(roleattribute bootloader_roles)
(roleattributeset bootloader_roles (system_r ))
(roletype bootloader_roles bootloader_t)
(type boot_runtime_t)
(roletype object_r boot_runtime_t)
(type bootloader_t)
(roletype object_r bootloader_t)
(type bootloader_exec_t)
(roletype object_r bootloader_exec_t)
(type bootloader_etc_t)
(roletype object_r bootloader_etc_t)
(type bootloader_tmp_t)
(roletype object_r bootloader_tmp_t)
(roleattributeset cil_gen_require system_r)
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (boot_runtime_t bootloader_exec_t bootloader_etc_t bootloader_tmp_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (boot_runtime_t bootloader_exec_t bootloader_etc_t bootloader_tmp_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (boot_runtime_t bootloader_exec_t bootloader_etc_t bootloader_tmp_t ))
(typeattributeset cil_gen_require application_domain_type)
(typeattributeset application_domain_type (bootloader_t ))
(typeattributeset cil_gen_require domain)
(typeattributeset domain (bootloader_t ))
(typeattributeset cil_gen_require security_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require selinux_config_t)
(typeattributeset cil_gen_require application_exec_type)
(typeattributeset application_exec_type (bootloader_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (bootloader_exec_t ))
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (bootloader_exec_t ))
(typeattributeset cil_gen_require tmpfile)
(typeattributeset tmpfile (bootloader_tmp_t ))
(typeattributeset cil_gen_require polymember)
(typeattributeset polymember (bootloader_tmp_t ))
(typeattributeset cil_gen_require device_node)
(typeattributeset device_node (bootloader_tmp_t ))
(typeattributeset cil_gen_require tmp_t)
(typeattributeset cil_gen_require root_t)
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require proc_kcore_t)
(typeattributeset cil_gen_require proc_net_t)
(typeattributeset cil_gen_require proc_mdstat_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require debugfs_t)
(typeattributeset cil_gen_require kernel_t)
(typeattributeset cil_gen_require fixed_disk_raw_read)
(typeattributeset fixed_disk_raw_read (bootloader_t ))
(typeattributeset cil_gen_require fixed_disk_device_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require fixed_disk_raw_write)
(typeattributeset fixed_disk_raw_write (bootloader_t ))
(typeattributeset cil_gen_require removable_device_t)
(typeattributeset cil_gen_require fuse_device_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require urandom_device_t)
(typeattributeset cil_gen_require nvram_device_t)
(typeattributeset cil_gen_require autofs_t)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require dosfs_t)
(typeattributeset cil_gen_require tmpfs_t)
(typeattributeset cil_gen_require efivarfs_t)
(typeattributeset cil_gen_require cgroup_types)
(typeattributeset cil_gen_require mlsfileread)
(typeattributeset mlsfileread (bootloader_t ))
(typeattributeset cil_gen_require mlsfilewrite)
(typeattributeset mlsfilewrite (bootloader_t ))
(typeattributeset cil_gen_require ttynode)
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset cil_gen_require boot_t)
(typeattributeset cil_gen_require default_t)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require src_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require modules_object_t)
(typeattributeset cil_gen_require mnt_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require etc_runtime_t)
(typeattributeset cil_gen_require home_root_t)
(typeattributeset cil_gen_require hugetlbfs_t)
(typeattributeset cil_gen_require fusefs_t)
(typeattributeset cil_gen_require fsadm_run_t)
(typeattributeset cil_gen_require initctl_t)
(typeattributeset cil_gen_require initrc_devpts_t)
(typeattributeset cil_gen_require initrc_t)
(typeattributeset cil_gen_require lib_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require var_log_t)
(typeattributeset cil_gen_require locale_t)
(typeattributeset cil_gen_require mount_runtime_t)
(typeattributeset cil_gen_require policy_config_t)
(typeattributeset cil_gen_require default_context_t)
(typeattributeset cil_gen_require file_context_t)
(typeattributeset cil_gen_require load_policy_exec_t)
(typeattributeset cil_gen_require udev_runtime_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require user_tty_device_t)
(typeattributeset cil_gen_require user_home_dir_t)
(typeattributeset cil_gen_require user_home_t)
(allow bootloader_t bootloader_exec_t (file (entrypoint)))
(allow bootloader_t bootloader_exec_t (file (ioctl read getattr lock map execute open)))
(allow bootloader_t self (capability (chown dac_override dac_read_search fsetid setgid sys_rawio sys_admin mknod)))
