.*)?	system_u:object_r:canna_var_lib_t
/var/lib/wnn/dic(/.*)?	system_u:object_r:canna_var_lib_t
/var/run/\.iroha_unix	-d	system_u:object_r:canna_var_run_t
/var/run/\.iroha_unix/.* -s	system_u:object_r:canna_var_run_t
/var/run/wnn-unix(/.*)		system_u:object_r:canna_var_run_t
# cardmgr
/sbin/cardmgr		--	system_u:object_r:cardmgr_exec_t
/sbin/cardctl		--	system_u:object_r:cardctl_exec_t
/var/run/stab		--	system_u:object_r:cardmgr_var_run_t
/var/run/cardmgr\.pid	--	system_u:object_r:cardmgr_var_run_t
/etc/apm/event\.d/pcmcia --	system_u:object_r:cardmgr_exec_t
/var/lib/pcmcia(/.*)?		system_u:object_r:cardmgr_var_run_t
# checkpolicy
/usr/bin/checkpolicy		--	system_u:object_r:checkpolicy_exec_t
# chkpwd
/sbin/unix_chkpwd	--	system_u:object_r:chkpwd_exec_t
/sbin/unix_verify	--	system_u:object_r:chkpwd_exec_t




# mount
/bin/mount.*			--	system_u:object_r:mount_exec_t
/bin/umount.*			--	system_u:object_r:mount_exec_t


# loadkeys
/bin/unikeys		--	system_u:object_r:loadkeys_exec_t
/bin/loadkeys		--	system_u:object_r:loadkeys_exec_t


# dmesg
/bin/dmesg	--	system_u:object_r:dmesg_exec_t



/sbin/lvm.static	--	system_u:object_r:lvm_exec_t


# biff server
/usr/sbin/in\.comsat	--	system_u:object_r:comsat_exec_t
# consoletype
/sbin/consoletype	--	system_u:object_r:consoletype_exec_t
# cpucontrol
/sbin/microcode_ctl	--	system_u:object_r:cpucontrol_exec_t
/etc/firmware/.*	--	system_u:object_r:cpucontrol_conf_t
# cpuspeed
/usr/sbin/cpuspeed	--	system_u:object_r:cpuspeed_exec_t
/usr/sbin/powernowd	--	system_u:object_r:cpuspeed_exec_t
# crond
/etc/crontab		--	system_u:object_r:system_cron_spool_t
/etc/cron\.d(/.*)?		system_u:object_r:system_cron_spool_t
/usr/sbin/cron(d)?	--	system_u:object_r:crond_exec_t
/usr/sbin/anacron	--	system_u:object_r:anacron_exec_t
/var/spool/cron		-d	system_u:object_r:cron_spool_t
/var/spool/cron/crontabs -d	system_u:object_r:cron_spool_t
/var/spool/cron/crontabs/.* -- <<none>>
/var/spool/cron/crontabs/root -- system_u:object_r:sysadm_cron_spool_t
/var/spool/cron/root	--	system_u:object_r:sysadm_cron_spool_t
/var/spool/cron/[^/]*	--	<<none>>
/var/run/crond\.reboot	--	system_u:object_r:crond_var_run_t
/var/run/crond?\.pid	--	system_u:object_r:crond_var_run_t
# fcron
/usr/sbin/fcron		--	system_u:object_r:crond_exec_t
/var/spool/fcron	-d	system_u:object_r:cron_spool_t
/var/spool/fcron/.*		<<none>>
/var/spool/fcron/systab\.orig --	system_u:object_r:system_cron_spool_t
/var/spool/fcron/systab	 --	system_u:object_r:system_cron_spool_t
/var/spool/fcron/new\.systab --	system_u:object_r:system_cron_spool_t
/var/run/fcron\.fifo	-s	system_u:object_r:crond_var_run_t
/var/run/fcron\.pid	--	system_u:object_r:crond_var_run_t
# atd
/usr/sbin/atd		--	system_u:object_r:crond_exec_t
/var/spool/at		-d	system_u:object_r:cron_spool_t
/var/spool/at/spool	-d	system_u:object_r:cron_spool_t
/var/spool/at/[^/]*	--	<<none>>
/var/run/atd\.pid	--	system_u:object_r:crond_var_run_t

# cups printing
/etc/cups(/.*)?			system_u:object_r:cupsd_etc_t
/usr/share/cups(/.*)?		system_u:object_r:cupsd_etc_t
/etc/alchemist/namespace/printconf(/.*)? system_u:object_r:cupsd_rw_etc_t
/var/cache/alchemist/printconf.* system_u:object_r:cupsd_rw_etc_t
/etc/cups/client\.conf	--	system_u:object_r:etc_t
/etc/cups/cupsd\.conf.* --	system_u:object_r:cupsd_rw_etc_t
/etc/cups/classes\.conf.* --	system_u:object_r:cupsd_rw_etc_t
/etc/cups/lpoptions	--	system_u:object_r:cupsd_rw_etc_t
/etc/cups/printers\.conf.* --	system_u:object_r:cupsd_rw_etc_t
/etc/cups/ppd/.*	--	system_u:object_r:cupsd_rw_etc_t
/etc/cups/certs		-d	system_u:object_r:cupsd_rw_etc_t
/etc/cups/certs/.*	--	system_u:object_r:cupsd_rw_etc_t
/var/lib/cups/certs	-d	system_u:object_r:cupsd_rw_etc_t
/var/lib/cups/certs/.*	--	system_u:object_r:cupsd_rw_etc_t
/etc/cups/ppds\.dat	--	system_u:object_r:cupsd_rw_etc_t
/etc/cups/lpoptions.* 	--	system_u:object_r:cupsd_rw_etc_t
/etc/printcap.* 	--	system_u:object_r:cupsd_rw_etc_t
/usr/lib(64)?/cups/backend/.* --	system_u:object_r:cupsd_exec_t
/usr/lib(64)?/cups/daemon/.*	 --	system_u:object_r:cupsd_exec_t
/usr/lib(64)?/cups/daemon/cups-lpd --	system_u:object_r:cupsd_lpd_exec_t
/usr/sbin/cupsd		--	system_u:object_r:cupsd_exec_t

# cupsd_config depends on hald
/usr/bin/cups-config-daemon --	system_u:object_r:cupsd_config_exec_t
/usr/sbin/hal_lpadmin --	system_u:object_r:cupsd_config_exec_t
/usr/sbin/printconf-backend --	system_u:object_r:cupsd_config_exec_t

/var/log/cups(/.*)?		system_u:object_r:cupsd_log_t
/var/log/turboprint_cups\.log.* -- system_u:object_r:cupsd_log_t
/var/spool/cups(/.*)?		system_u:object_r:print_spool_t
/var/run/cups/printcap	--	system_u:object_r:cupsd_var_run_t
/usr/lib(64)?/cups/filter/.*	--	system_u:object_r:bin_t
/usr/lib(64)?/cups/cgi-bin/.* --	system_u:object_r:bin_t
/usr/sbin/ptal-printd	--	system_u:object_r:ptal_exec_t
/usr/sbin/ptal-mlcd	--	system_u:object_r:ptal_exec_t
/usr/sbin/ptal-photod	--	system_u:object_r:ptal_exec_t
/var/run/ptal-printd(/.*)?	system_u:object_r:ptal_var_run_t
/var/run/ptal-mlcd(/.*)?	system_u:object_r:ptal_var_run_t
/etc/hp(/.*)?			system_u:object_r:hplip_etc_t
/usr/sbin/hpiod		--	system_u:object_r:hplip_exec_t
/usr/share/hplip/hpssd.py	--	system_u:object_r:hplip_exec_t
/usr/share/foomatic/db/oldprinterids 	--	system_u:object_r:cupsd_rw_etc_t
/var/cache/foomatic(/.*)? 	--	system_u:object_r:cupsd_rw_etc_t
/var/run/hp.*\.pid		--	system_u:object_r:hplip_var_run_t
/var/run/hp.*\.port		--	system_u:object_r:hplip_var_run_t
# cvs program
/usr/bin/cvs	--	system_u:object_r:cvs_exec_t
# cyrus
/var/lib/imap(/.*)?				system_u:object_r:cyrus_var_lib_t
/usr/lib(64)?/cyrus-imapd/.*		 	--	system_u:object_r:bin_t
/usr/lib(64)?/cyrus-imapd/cyrus-master 		--	system_u:object_r:cyrus_exec_t	
/var/spool/imap(/.*)?		system_u:object_r:mail_spool_t
# A dictionary server for the SKK Japanese input method system.
/usr/sbin/dbskkd-cdb	--	system_u:object_r:dbskkd_exec_t
/usr/bin/dbus-daemon(-1)?	--	system_u:object_r:system_dbusd_exec_t
/etc/dbus-1(/.*)?		system_u:object_r:etc_dbusd_t
/var/run/dbus(/.*)?		system_u:object_r:system_dbusd_var_run_t
# dhcpcd 
/etc/dhcpc.*			system_u:object_r:dhcp_etc_t
/etc/dhcp3?/dhclient.*		system_u:object_r:dhcp_etc_t
/etc/dhclient.*conf	--	system_u:object_r:dhcp_etc_t
/etc/dhclient-script	--	system_u:object_r:dhcp_etc_t
/sbin/dhcpcd		--	system_u:object_r:dhcpc_exec_t
/sbin/dhcdbd		--	system_u:object_r:dhcpc_exec_t
/sbin/dhclient.*	--	system_u:object_r:dhcpc_exec_t
/var/lib/dhcp(3)?/dhclient.*	system_u:object_r:dhcpc_state_t
/var/lib/dhcpcd(/.*)?		system_u:object_r:dhcpc_state_t
/var/lib/dhclient(/.*)?		system_u:object_r:dhcpc_state_t
/var/run/dhclient.*\.pid --	system_u:object_r:dhcpc_var_run_t
/var/run/dhclient.*\.leases --	system_u:object_r:dhcpc_var_run_t
# pump
/sbin/pump		--	system_u:object_r:dhcpc_exec_t