(dontaudit bootloader_t self (capability (net_admin sys_resource)))
(allow bootloader_t self (process (sigchld sigkill sigstop signull signal getsched execmem)))
(allow bootloader_t self (fifo_file (ioctl read write getattr lock append open)))
(allow bootloader_t bootloader_etc_t (file (ioctl read getattr lock open)))
(allow bootloader_t bootloader_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t bootloader_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow bootloader_t bootloader_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t bootloader_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t bootloader_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t bootloader_tmp_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow bootloader_t self (capability (mknod)))
(allow bootloader_t bootloader_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t bootloader_tmp_t (blk_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t self (capability (mknod)))
(allow bootloader_t bootloader_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t bootloader_tmp_t (chr_file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition bootloader_t tmp_t blk_file bootloader_tmp_t)
(typetransition bootloader_t tmp_t chr_file bootloader_tmp_t)
(typetransition bootloader_t tmp_t lnk_file bootloader_tmp_t)
(typetransition bootloader_t tmp_t dir bootloader_tmp_t)
(typetransition bootloader_t tmp_t file bootloader_tmp_t)
(allow bootloader_t bootloader_tmp_t (dir (mounton)))
(allow bootloader_t root_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition bootloader_t root_t file bootloader_tmp_t)
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_kcore_t (file (getattr)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_net_t (dir (getattr open search)))
(allow bootloader_t proc_net_t (file (ioctl read getattr lock open)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_net_t (dir (getattr open search)))
(allow bootloader_t proc_net_t (lnk_file (read getattr)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_net_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_t (file (ioctl read getattr lock open)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_t (lnk_file (read getattr)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_mdstat_t (file (ioctl read getattr lock open)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t proc_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t sysctl_t (dir (getattr open search)))
(allow bootloader_t sysctl_kernel_t (dir (getattr open search)))
(allow bootloader_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow bootloader_t proc_t (dir (getattr open search)))
(allow bootloader_t sysctl_t (dir (getattr open search)))
(allow bootloader_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t debugfs_t (dir (getattr open search)))
(allow bootloader_t debugfs_t (dir (getattr open search)))
(allow bootloader_t kernel_t (process (setsched)))
(dontaudit bootloader_t proc_t (filesystem (getattr)))
(allow bootloader_t kernel_t (system (module_request)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t fixed_disk_device_t (blk_file (ioctl read getattr lock open)))
(allow bootloader_t fixed_disk_device_t (chr_file (ioctl read getattr lock open)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t fixed_disk_device_t (blk_file (ioctl write getattr lock append open)))
(allow bootloader_t fixed_disk_device_t (chr_file (ioctl write getattr lock append open)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t removable_device_t (blk_file (ioctl read getattr lock open)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t removable_device_t (blk_file (ioctl write getattr lock append open)))
(allow bootloader_t fuse_device_t (chr_file (ioctl read write getattr lock append open)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_node (chr_file (getattr)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_node (blk_file (getattr)))
(dontaudit bootloader_t device_t (chr_file (ioctl read write getattr)))
(dontaudit bootloader_t device_t (blk_file (ioctl read write getattr)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (file (ioctl read getattr lock open)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (lnk_file (read getattr)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (dir (ioctl read getattr lock open search)))
(dontaudit bootloader_t sysfs_t (file (write)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t nvram_device_t (chr_file (ioctl read write getattr lock append open)))
(allow bootloader_t autofs_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t fs_t (filesystem (getattr)))
(allow bootloader_t dosfs_t (filesystem (getattr)))