/var/lib/dhcp(3)?	-d	system_u:object_r:dhcp_state_t


# dhcpd
/etc/dhcpd\.conf	--	system_u:object_r:dhcp_etc_t
/etc/dhcp3(/.*)?		system_u:object_r:dhcp_etc_t
/usr/sbin/dhcpd.*	--	system_u:object_r:dhcpd_exec_t
/var/lib/dhcp([3d])?/dhcpd\.leases.* -- system_u:object_r:dhcpd_state_t
/var/run/dhcpd\.pid	--	system_u:object_r:dhcpd_var_run_t




# dictd
/etc/dictd\.conf		--	system_u:object_r:dictd_etc_t
/usr/sbin/dictd		--	system_u:object_r:dictd_exec_t
/var/lib/dictd(/.*)?		system_u:object_r:dictd_var_lib_t
# dmidecode 
/usr/sbin/dmidecode	--	   	system_u:object_r:dmidecode_exec_t
/usr/sbin/ownership	--		system_u:object_r:dmidecode_exec_t
/usr/sbin/vpddecode	--		system_u:object_r:dmidecode_exec_t
# for Dovecot POP and IMAP server
/etc/dovecot.conf.*			system_u:object_r:dovecot_etc_t
/etc/dovecot.passwd.*			system_u:object_r:dovecot_passwd_t
/usr/sbin/dovecot		--	system_u:object_r:dovecot_exec_t

/usr/libexec/dovecot/dovecot-auth --	system_u:object_r:dovecot_auth_exec_t


/usr/share/ssl/certs/dovecot\.pem --	system_u:object_r:dovecot_cert_t
/usr/share/ssl/private/dovecot\.pem --	system_u:object_r:dovecot_cert_t
/etc/pki/dovecot(/.*)?			system_u:object_r:dovecot_cert_t
/var/run/dovecot(-login)?(/.*)?		system_u:object_r:dovecot_var_run_t
/usr/lib(64)?/dovecot/.+	--		system_u:object_r:bin_t
/var/spool/dovecot(/.*)?		system_u:object_r:dovecot_spool_t
# fingerd
/usr/sbin/in\.fingerd	--	system_u:object_r:fingerd_exec_t
/usr/sbin/[cef]fingerd	--	system_u:object_r:fingerd_exec_t
/etc/cron\.weekly/(c)?fingerd -- system_u:object_r:fingerd_exec_t
/etc/cfingerd(/.*)?		system_u:object_r:fingerd_etc_t
/var/log/cfingerd\.log.* --	system_u:object_r:fingerd_log_t
# firstboot
/usr/sbin/firstboot	-- system_u:object_r:firstboot_exec_t
/usr/share/firstboot	system_u:object_r:firstboot_rw_t
/usr/share/firstboot/firstboot\.py --	system_u:object_r:firstboot_exec_t
# fs admin utilities
/sbin/fsck.*		--	system_u:object_r:fsadm_exec_t
/sbin/mkfs.*		--	system_u:object_r:fsadm_exec_t
/sbin/mkfs\.cramfs	--	system_u:object_r:sbin_t
/sbin/e2fsck		--	system_u:object_r:fsadm_exec_t
/sbin/mkdosfs		--	system_u:object_r:fsadm_exec_t
/sbin/dosfsck		--	system_u:object_r:fsadm_exec_t
/sbin/reiserfs(ck|tune)	--	system_u:object_r:fsadm_exec_t
/sbin/mkreiserfs	--	system_u:object_r:fsadm_exec_t
/sbin/resize.*fs	--	system_u:object_r:fsadm_exec_t
/sbin/e2label		--	system_u:object_r:fsadm_exec_t
/sbin/findfs		--	system_u:object_r:fsadm_exec_t
/sbin/mkfs		--	system_u:object_r:fsadm_exec_t
/sbin/mke2fs		--	system_u:object_r:fsadm_exec_t
/sbin/mkswap		--	system_u:object_r:fsadm_exec_t
/sbin/scsi_info		--	system_u:object_r:fsadm_exec_t
/sbin/sfdisk		--	system_u:object_r:fsadm_exec_t
/sbin/cfdisk		--	system_u:object_r:fsadm_exec_t
/sbin/fdisk		--	system_u:object_r:fsadm_exec_t
/sbin/parted		--	system_u:object_r:fsadm_exec_t
/sbin/tune2fs		--	system_u:object_r:fsadm_exec_t
/sbin/dumpe2fs		--	system_u:object_r:fsadm_exec_t
/sbin/dump		--	system_u:object_r:fsadm_exec_t
/sbin/swapon.*		--	system_u:object_r:fsadm_exec_t
/sbin/hdparm		--	system_u:object_r:fsadm_exec_t
/sbin/raidstart		--	system_u:object_r:fsadm_exec_t
/sbin/raidautorun	--	system_u:object_r:fsadm_exec_t
/sbin/mkraid		--	system_u:object_r:fsadm_exec_t
/sbin/blockdev		--	system_u:object_r:fsadm_exec_t
/sbin/losetup.*		--	system_u:object_r:fsadm_exec_t
/sbin/jfs_.*		--	system_u:object_r:fsadm_exec_t
/sbin/lsraid		--	system_u:object_r:fsadm_exec_t
/usr/sbin/smartctl	--	system_u:object_r:fsadm_exec_t
/sbin/install-mbr	--	system_u:object_r:fsadm_exec_t
/usr/bin/scsi_unique_id	--	system_u:object_r:fsadm_exec_t
/usr/bin/raw		--	system_u:object_r:fsadm_exec_t
/sbin/partx		--	system_u:object_r:fsadm_exec_t
/usr/bin/partition_uuid	--	system_u:object_r:fsadm_exec_t
/sbin/partprobe		--	system_u:object_r:fsadm_exec_t
/usr/bin/syslinux	--	system_u:object_r:fsadm_exec_t
# ftpd
/usr/sbin/in\.ftpd	--	system_u:object_r:ftpd_exec_t
/usr/sbin/proftpd	--	system_u:object_r:ftpd_exec_t
/usr/sbin/muddleftpd	--	system_u:object_r:ftpd_exec_t
/usr/sbin/ftpwho	--	system_u:object_r:ftpd_exec_t
/usr/kerberos/sbin/ftpd	--	system_u:object_r:ftpd_exec_t
/usr/sbin/vsftpd	--	system_u:object_r:ftpd_exec_t
/etc/proftpd\.conf	--	system_u:object_r:ftpd_etc_t
/var/run/proftpd/proftpd-inetd -- system_u:object_r:ftpd_var_run_t
/var/run/proftpd/proftpd\.scoreboard -- system_u:object_r:ftpd_var_run_t
/var/log/muddleftpd\.log.* --	system_u:object_r:xferlog_t
/var/log/xferlog.*	--	system_u:object_r:xferlog_t
/var/log/vsftpd.*	--	system_u:object_r:xferlog_t
/var/log/xferreport.*	--	system_u:object_r:xferlog_t
/etc/cron\.monthly/proftpd --	system_u:object_r:ftpd_exec_t
/var/ftp(/.*)?			system_u:object_r:public_content_t
/srv/([^/]*/)?ftp(/.*)?		system_u:object_r:public_content_t
# getty
/sbin/.*getty		--	system_u:object_r:getty_exec_t
/etc/mgetty(/.*)?		system_u:object_r:getty_etc_t
/var/run/mgetty\.pid.*	--	system_u:object_r:getty_var_run_t
/var/log/mgetty\.log.*	--	system_u:object_r:getty_log_t
# hald - hardware information daemon
/usr/sbin/hald		--	system_u:object_r:hald_exec_t
/usr/libexec/hal-hotplug-map -- system_u:object_r:hald_exec_t
/etc/hal/device\.d/printer_remove\.hal -- system_u:object_r:hald_exec_t
/etc/hal/capability\.d/printer_update\.hal -- system_u:object_r:hald_exec_t
/usr/share/hal/device-manager/hal-device-manager -- system_u:object_r:bin_t
/bin/hostname		--	system_u:object_r:hostname_exec_t
# hotplug
/etc/hotplug(/.*)?		system_u:object_r:hotplug_etc_t
/sbin/hotplug		--	system_u:object_r:hotplug_exec_t
/sbin/netplugd		--	system_u:object_r:hotplug_exec_t
/etc/hotplug\.d/.*	--	system_u:object_r:hotplug_exec_t
/etc/hotplug\.d/default/default.* system_u:object_r:sbin_t
/etc/netplug\.d(/.*)? 	 	system_u:object_r:sbin_t
/etc/hotplug/.*agent	--	system_u:object_r:sbin_t
/etc/hotplug/.*rc	-- 	system_u:object_r:sbin_t
/etc/hotplug/hotplug\.functions --	system_u:object_r:sbin_t
/var/run/usb(/.*)?		system_u:object_r:hotplug_var_run_t
/var/run/hotplug(/.*)?		system_u:object_r:hotplug_var_run_t
/etc/hotplug/firmware.agent	--	system_u:object_r:hotplug_exec_t
/usr/bin/nifd	--	system_u:object_r:howl_exec_t
/usr/bin/mDNSResponder	--	system_u:object_r:howl_exec_t
/var/run/nifd\.pid --	system_u:object_r:howl_var_run_t
# hwclock
/sbin/hwclock		--	system_u:object_r:hwclock_exec_t
/etc/adjtime		--	system_u:object_r:adjtime_t
# ifconfig
/sbin/ifconfig		--	system_u:object_r:ifconfig_exec_t
/sbin/iwconfig		--	system_u:object_r:ifconfig_exec_t
/sbin/ip		--	system_u:object_r:ifconfig_exec_t
/sbin/tc		--	system_u:object_r:ifconfig_exec_t
/usr/sbin/tc		--	system_u:object_r:ifconfig_exec_t
/bin/ip			--	system_u:object_r:ifconfig_exec_t
/sbin/ethtool		--	system_u:object_r:ifconfig_exec_t
/sbin/mii-tool		--	system_u:object_r:ifconfig_exec_t
/sbin/ipx_interface	--	system_u:object_r:ifconfig_exec_t
/sbin/ipx_configure	--	system_u:object_r:ifconfig_exec_t
/sbin/ipx_internal_net	--	system_u:object_r:ifconfig_exec_t
# inetd
/usr/sbin/inetd		--	system_u:object_r:inetd_exec_t
/usr/sbin/xinetd	--	system_u:object_r:inetd_exec_t
/usr/sbin/rlinetd	--	system_u:object_r:inetd_exec_t
/usr/sbin/identd	--	system_u:object_r:inetd_child_exec_t
/usr/sbin/in\..*d	--	system_u:object_r:inetd_child_exec_t
/var/log/(x)?inetd\.log	--	system_u:object_r:inetd_log_t
/var/run/inetd\.pid	--	system_u:object_r:inetd_var_run_t
# init
/dev/initctl		-p	system_u:object_r:initctl_t
/sbin/init		--	system_u:object_r:init_exec_t
# init rc scripts

/etc/X11/prefdm              --      system_u:object_r:bin_t

/etc/rc\.d/rc		--	system_u:object_r:initrc_exec_t
/etc/rc\.d/rc\.sysinit	--	system_u:object_r:initrc_exec_t
/etc/rc\.d/rc\.local	--	system_u:object_r:initrc_exec_t
/etc/rc\.d/init\.d/.*	--	system_u:object_r:initrc_exec_t
/etc/rc\.d/init\.d/functions -- system_u:object_r:etc_t
/etc/init\.d/.*		--	system_u:object_r:initrc_exec_t
/etc/init\.d/functions	--	system_u:object_r:etc_t
/var/run/utmp		--	system_u:object_r:initrc_var_run_t
/var/run/runlevel\.dir		system_u:object_r:initrc_var_run_t
/var/run/random-seed	--	system_u:object_r:initrc_var_run_t
/var/run/setmixer_flag	--	system_u:object_r:initrc_var_run_t




# run_init
/usr/sbin/run_init	--	system_u:object_r:run_init_exec_t
/usr/sbin/open_init_pty	--	system_u:object_r:initrc_exec_t
/etc/nologin.*		--	system_u:object_r:etc_runtime_t
/etc/nohotplug		--	system_u:object_r:etc_runtime_t

/halt			--	system_u:object_r:etc_runtime_t
/fastboot 		--	system_u:object_r:etc_runtime_t
/fsckoptions 		--	system_u:object_r:etc_runtime_t
/forcefsck 		--	system_u:object_r:etc_runtime_t
/poweroff		--	system_u:object_r:etc_runtime_t
/\.autofsck		--	system_u:object_r:etc_runtime_t
/\.autorelabel		--	system_u:object_r:etc_runtime_t


# innd
/usr/sbin/innd.*	--	system_u:object_r:innd_exec_t
/usr/bin/rpost          --      system_u:object_r:innd_exec_t
/usr/bin/suck           --      system_u:object_r:innd_exec_t
/var/run/innd(/.*)?		system_u:object_r:innd_var_run_t
/etc/news(/.*)?			system_u:object_r:innd_etc_t
/etc/news/boot		--	system_u:object_r:innd_exec_t
/var/spool/news(/.*)?		system_u:object_r:news_spool_t
/var/log/news(/.*)?		system_u:object_r:innd_log_t
/var/lib/news(/.*)?		system_u:object_r:innd_var_lib_t
/var/run/news(/.*)?	 	system_u:object_r:innd_var_run_t
/usr/sbin/in\.nnrpd	--	system_u:object_r:innd_exec_t
/usr/bin/inews		--	system_u:object_r:innd_exec_t
/usr/bin/rnews		--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin(/.*)?		system_u:object_r:bin_t
/usr/lib(64)?/news/bin/innd 	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/actsync	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/archive	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/batcher	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/buffchan	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/controlchan --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/convdate	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/ctlinnd	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/cvtbatch	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/expire	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/expireover --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/fastrm	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/filechan	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/getlist	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/grephistory --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/inews	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/innconfval --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/inndf	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/inndstart --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/innfeed	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/innxbatch --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/innxmit	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/makedbz	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/makehistory --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/newsrequeue --	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/nnrpd	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/nntpget	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/ovdb_recover	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/overchan	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/prunehistory	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/rnews	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/shlock	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/shrinkfile	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/sm	--	system_u:object_r:innd_exec_t
/usr/lib(64)?/news/bin/startinnfeed	--	system_u:object_r:innd_exec_t
# MIT Kerberos krbkdc, kadmind
/etc/krb5\.keytab       		system_u:object_r:krb5_keytab_t
/usr(/local)?(/kerberos)?/sbin/krb5kdc --	system_u:object_r:krb5kdc_exec_t
/usr(/local)?(/kerberos)?/sbin/kadmind --	system_u:object_r:kadmind_exec_t
/var/kerberos/krb5kdc(/.*)?		system_u:object_r:krb5kdc_conf_t
/usr/local/var/krb5kdc(/.*)?		system_u:object_r:krb5kdc_conf_t
/var/kerberos/krb5kdc/principal.*	system_u:object_r:krb5kdc_principal_t
/usr/local/var/krb5kdc/principal.*	system_u:object_r:krb5kdc_principal_t
/var/log/krb5kdc\.log			system_u:object_r:krb5kdc_log_t
/var/log/kadmind\.log			system_u:object_r:kadmind_log_t
/usr(/local)?/bin/ksu		--	system_u:object_r:su_exec_t

# gentoo file locations
/usr/sbin/krb5kdc			--	system_u:object_r:krb5kdc_exec_t
/usr/sbin/kadmind			--	system_u:object_r:kadmind_exec_t
/etc/krb5kdc(/.*)?				system_u:object_r:krb5kdc_conf_t
/etc/krb5kdc/principal.*		system_u:object_r:krb5kdc_principal_t
/etc/krb5kdc/kadm5.keytab 	--	system_u:object_r:krb5_keytab_t
/var/log/kadmin.log			--	system_u:object_r:kadmind_log_t

# klogd
/sbin/klogd		--	system_u:object_r:klogd_exec_t
/usr/sbin/klogd		--	system_u:object_r:klogd_exec_t
/var/run/klogd\.pid	--	system_u:object_r:klogd_var_run_t
# kde talk daemon 
/usr/bin/ktalkd	--	system_u:object_r:ktalkd_exec_t
/usr/sbin/in.talkd	--	system_u:object_r:ktalkd_exec_t
# kudzu
/usr/sbin/kudzu	--	system_u:object_r:kudzu_exec_t
/sbin/kmodule	--	system_u:object_r:kudzu_exec_t
/var/run/Xconfig --	root:object_r:kudzu_var_run_t
/sbin/ldconfig		--	system_u:object_r:ldconfig_exec_t
# load_policy
/usr/sbin/load_policy		--	system_u:object_r:load_policy_exec_t
/sbin/load_policy		--	system_u:object_r:load_policy_exec_t
# login
/bin/login		--	system_u:object_r:login_exec_t
/usr/kerberos/sbin/login\.krb5	--	system_u:object_r:login_exec_t
# lpd
/dev/printer		-s	system_u:object_r:printer_t
/usr/sbin/lpd		--	system_u:object_r:lpd_exec_t
/usr/sbin/checkpc	--	system_u:object_r:checkpc_exec_t
/var/spool/lpd(/.*)?		system_u:object_r:print_spool_t
/usr/share/printconf/.* --	system_u:object_r:printconf_t
/usr/share/printconf/util/print\.py -- system_u:object_r:bin_t
/var/run/lprng(/.*)?		system_u:object_r:lpd_var_run_t
# mailman list server
/var/lib/mailman(/.*)?		   system_u:object_r:mailman_data_t
/var/log/mailman(/.*)?		   system_u:object_r:mailman_log_t
/usr/lib/mailman/cron/.*	-- system_u:object_r:mailman_queue_exec_t
/usr/lib/mailman/bin/mailmanctl -- system_u:object_r:mailman_mail_exec_t
/var/run/mailman(/.*)?		   system_u:object_r:mailman_lock_t
/var/lib/mailman/archives(/.*)?	system_u:object_r:mailman_archive_t