(allow bootloader_t tmpfs_t (filesystem (getattr)))
(allow bootloader_t tmpfs_t (dir (getattr open search)))
(allow bootloader_t tmpfs_t (lnk_file (read getattr)))
(allow bootloader_t efivarfs_t (filesystem (getattr)))
(allow bootloader_t dosfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t dosfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t dosfs_t (dir (getattr open search)))
(allow bootloader_t dosfs_t (file (ioctl read getattr lock open)))
(allow bootloader_t dosfs_t (file (map)))
(allow bootloader_t cgroup_types (dir (getattr open search)))
(allow bootloader_t cgroup_types (dir (getattr open search)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t ttynode (chr_file (getattr)))
(allow bootloader_t devpts_t (chr_file (getattr)))
(dontaudit bootloader_t devpts_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow bootloader_t bin_t (dir (getattr open search)))
(allow bootloader_t bin_t (lnk_file (read getattr)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t bin_t (dir (getattr open search)))
(allow bootloader_t bin_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t exec_type (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow bootloader_t bin_t (dir (getattr open search)))
(allow bootloader_t exec_type (lnk_file (read getattr)))
(allow bootloader_t privfd (fd (use)))
(allow bootloader_t boot_t (filesystem (getattr)))
(allow bootloader_t boot_t (dir (ioctl read write create getattr lock open add_name remove_name search)))
(allow bootloader_t default_t (dir (getattr)))
(allow bootloader_t boot_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t boot_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t boot_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t boot_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow bootloader_t etc_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t etc_t (file (ioctl read getattr lock open)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t etc_t (lnk_file (read getattr)))
(allow bootloader_t etc_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t etc_t (lnk_file (read getattr)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t etc_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t src_t (dir (getattr open search)))
(allow bootloader_t src_t (file (ioctl read getattr lock open)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t src_t (dir (getattr open search)))
(allow bootloader_t src_t (lnk_file (read getattr)))
(allow bootloader_t src_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t usr_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t usr_t (file (ioctl read getattr lock open)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t usr_t (lnk_file (read getattr)))
(allow bootloader_t var_t (dir (getattr open search)))
(allow bootloader_t var_t (file (ioctl read getattr lock open)))
(allow bootloader_t modules_object_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t modules_object_t (dir (getattr open search)))
(allow bootloader_t modules_object_t (file (ioctl read getattr lock open)))
(allow bootloader_t modules_object_t (dir (getattr open search)))
(allow bootloader_t modules_object_t (lnk_file (read getattr)))
(allow bootloader_t mnt_t (dir (getattr open search)))
(dontaudit bootloader_t var_run_t (lnk_file (read getattr)))
(dontaudit bootloader_t var_run_t (dir (getattr open search)))
(allow bootloader_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t etc_runtime_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t etc_runtime_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition bootloader_t etc_t file etc_runtime_t)
(dontaudit bootloader_t home_root_t (dir (getattr open search)))
(dontaudit bootloader_t home_root_t (lnk_file (read getattr)))
(allow bootloader_t efivarfs_t (dir (getattr open search)))
(allow bootloader_t efivarfs_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t efivarfs_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t efivarfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t hugetlbfs_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t fusefs_t (filesystem (mount)))
(allow bootloader_t fs_t (filesystem (mount)))
(allow bootloader_t fusefs_t (dir (mounton)))
(allow bootloader_t fusefs_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t fusefs_t (dir (getattr open search)))
(allow bootloader_t fusefs_t (lnk_file (read getattr)))
(allow bootloader_t fusefs_t (dir (getattr open search)))
(allow bootloader_t fusefs_t (file (ioctl read getattr lock open)))
(allow bootloader_t fusefs_t (filesystem (getattr)))
(allow bootloader_t fusefs_t (filesystem (unmount)))
(allow bootloader_t fs_t (filesystem (unmount)))