/usr/lib/mailman/cgi-bin/.*	 -- system_u:object_r:mailman_cgi_exec_t
/var/lock/mailman(/.*)?		    system_u:object_r:mailman_lock_t
/usr/lib/mailman/scripts/mailman -- system_u:object_r:mailman_mail_exec_t
/usr/lib/mailman/bin/qrunner  	 -- system_u:object_r:mailman_queue_exec_t
/etc/mailman(/.*)?		   system_u:object_r:mailman_data_t
/var/spool/mailman(/.*)?	   system_u:object_r:mailman_data_t

# module utilities
/etc/modules\.conf.*	--	system_u:object_r:modules_conf_t
/etc/modprobe\.conf.*	--	system_u:object_r:modules_conf_t
/lib(64)?/modules/modprobe\.conf --	system_u:object_r:modules_conf_t
/lib(64)?/modules(/.*)?		system_u:object_r:modules_object_t
/lib(64)?/modules/[^/]+/modules\..+ -- system_u:object_r:modules_dep_t
/lib(64)?/modules/modprobe\.conf.* -- system_u:object_r:modules_conf_t
/sbin/depmod.*		--	system_u:object_r:depmod_exec_t
/sbin/modprobe.*	--	system_u:object_r:insmod_exec_t
/sbin/insmod.*		--	system_u:object_r:insmod_exec_t
/sbin/insmod_ksymoops_clean --	system_u:object_r:sbin_t
/sbin/rmmod.*		--	system_u:object_r:insmod_exec_t
/sbin/update-modules	--	system_u:object_r:update_modules_exec_t
/sbin/generate-modprobe\.conf -- system_u:object_r:update_modules_exec_t
# types for general mail servers
/usr/sbin/sendmail(.sendmail)?	-- system_u:object_r:sendmail_exec_t
/usr/lib(64)?/sendmail		-- system_u:object_r:sendmail_exec_t
/etc/aliases		--	system_u:object_r:etc_aliases_t
/etc/aliases\.db	--	system_u:object_r:etc_aliases_t
/var/spool/mail(/.*)?		system_u:object_r:mail_spool_t
/var/mail(/.*)?			system_u:object_r:mail_spool_t


# mysql database server
/usr/sbin/mysqld(-max)?	--	system_u:object_r:mysqld_exec_t
/usr/libexec/mysqld	--	system_u:object_r:mysqld_exec_t
/var/run/mysqld(/.*)?		system_u:object_r:mysqld_var_run_t
/var/log/mysql.*	--	system_u:object_r:mysqld_log_t
/var/lib/mysql(/.*)?		system_u:object_r:mysqld_db_t
/var/lib/mysql/mysql\.sock -s	system_u:object_r:mysqld_var_run_t
/etc/my\.cnf		--	system_u:object_r:mysqld_etc_t
/etc/mysql(/.*)?		system_u:object_r:mysqld_etc_t

# named

/var/named(/.*)?		system_u:object_r:named_zone_t
/var/named/slaves(/.*)?		system_u:object_r:named_cache_t
/var/named/data(/.*)?		system_u:object_r:named_cache_t
/etc/named\.conf	--	system_u:object_r:named_conf_t
 
 
/etc/rndc.*		--	system_u:object_r:named_conf_t
/etc/rndc\.key		-- 	system_u:object_r:dnssec_t
/usr/sbin/named      	--	system_u:object_r:named_exec_t
/usr/sbin/named-checkconf --	system_u:object_r:named_checkconf_exec_t
/usr/sbin/r?ndc		--	system_u:object_r:ndc_exec_t
/var/run/ndc		-s	system_u:object_r:named_var_run_t
/var/run/bind(/.*)?		system_u:object_r:named_var_run_t
/var/run/named(/.*)?		system_u:object_r:named_var_run_t
/usr/sbin/lwresd	--	system_u:object_r:named_exec_t
/var/log/named.* 	--  system_u:object_r:named_log_t


/var/named/named\.ca	--	system_u:object_r:named_conf_t
/var/named/chroot(/.*)?		system_u:object_r:named_conf_t
/var/named/chroot/dev/null   -c	system_u:object_r:null_device_t
/var/named/chroot/dev/random -c	system_u:object_r:random_device_t
/var/named/chroot/dev/zero -c	system_u:object_r:zero_device_t
/var/named/chroot/etc(/.*)? 	system_u:object_r:named_conf_t
/var/named/chroot/etc/rndc.key  -- system_u:object_r:dnssec_t
/var/named/chroot/var/run/named.* system_u:object_r:named_var_run_t
/var/named/chroot/var/tmp(/.*)? system_u:object_r:named_cache_t
/var/named/chroot/var/named(/.*)?	system_u:object_r:named_zone_t
/var/named/chroot/var/named/slaves(/.*)? system_u:object_r:named_cache_t
/var/named/chroot/var/named/data(/.*)? system_u:object_r:named_cache_t
/var/named/chroot/var/named/named\.ca	--	system_u:object_r:named_conf_t
 
 # network utilities
/sbin/arping		--	system_u:object_r:netutils_exec_t
/usr/sbin/tcpdump	--	system_u:object_r:netutils_exec_t
/etc/network/ifstate	--	system_u:object_r:etc_runtime_t
# nscd
/usr/sbin/nscd		--	system_u:object_r:nscd_exec_t
/var/run/\.nscd_socket	-s	system_u:object_r:nscd_var_run_t
/var/run/nscd\.pid	--	system_u:object_r:nscd_var_run_t
/var/db/nscd(/.*)?		system_u:object_r:nscd_var_run_t
/var/run/nscd(/.*)?		system_u:object_r:nscd_var_run_t
/var/log/nscd\.log.*	--	system_u:object_r:nscd_log_t
/var/lib/ntp(/.*)?			system_u:object_r:ntp_drift_t
/etc/ntp/data(/.*)?			system_u:object_r:ntp_drift_t
/etc/ntp(d)?\.conf.*	--	system_u:object_r:net_conf_t
/etc/ntp/step-tickers.*		--	system_u:object_r:net_conf_t
/usr/sbin/ntpd			--	system_u:object_r:ntpd_exec_t
/usr/sbin/ntpdate		--	system_u:object_r:ntpdate_exec_t
/var/log/ntpstats(/.*)?			system_u:object_r:ntpd_log_t
/var/log/ntp.*			--	system_u:object_r:ntpd_log_t
/var/log/xntpd.*		--	system_u:object_r:ntpd_log_t
/var/run/ntpd\.pid		--	system_u:object_r:ntpd_var_run_t
/etc/cron\.(daily|weekly)/ntp-simple -- system_u:object_r:ntpd_exec_t
/etc/cron\.(daily|weekly)/ntp-server -- system_u:object_r:ntpd_exec_t
# spasswd
/usr/bin/passwd		--	system_u:object_r:passwd_exec_t
/usr/bin/chage		--	system_u:object_r:passwd_exec_t
/usr/bin/chsh		--	system_u:object_r:chfn_exec_t
/usr/bin/chfn		--	system_u:object_r:chfn_exec_t
/usr/sbin/vipw		--	system_u:object_r:admin_passwd_exec_t
/usr/sbin/vigr		--	system_u:object_r:admin_passwd_exec_t
/usr/bin/vipw		--	system_u:object_r:admin_passwd_exec_t
/usr/bin/vigr		--	system_u:object_r:admin_passwd_exec_t
/usr/sbin/pwconv	--	system_u:object_r:admin_passwd_exec_t
/usr/sbin/pwunconv	--	system_u:object_r:admin_passwd_exec_t
/usr/sbin/grpconv	--	system_u:object_r:admin_passwd_exec_t
/usr/sbin/grpunconv	--	system_u:object_r:admin_passwd_exec_t
# File Contexts for The Open Group Pegasus (tog-pegasus) cimserver
/usr/sbin/cimserver		--	system_u:object_r:pegasus_exec_t
/usr/sbin/init_repository	-- 	system_u:object_r:pegasus_exec_t
/etc/Pegasus(/.*)?			system_u:object_r:pegasus_conf_t
/var/lib/Pegasus(/.*)?	                system_u:object_r:pegasus_data_t
/var/run/tog-pegasus(/.*)?              system_u:object_r:pegasus_var_run_t
/usr/share/Pegasus/mof(/.*)?/.*\.mof    system_u:object_r:pegasus_mof_t
/etc/Pegasus/pegasus_current.conf	system_u:object_r:pegasus_data_t

# ping
/bin/ping.* 		--	system_u:object_r:ping_exec_t
/usr/sbin/hping2	--	system_u:object_r:ping_exec_t
# portmap
/sbin/portmap		--	system_u:object_r:portmap_exec_t

/usr/sbin/pmap_dump	--	system_u:object_r:portmap_helper_exec_t
/usr/sbin/pmap_set	--	system_u:object_r:portmap_helper_exec_t

/var/run/portmap.upgrade-state -- system_u:object_r:portmap_var_run_t
# postfix
/etc/postfix(/.*)?		system_u:object_r:postfix_etc_t

/etc/postfix/aliases.*		system_u:object_r:etc_aliases_t
/usr/libexec/postfix/.*	--	system_u:object_r:postfix_exec_t
/usr/libexec/postfix/cleanup --	system_u:object_r:postfix_cleanup_exec_t
/usr/libexec/postfix/local	--	system_u:object_r:postfix_local_exec_t
/usr/libexec/postfix/master	--	system_u:object_r:postfix_master_exec_t
/usr/libexec/postfix/pickup	--	system_u:object_r:postfix_pickup_exec_t
/usr/libexec/postfix/(n)?qmgr --	system_u:object_r:postfix_qmgr_exec_t
/usr/libexec/postfix/showq	--	system_u:object_r:postfix_showq_exec_t
/usr/libexec/postfix/smtp	--	system_u:object_r:postfix_smtp_exec_t
/usr/libexec/postfix/scache	--	system_u:object_r:postfix_smtp_exec_t
/usr/libexec/postfix/smtpd	--	system_u:object_r:postfix_smtpd_exec_t
/usr/libexec/postfix/bounce	--	system_u:object_r:postfix_bounce_exec_t
/usr/libexec/postfix/pipe	--	system_u:object_r:postfix_pipe_exec_t

/etc/postfix/postfix-script.* -- system_u:object_r:postfix_exec_t
/etc/postfix/prng_exch	--	system_u:object_r:postfix_prng_t
/usr/sbin/postalias	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/postcat	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/postdrop	--	system_u:object_r:postfix_postdrop_exec_t
/usr/sbin/postfix	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/postkick	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/postlock	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/postlog	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/postmap	--	system_u:object_r:postfix_map_exec_t
/usr/sbin/postqueue	--	system_u:object_r:postfix_postqueue_exec_t
/usr/sbin/postsuper	--	system_u:object_r:postfix_master_exec_t
/usr/sbin/rmail		--	system_u:object_r:sendmail_exec_t
/usr/sbin/sendmail.postfix --	system_u:object_r:sendmail_exec_t
/var/spool/postfix(/.*)?	system_u:object_r:postfix_spool_t
/var/spool/postfix/maildrop(/.*)? system_u:object_r:postfix_spool_maildrop_t
/var/spool/postfix/pid	-d	system_u:object_r:var_run_t
/var/spool/postfix/pid/.*	system_u:object_r:postfix_var_run_t
/var/spool/postfix/private(/.*)? system_u:object_r:postfix_private_t
/var/spool/postfix/public(/.*)? system_u:object_r:postfix_public_t
/var/spool/postfix/bounce(/.*)? system_u:object_r:postfix_spool_bounce_t
/var/spool/postfix/flush(/.*)?	system_u:object_r:postfix_spool_flush_t
/var/spool/postfix/etc(/.*)?	system_u:object_r:etc_t
/var/spool/postfix/lib(64)?(/.*)?	system_u:object_r:lib_t
/var/spool/postfix/usr(/.*)?	system_u:object_r:lib_t
/var/spool/postfix/lib(64)?/ld.*\.so.* -- system_u:object_r:ld_so_t
/var/spool/postfix/lib(64)?/lib.*\.so.* -- system_u:object_r:shlib_t
/var/spool/postfix/lib(64)?/[^/]*/lib.*\.so.* -- system_u:object_r:shlib_t
/var/spool/postfix/lib(64)?/devfsd/.*\.so.* -- system_u:object_r:shlib_t
# postgresql - database server
/usr/lib(64)?/postgresql/bin/.* --	system_u:object_r:postgresql_exec_t
/usr/bin/postgres	--	system_u:object_r:postgresql_exec_t
/usr/bin/initdb		--	system_u:object_r:postgresql_exec_t

/var/lib/postgres(ql)?(/.*)? 	system_u:object_r:postgresql_db_t
/var/lib/pgsql/data(/.*)?	system_u:object_r:postgresql_db_t
/var/run/postgresql(/.*)?	system_u:object_r:postgresql_var_run_t
/etc/postgresql(/.*)?		system_u:object_r:postgresql_etc_t
/var/log/postgres\.log.* --	system_u:object_r:postgresql_log_t
/var/log/postgresql(/.*)?	system_u:object_r:postgresql_log_t
/var/lib/pgsql/pgstartup.log	system_u:object_r:postgresql_log_t
/usr/lib/pgsql/test/regres(/.*)?	system_u:object_r:postgresql_db_t
/usr/lib/pgsql/test/regress/.*\.so	-- system_u:object_r:shlib_t
/usr/lib/pgsql/test/regress/.*\.sh	-- system_u:object_r:bin_t
/usr/lib/pgsql/test/regress/pg_regress	-- system_u:object_r:postgresql_exec_t

/usr/share/jonas/pgsql(/.*)?       system_u:object_r:postgresql_db_t
/var/log/rhdb/rhdb(/.*)?           system_u:object_r:postgresql_log_t 

# pppd
/usr/sbin/pppd		--	system_u:object_r:pppd_exec_t
/usr/sbin/pptp 		--	system_u:object_r:pptp_exec_t
/usr/sbin/ipppd		--	system_u:object_r:pppd_exec_t
/dev/ppp		-c	system_u:object_r:ppp_device_t
/dev/pppox.*		-c	system_u:object_r:ppp_device_t
/dev/ippp.*		-c	system_u:object_r:ppp_device_t
/var/run/pppd[0-9]*\.tdb --	system_u:object_r:pppd_var_run_t
/var/run/ppp(/.*)?		system_u:object_r:pppd_var_run_t
/etc/ppp		-d	system_u:object_r:pppd_etc_t
/etc/ppp/.*		--	system_u:object_r:pppd_etc_rw_t
/etc/ppp/.*secrets	--	system_u:object_r:pppd_secret_t
/var/run/(i)?ppp.*pid	--	system_u:object_r:pppd_var_run_t
/var/log/ppp-connect-errors.* -- system_u:object_r:pppd_log_t
/var/log/ppp/.*	--	system_u:object_r:pppd_log_t
/etc/ppp/ip-down\..*	--	system_u:object_r:bin_t
/etc/ppp/ip-up\..*	--	system_u:object_r:bin_t
/etc/ppp/ipv6-up\..*	--	system_u:object_r:bin_t
/etc/ppp/ipv6-down\..*	--	system_u:object_r:bin_t
/etc/ppp/plugins/rp-pppoe\.so 	--	system_u:object_r:shlib_t
/etc/ppp/resolv\.conf 	--	system_u:object_r:pppd_etc_rw_t
# Fix pptp sockets
/var/run/pptp(/.*)?		system_u:object_r:pptp_var_run_t
# Fix /etc/ppp {up,down} family scripts (see man pppd)
/etc/ppp/(auth|ip(v6|x)?)-(up|down)	--	system_u:object_r:pppd_script_exec_t
# privoxy
/usr/sbin/privoxy	--	system_u:object_r:privoxy_exec_t
/var/log/privoxy(/.*)?		system_u:object_r:privoxy_log_t
/etc/privoxy/user\.action	system_u:object_r:privoxy_etc_rw_t
# radius
/etc/raddb(/.*)?                system_u:object_r:radiusd_etc_t
/usr/sbin/radiusd	--	system_u:object_r:radiusd_exec_t
/usr/sbin/freeradius	--	system_u:object_r:radiusd_exec_t
/var/log/radiusd-freeradius(/.*)?       system_u:object_r:radiusd_log_t
/var/log/radius\.log.*	--	system_u:object_r:radiusd_log_t
/var/log/radius(/.*)?		system_u:object_r:radiusd_log_t
/var/log/freeradius(/.*)?	system_u:object_r:radiusd_log_t
/var/log/radacct(/.*)?		system_u:object_r:radiusd_log_t
/var/log/radutmp	--	system_u:object_r:radiusd_log_t
/var/log/radwtmp.*	--	system_u:object_r:radiusd_log_t
/etc/cron\.(daily|monthly)/radiusd -- system_u:object_r:radiusd_exec_t
/etc/cron\.(daily|weekly|monthly)/freeradius -- system_u:object_r:radiusd_exec_t
/var/run/radiusd\.pid	--	system_u:object_r:radiusd_var_run_t
/var/run/radiusd(/.*)?		system_u:object_r:radiusd_var_run_t
# radvd
/etc/radvd\.conf	--	system_u:object_r:radvd_etc_t
/usr/sbin/radvd		--	system_u:object_r:radvd_exec_t
/var/run/radvd\.pid	--	system_u:object_r:radvd_var_run_t
/var/run/radvd(/.*)?		system_u:object_r:radvd_var_run_t
# restorecon
/sbin/restorecon	--	system_u:object_r:restorecon_exec_t
# rlogind and telnetd
/usr/sbin/in\.rlogind	--	system_u:object_r:rlogind_exec_t
/usr/lib(64)?/telnetlogin	--	system_u:object_r:rlogind_exec_t
/usr/kerberos/sbin/klogind --	system_u:object_r:rlogind_exec_t
# RPC daemons
/sbin/rpc\..*		--	system_u:object_r:rpcd_exec_t
/usr/sbin/rpc.idmapd	--	system_u:object_r:rpcd_exec_t
/usr/sbin/rpc\.nfsd	--	system_u:object_r:nfsd_exec_t
/usr/sbin/exportfs	--	system_u:object_r:nfsd_exec_t
/usr/sbin/rpc\.gssd	--	system_u:object_r:gssd_exec_t
/usr/sbin/rpc\.svcgssd	--	system_u:object_r:gssd_exec_t
/usr/sbin/rpc\.mountd	--	system_u:object_r:nfsd_exec_t
/var/run/rpc\.statd\.pid	--	system_u:object_r:rpcd_var_run_t
/var/run/rpc\.statd(/.*)?	system_u:object_r:rpcd_var_run_t
/etc/exports		--	system_u:object_r:exports_t

# rpm
/var/lib/rpm(/.*)?		system_u:object_r:rpm_var_lib_t
/var/lib/alternatives(/.*)?	system_u:object_r:rpm_var_lib_t
/bin/rpm 		--	system_u:object_r:rpm_exec_t
/usr/bin/yum 		--	system_u:object_r:rpm_exec_t
/usr/bin/apt-get 	--	system_u:object_r:rpm_exec_t
/usr/bin/apt-shell    	-- 	system_u:object_r:rpm_exec_t
/usr/bin/synaptic   --    	system_u:object_r:rpm_exec_t 
/usr/lib(64)?/rpm/rpmd	-- 	system_u:object_r:bin_t
/usr/lib(64)?/rpm/rpmq	-- 	system_u:object_r:bin_t
/usr/lib(64)?/rpm/rpmk	-- 	system_u:object_r:bin_t
/usr/lib(64)?/rpm/rpmv	-- 	system_u:object_r:bin_t
/var/log/rpmpkgs.*	--	system_u:object_r:rpm_log_t
/var/log/yum\.log	--	system_u:object_r:rpm_log_t

/usr/sbin/up2date	--	system_u:object_r:rpm_exec_t
/usr/sbin/rhn_check	--	system_u:object_r:rpm_exec_t

# SuSE



# rshd.
/usr/sbin/in\.rshd	--	system_u:object_r:rshd_exec_t
/usr/sbin/in\.rexecd	--	system_u:object_r:rshd_exec_t
/usr/kerberos/sbin/kshd	--	system_u:object_r:rshd_exec_t
# rsync program
/usr/bin/rsync	--	system_u:object_r:rsync_exec_t
/srv/([^/]*/)?rsync(/.*)?	system_u:object_r:public_content_t
# samba scripts
/usr/sbin/smbd		--	system_u:object_r:smbd_exec_t
/usr/sbin/nmbd		--	system_u:object_r:nmbd_exec_t
/usr/bin/net		--	system_u:object_r:samba_net_exec_t
/etc/samba(/.*)?		system_u:object_r:samba_etc_t
/var/log/samba(/.*)?		system_u:object_r:samba_log_t
/var/cache/samba(/.*)?		system_u:object_r:samba_var_t
/var/lib/samba(/.*)?		system_u:object_r:samba_var_t
/etc/samba/secrets\.tdb	--	system_u:object_r:samba_secrets_t
/etc/samba/MACHINE\.SID	--	system_u:object_r:samba_secrets_t
# samba really wants write access to smbpasswd
/etc/samba/smbpasswd	--	system_u:object_r:samba_secrets_t
/var/run/samba/locking\.tdb --	system_u:object_r:smbd_var_run_t
/var/run/samba/connections\.tdb -- system_u:object_r:smbd_var_run_t
/var/run/samba/sessionid\.tdb -- system_u:object_r:smbd_var_run_t
/var/run/samba/brlock\.tdb --	system_u:object_r:smbd_var_run_t
/var/run/samba/namelist\.debug -- system_u:object_r:nmbd_var_run_t
/var/run/samba/messages\.tdb --	system_u:object_r:nmbd_var_run_t
/var/run/samba/unexpected\.tdb -- system_u:object_r:nmbd_var_run_t
/var/run/samba/smbd\.pid --	system_u:object_r:smbd_var_run_t
/var/run/samba/nmbd\.pid --	system_u:object_r:nmbd_var_run_t
/var/spool/samba(/.*)?		system_u:object_r:samba_var_t

# saslauthd 
/usr/sbin/saslauthd		--	system_u:object_r:saslauthd_exec_t
/var/run/saslauthd(/.*)?		system_u:object_r:saslauthd_var_run_t
# sendmail
/etc/mail(/.*)?				system_u:object_r:etc_mail_t
/var/log/sendmail\.st		--	system_u:object_r:sendmail_log_t
/var/log/mail(/.*)?			system_u:object_r:sendmail_log_t
/var/run/sendmail\.pid		--	system_u:object_r:sendmail_var_run_t
/var/run/sm-client\.pid		--	system_u:object_r:sendmail_var_run_t
# setfiles
/usr/sbin/setfiles.*	--	system_u:object_r:setfiles_exec_t

# slapd - ldap server
/usr/sbin/slapd		--	system_u:object_r:slapd_exec_t
/var/lib/ldap(/.*)?		system_u:object_r:slapd_db_t
/var/lib/ldap/replog(/.*)?	system_u:object_r:slapd_replog_t
/var/run/slapd\.args	--	system_u:object_r:slapd_var_run_t
/etc/ldap/slapd\.conf	--	system_u:object_r:slapd_etc_t
/var/run/slapd\.pid	--	system_u:object_r:slapd_var_run_t
/var/run/ldapi		-s	system_u:object_r:slapd_var_run_t
/opt/(fedora|redhat)-ds(/.*)?/bin/slapd/server/ns-slapd   --	system_u:object_r:slapd_exec_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/logs(/.*)? 	system_u:object_r:slapd_var_run_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/locks(/.*)?	system_u:object_r:slapd_lock_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/tmp(/.*)? system_u:object_r:slapd_var_run_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/config(/.*)? system_u:object_r:slapd_var_run_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/db(/.*)? system_u:object_r:slapd_db_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/bak(/.*)? system_u:object_r:slapd_db_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/start-slapd system_u:object_r:initrc_exec_t
/opt/(fedora|redhat)-ds/slapd-[^/]+/stop-slapd system_u:object_r:initrc_exec_t
/opt/(fedora|redhat)-ds/alias(/.*)? system_u:object_r:slapd_cert_t
/opt/(fedora|redhat)-ds/alias/[^/]+so.* system_u:object_r:shlib_t
# snmpd
/usr/sbin/snmp(trap)?d	--	system_u:object_r:snmpd_exec_t
/var/lib/snmp(/.*)?		system_u:object_r:snmpd_var_lib_t
/var/lib/net-snmp(/.*)?	system_u:object_r:snmpd_var_lib_t
/etc/snmp/snmp(trap)?d\.conf -- system_u:object_r:snmpd_etc_t
/usr/share/snmp/mibs/\.index -- system_u:object_r:snmpd_var_lib_t
/var/run/snmpd\.pid	--	system_u:object_r:snmpd_var_run_t
/var/run/snmpd		-d	system_u:object_r:snmpd_var_run_t
/var/net-snmp(/.*)		system_u:object_r:snmpd_var_lib_t
/var/log/snmpd\.log	--	system_u:object_r:snmpd_log_t
/usr/sbin/spamd		--	system_u:object_r:spamd_exec_t
/usr/bin/spamd		--	system_u:object_r:spamd_exec_t
/usr/bin/sa-learn	--	system_u:object_r:spamd_exec_t
# squid
/usr/sbin/squid		--	system_u:object_r:squid_exec_t
/var/cache/squid(/.*)?		system_u:object_r:squid_cache_t
/var/spool/squid(/.*)?		system_u:object_r:squid_cache_t
/var/log/squid(/.*)?		system_u:object_r:squid_log_t
/etc/squid(/.*)?		system_u:object_r:squid_conf_t
/var/run/squid\.pid	--	system_u:object_r:squid_var_run_t
/usr/share/squid(/.*)?		system_u:object_r:squid_conf_t

/usr/lib/squid/cachemgr.cgi	-- system_u:object_r:httpd_exec_t

# ssh
/usr/bin/ssh		--	system_u:object_r:ssh_exec_t
/usr/libexec/openssh/ssh-keysign -- system_u:object_r:ssh_keysign_exec_t
/usr/bin/ssh-keygen	--	system_u:object_r:ssh_keygen_exec_t
# sshd
/etc/ssh/primes		--	system_u:object_r:sshd_key_t
/etc/ssh/ssh_host_key 	--	system_u:object_r:sshd_key_t
/etc/ssh/ssh_host_dsa_key --	system_u:object_r:sshd_key_t
/etc/ssh/ssh_host_rsa_key --	system_u:object_r:sshd_key_t
/usr/sbin/sshd	        --	system_u:object_r:sshd_exec_t
/var/run/sshd\.init\.pid	--	system_u:object_r:sshd_var_run_t
# subsystems
/usr/lib(64)?/misc/sftp-server --	system_u:object_r:bin_t
/usr/libexec/openssh/sftp-server -- system_u:object_r:bin_t
/usr/lib(64)?/sftp-server	--	system_u:object_r:bin_t


/usr/sbin/stunnel	--	system_u:object_r:stunnel_exec_t
/etc/stunnel(/.*)?          	system_u:object_r:stunnel_etc_t
/var/run/stunnel(/.*)?		system_u:object_r:stunnel_var_run_t
# syslogd
/sbin/syslogd		--	system_u:object_r:syslogd_exec_t
/sbin/minilogd		--	system_u:object_r:syslogd_exec_t
/usr/sbin/syslogd	--	system_u:object_r:syslogd_exec_t
/sbin/syslog-ng		--	system_u:object_r:syslogd_exec_t
/dev/log		-s	system_u:object_r:devlog_t
/var/run/log		-s	system_u:object_r:devlog_t

/var/run/syslogd\.pid	--	system_u:object_r:syslogd_var_run_t
# telnetd
/usr/sbin/in\.telnetd	--	system_u:object_r:telnetd_exec_t
/usr/kerberos/sbin/telnetd --	system_u:object_r:telnetd_exec_t
# tftpd
/usr/sbin/in\.tftpd	--	system_u:object_r:tftpd_exec_t
/usr/sbin/atftpd	--	system_u:object_r:tftpd_exec_t
/tftpboot(/.*)?			system_u:object_r:tftpdir_t
# udev
/sbin/udevsend	--	system_u:object_r:udev_exec_t
/sbin/udev	--	system_u:object_r:udev_exec_t
/sbin/udevd	--	system_u:object_r:udev_exec_t
/sbin/start_udev --	system_u:object_r:udev_exec_t
/sbin/udevstart  --	system_u:object_r:udev_exec_t
/usr/bin/udevinfo --	system_u:object_r:udev_exec_t
/etc/dev\.d/.+	--	system_u:object_r:udev_helper_exec_t
/etc/udev/scripts/.+	-- system_u:object_r:udev_helper_exec_t
/etc/udev/devices/.*    system_u:object_r:device_t
/etc/hotplug\.d/default/udev.* -- system_u:object_r:udev_helper_exec_t
/dev/udev\.tbl	--	system_u:object_r:udev_tbl_t
/dev/\.udevdb(/.*)?	--	system_u:object_r:udev_tdb_t
/sbin/wait_for_sysfs -- system_u:object_r:udev_exec_t
# updfstab
/usr/sbin/updfstab	--	system_u:object_r:updfstab_exec_t
/usr/sbin/fstab-sync	--	system_u:object_r:updfstab_exec_t
# uucico program
/usr/sbin/uucico	--	system_u:object_r:uucpd_exec_t
/var/spool/uucp(/.*)?		system_u:object_r:uucpd_spool_t
/var/spool/uucppublic(/.*)?	system_u:object_r:uucpd_spool_t
/var/log/uucp(/.*)?		system_u:object_r:uucpd_log_t
#
/usr/bin/webalizer	--	system_u:object_r:webalizer_exec_t
/var/lib/webalizer(/.*)		system_u:object_r:webalizer_var_lib_t
/usr/sbin/winbindd	--	system_u:object_r:winbind_exec_t
/var/run/winbindd(/.*)?		system_u:object_r:winbind_var_run_t

/var/cache/samba/winbindd_privileged(/.*)?	system_u:object_r:winbind_var_run_t
/usr/bin/ntlm_auth --	system_u:object_r:winbind_helper_exec_t
# X Display Manager
/usr/bin/[xgkw]dm	--	system_u:object_r:xdm_exec_t
/usr/X11R6/bin/[xgkw]dm	--	system_u:object_r:xdm_exec_t
/opt/kde3/bin/kdm	--	system_u:object_r:xdm_exec_t
/usr/bin/gpe-dm		--	system_u:object_r:xdm_exec_t
/usr/(s)?bin/gdm-binary	--	system_u:object_r:xdm_exec_t
/var/[xgk]dm(/.*)?		system_u:object_r:xserver_log_t
/usr/var/[xgkw]dm(/.*)?		system_u:object_r:xserver_log_t
/var/log/[kw]dm\.log	--	system_u:object_r:xserver_log_t
/var/log/gdm(/.*)?		system_u:object_r:xserver_log_t
/tmp/\.X0-lock		--	system_u:object_r:xdm_xserver_tmp_t
/etc/X11/Xsession[^/]*	--	system_u:object_r:xsession_exec_t
/etc/X11/wdm(/.*)?		system_u:object_r:xdm_rw_etc_t
/etc/X11/wdm/Xsetup.*	--	system_u:object_r:xsession_exec_t
/etc/X11/wdm/Xstartup.*	--	system_u:object_r:xsession_exec_t
/etc/X11/[wx]dm/Xreset.*	--	system_u:object_r:xsession_exec_t
/etc/X11/[wx]dm/Xsession	--	system_u:object_r:xsession_exec_t
/etc/kde/kdm/Xsession	--	system_u:object_r:xsession_exec_t
/var/run/xdmctl(/.*)?		system_u:object_r:xdm_var_run_t
/var/run/xdm\.pid	--	system_u:object_r:xdm_var_run_t
/var/lib/[xkw]dm(/.*)?		system_u:object_r:xdm_var_lib_t


#
# Additional Xsession scripts
#
/etc/X11/xdm/GiveConsole	--	system_u:object_r:bin_t
/etc/X11/xdm/TakeConsole	--	system_u:object_r:bin_t
/etc/X11/xdm/Xsetup_0		--	system_u:object_r:bin_t
/etc/X11/xinit(/.*)?			system_u:object_r:bin_t
#
# Rules for kde login
#
/etc/kde3?/kdm/Xstartup   --		system_u:object_r:xsession_exec_t
/etc/kde3?/kdm/Xreset     --		system_u:object_r:xsession_exec_t
/etc/kde3?/kdm/Xsession		--	system_u:object_r:xsession_exec_t
/etc/kde3?/kdm/backgroundrc	system_u:object_r:xdm_var_run_t
/usr/lib(64)?/qt-.*/etc/settings(/.*)?	system_u:object_r:xdm_var_run_t
# ypbind
/sbin/ypbind		--	system_u:object_r:ypbind_exec_t
# ypserv
/usr/sbin/ypserv		--	system_u:object_r:ypserv_exec_t
/usr/lib/yp/.+			--	system_u:object_r:bin_t
/etc/ypserv\.conf		--	system_u:object_r:ypserv_conf_t
# Zebra - BGP daemon
/usr/sbin/zebra		--	system_u:object_r:zebra_exec_t
/usr/sbin/bgpd		--	system_u:object_r:zebra_exec_t
/var/log/zebra(/.*)?		system_u:object_r:zebra_log_t
/etc/zebra(/.*)?		system_u:object_r:zebra_conf_t
/var/run/\.zserv	-s	system_u:object_r:zebra_var_run_t
/var/run/\.zebra	-s	system_u:object_r:zebra_var_run_t
# Quagga
/usr/sbin/rip.*  	--	system_u:object_r:zebra_exec_t
/usr/sbin/ospf.*  	--	system_u:object_r:zebra_exec_t
/etc/quagga(/.*)?		system_u:object_r:zebra_conf_t
/var/log/quagga(/.*)?		system_u:object_r:zebra_log_t
/var/run/quagga(/.*)?		system_u:object_r:zebra_var_run_t

/usr/share/system-config-network(/netconfig)?/[^/]+\.py -- system_u:object_r:bin_t
/etc/sysconfig/networking/profiles/.*/resolv\.conf -- system_u:object_r:net_conf_t
/etc/sysconfig/network-scripts/.*resolv\.conf -- system_u:object_r:net_conf_t
/usr/share/rhn/rhn_applet/applet\.py -- system_u:object_r:bin_t
/usr/share/rhn/rhn_applet/eggtrayiconmodule\.so -- system_u:object_r:shlib_t
/usr/share/rhn/rhn_applet/needed-packages\.py	--	system_u:object_r:bin_t
/usr/share/authconfig/authconfig-gtk\.py -- system_u:object_r:bin_t
/usr/share/hwbrowser/hwbrowser -- system_u:object_r:bin_t
/usr/share/system-config-httpd/system-config-httpd -- system_u:object_r:bin_t
/usr/share/system-config-services/system-config-services -- system_u:object_r:bin_t
/usr/share/system-logviewer/system-logviewer\.py -- system_u:object_r:bin_t
/usr/share/system-config-lvm/system-config-lvm.py -- system_u:object_r:bin_t
/usr/share/system-config-date/system-config-date\.py -- system_u:object_r:bin_t
/usr/share/system-config-display/system-config-display -- system_u:object_r:bin_t
/usr/share/system-config-keyboard/system-config-keyboard -- system_u:object_r:bin_t
/usr/share/system-config-language/system-config-language -- system_u:object_r:bin_t
/usr/share/system-config-mouse/system-config-mouse -- system_u:object_r:bin_t
/usr/share/system-config-netboot/system-config-netboot\.py -- system_u:object_r:bin_t
/usr/share/system-config-netboot/pxeos\.py -- system_u:object_r:bin_t
/usr/share/system-config-netboot/pxeboot\.py -- system_u:object_r:bin_t
/usr/share/system-config-nfs/system-config-nfs\.py -- system_u:object_r:bin_t
/usr/share/system-config-rootpassword/system-config-rootpassword -- system_u:object_r:bin_t
/usr/share/system-config-samba/system-config-samba\.py -- system_u:object_r:bin_t
/usr/share/system-config-securitylevel/system-config-securitylevel\.py -- system_u:object_r:bin_t
/usr/share/system-config-services/serviceconf\.py -- system_u:object_r:bin_t
/usr/share/system-config-soundcard/system-config-soundcard -- system_u:object_r:bin_t
/usr/share/system-config-users/system-config-users -- system_u:object_r:bin_t
/usr/share/switchdesk/switchdesk-gui\.py	--	system_u:object_r:bin_t
/usr/share/system-config-network/neat-control\.py	--	system_u:object_r:bin_t
/usr/share/system-config-nfs/nfs-export\.py	--	system_u:object_r:bin_t
/usr/share/pydict/pydict\.py	--	system_u:object_r:bin_t
/usr/share/cvs/contrib/rcs2log	--	system_u:object_r:bin_t
/usr/share/pwlib/make/ptlib-config --	system_u:object_r:bin_t
/usr/share/texmf/web2c/mktexdir	--	system_u:object_r:bin_t
/usr/share/texmf/web2c/mktexnam	--	system_u:object_r:bin_t
/usr/share/texmf/web2c/mktexupd	--	system_u:object_r:bin_t
/etc/rhgb(/.*)?		-d		system_u:object_r:mnt_t
/usr/share/ssl/misc(/.*)?		system_u:object_r:bin_t
#
# /emul/ia32-linux/usr
#
/emul(/.*)?				system_u:object_r:usr_t
/emul/ia32-linux/usr(/.*)?/lib(/.*)?		system_u:object_r:lib_t
/emul/ia32-linux/usr(/.*)?/lib/.*\.so(\.[^/]*)*		--	system_u:object_r:shlib_t
/emul/ia32-linux/usr(/.*)?/java/.*\.so(\.[^/]*)*	--	system_u:object_r:shlib_t
/emul/ia32-linux/usr(/.*)?/java/.*\.jar	--	system_u:object_r:shlib_t
/emul/ia32-linux/usr(/.*)?/java/.*\.jsa	--	system_u:object_r:shlib_t
/emul/ia32-linux/usr(/.*)?/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* system_u:object_r:ld_so_t
/emul/ia32-linux/usr(/.*)?/bin(/.*)?		system_u:object_r:bin_t
/emul/ia32-linux/usr(/.*)?/Bin(/.*)?		system_u:object_r:bin_t
/emul/ia32-linux/usr(/.*)?/sbin(/.*)?		system_u:object_r:sbin_t
/emul/ia32-linux/usr/libexec(/.*)?		system_u:object_r:bin_t
# /emul/ia32-linux/lib
/emul/ia32-linux/lib(/.*)?					system_u:object_r:lib_t
/emul/ia32-linux/lib/.*\.so(\.[^/]*)*		--	system_u:object_r:shlib_t
/emul/ia32-linux/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)*	--	system_u:object_r:ld_so_t
# /emul/ia32-linux/bin
/emul/ia32-linux/bin(/.*)?			system_u:object_r:bin_t
# /emul/ia32-linux/sbin
/emul/ia32-linux/sbin(/.*)?			system_u:object_r:sbin_t



# The following are libraries with text relocations in need of execmod permissions
# Some of them should be fixed and removed from this list

# Fedora Core packages: gstreamer-plugins, compat-libstdc++, Glide3, libdv
# 	HelixPlayer, SDL, xorg-x11, xorg-x11-libs, Hermes, valgrind, openoffice.org-libs, httpd - php
/usr/lib/gstreamer-.*/libgstffmpeg\.so.*  -- system_u:object_r:texrel_shlib_t
/usr/lib/gstreamer-.*/libgsthermescolorspace\.so -- system_u:object_r:texrel_shlib_t
/usr/lib/gstreamer-.*/libgstmms\.so 	 -- system_u:object_r:texrel_shlib_t
/usr/lib/libstdc\+\+\.so\.2\.7\.2\.8 		-- system_u:object_r:texrel_shlib_t
/usr/lib/libg\+\+\.so\.2\.7\.2\.8		-- system_u:object_r:texrel_shlib_t
/usr/lib/libglide3\.so.* 			-- system_u:object_r:texrel_shlib_t
/usr/lib/libdv\.so.* 				-- system_u:object_r:texrel_shlib_t
/usr/lib/helix/plugins/oggfformat\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/helix/plugins/theorarend\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/helix/plugins/vorbisrend\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/helix/codecs/colorcvt\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/helix/codecs/cvt1\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/libSDL-.*\.so.*			-- system_u:object_r:texrel_shlib_t
/usr/X11R6/lib/modules/dri/.*\.so		-- system_u:object_r:texrel_shlib_t
/usr/X11R6/lib/libOSMesa\.so.*			-- system_u:object_r:texrel_shlib_t
/usr/X11R6/lib/libfglrx_gamma\.so.* 		--  system_u:object_r:texrel_shlib_t
/usr/lib/libHermes\.so.*			-- system_u:object_r:texrel_shlib_t
/usr/lib/valgrind/hp2ps				-- system_u:object_r:texrel_shlib_t
/usr/lib/valgrind/stage2			-- system_u:object_r:texrel_shlib_t
/usr/lib/valgrind/vg.*\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/.*/libxpcom_core.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/.*/program(/.*)?			system_u:object_r:bin_t
/usr/lib/.*/program/.*\.so.*			system_u:object_r:shlib_t
/usr/lib/.*/program/libicudata\.so.*		-- system_u:object_r:texrel_shlib_t
/usr/lib/.*/program/libsts645li\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/.*/program/libvclplug_gen645li\.so	-- system_u:object_r:texrel_shlib_t
/usr/lib/.*/program/libwrp645li\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/.*/program/libswd680li\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib(64)?/.*/program/librecentfile\.so 	--  system_u:object_r:texrel_shlib_t
/usr/lib(64)?/.*/program/libsvx680li\.so	--  system_u:object_r:texrel_shlib_t
/usr/lib(64)?/.*/program/libcomphelp4gcc3\.so  	--  system_u:object_r:texrel_shlib_t
/usr/lib(64)?/.*/program/libsoffice\.so  	--  system_u:object_r:texrel_shlib_t

# Fedora Extras packages: ladspa, imlib2, ocaml
/usr/lib/ladspa/analogue_osc_1416\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/bandpass_a_iir_1893\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/bandpass_iir_1892\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/butterworth_1902\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/fm_osc_1415\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/gsm_1215\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/gverb_1216\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/hermes_filter_1200\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/highpass_iir_1890\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/lowpass_iir_1891\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/notch_iir_1894\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/pitch_scale_1193\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/pitch_scale_1194\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/sc1_1425\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/sc2_1426\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/sc3_1427\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/sc4_1882\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/ladspa/se4_1883\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/libImlib2\.so.* 			-- system_u:object_r:texrel_shlib_t
/usr/lib/ocaml/stublibs/dllnums\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/httpd/modules/libphp5\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/php/modules/.*\.so			-- system_u:object_r:texrel_shlib_t

# Livna.org packages: xmms-mp3, ffmpeg, xvidcore, xine-lib, gsm, lame
/usr/lib/xmms/Input/libmpg123\.so		-- system_u:object_r:texrel_shlib_t
/usr/lib/libpostproc\.so.*			-- system_u:object_r:texrel_shlib_t
/usr/lib/libavformat-.*\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/libavcodec-.*\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/libxvidcore\.so.*			-- system_u:object_r:texrel_shlib_t
/usr/lib/xine/plugins/.*\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/libgsm\.so.*				-- system_u:object_r:texrel_shlib_t
/usr/lib/libmp3lame\.so.*			-- system_u:object_r:texrel_shlib_t

# Flash plugin, Macromedia
/usr/lib/.*/plugins/libflashplayer\.so.*	-- system_u:object_r:texrel_shlib_t

# Jai, Sun Microsystems (Jpackage SPRM)
/usr/lib/libmlib_jai\.so			-- system_u:object_r:texrel_shlib_t
/usr/lib/libdivxdecore.so.0			-- system_u:object_r:texrel_shlib_t
/usr/lib/libdivxencore.so.0			-- system_u:object_r:texrel_shlib_t

# Java, Sun Microsystems (JPackage SRPM)
/usr/.*/jre/lib/i386/libdeploy.so		-- system_u:object_r:texrel_shlib_t

/usr(/.*)?/Reader/intellinux/plug_ins/.*\.api	-- system_u:object_r:shlib_t
/usr(/.*)?/Reader/intellinux/plug_ins/AcroForm\.api	-- system_u:object_r:texrel_shlib_t
/usr(/.*)?/Reader/intellinux/plug_ins/EScript\.api	-- system_u:object_r:texrel_shlib_t
/usr(/.*)?/Reader/intellinux/SPPlugins/ADMPlugin\.apl  --  system_u:object_r:texrel_shlib_t