(allow bootloader_t fsadm_run_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow bootloader_t fsadm_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow bootloader_t var_run_t (lnk_file (read getattr)))
(allow bootloader_t var_t (dir (getattr open search)))
(allow bootloader_t var_run_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t initctl_t (fifo_file (getattr)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t devpts_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t initrc_devpts_t (chr_file (ioctl read write getattr lock append open)))
(allow bootloader_t initrc_t (fd (use)))
(allow bootloader_t initrc_t (fifo_file (ioctl read write getattr lock append open)))
(allow bootloader_t usr_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t lib_t (dir (getattr open search)))
(allow bootloader_t lib_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t lib_t (dir (getattr open search)))
(allow bootloader_t lib_t (file (ioctl read getattr lock open)))
(allow bootloader_t lib_t (dir (getattr open search)))
(allow bootloader_t lib_t (lnk_file (read getattr)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t lib_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t lib_t (dir (getattr open search)))
(allow bootloader_t lib_t (lnk_file (read getattr)))
(allow bootloader_t lib_t (dir (getattr open search)))
(allow bootloader_t lib_t (file (ioctl read getattr map execute open execute_no_trans)))
(allow bootloader_t devlog_t (sock_file (write getattr append open)))
(allow bootloader_t var_run_t (lnk_file (read getattr)))
(allow bootloader_t var_t (dir (getattr open search)))
(allow bootloader_t var_run_t (dir (getattr open search)))
(allow bootloader_t init_runtime_t (dir (getattr open search)))
(allow bootloader_t syslogd_runtime_t (dir (getattr open search)))
(allow bootloader_t syslogd_t (unix_dgram_socket (sendto)))
(allow bootloader_t syslogd_t (unix_stream_socket (connectto)))
(allow bootloader_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow bootloader_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit bootloader_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow bootloader_t var_t (dir (getattr open search)))
(allow bootloader_t var_log_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t var_log_t (dir (getattr open search)))
(allow bootloader_t var_log_t (file (ioctl read write getattr lock append open)))
(allow bootloader_t var_log_t (lnk_file (read getattr)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t etc_t (lnk_file (read getattr)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t locale_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t locale_t (dir (getattr open search)))
(allow bootloader_t locale_t (file (ioctl read getattr lock open)))
(allow bootloader_t locale_t (dir (getattr open search)))
(allow bootloader_t locale_t (lnk_file (read getattr)))
(allow bootloader_t locale_t (file (map)))
(allow bootloader_t mount_runtime_t (dir (getattr open search)))
(allow bootloader_t mount_runtime_t (file (ioctl read write getattr lock append open)))
(allow bootloader_t security_t (filesystem (getattr)))
(allow bootloader_t sysfs_t (filesystem (getattr)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t sysfs_t (dir (getattr open search)))
(allow bootloader_t security_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t security_t (file (ioctl read getattr map open)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t selinux_config_t (dir (getattr open search)))
(allow bootloader_t policy_config_t (dir (getattr open search)))
(allow bootloader_t policy_config_t (file (ioctl read getattr lock open)))
(allow bootloader_t policy_config_t (file (map)))
(allow bootloader_t policy_config_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t etc_t (dir (getattr open search)))
(allow bootloader_t selinux_config_t (dir (getattr open search)))
(allow bootloader_t default_context_t (dir (getattr open search)))
(allow bootloader_t file_context_t (dir (getattr open search)))
(allow bootloader_t file_context_t (file (ioctl read getattr lock open)))
(allow bootloader_t file_context_t (file (map)))
(allow bootloader_t bin_t (dir (getattr open search)))
(allow bootloader_t bin_t (lnk_file (read getattr)))
(allow bootloader_t usr_t (dir (getattr open search)))
(allow bootloader_t load_policy_exec_t (file (ioctl read getattr lock open)))
(dontaudit bootloader_t selinux_config_t (dir (getattr open search)))
(allow bootloader_t var_run_t (lnk_file (read getattr)))
(allow bootloader_t var_t (dir (getattr open search)))
(allow bootloader_t var_run_t (dir (getattr open search)))
(allow bootloader_t udev_runtime_t (dir (getattr open search)))
(allow bootloader_t udev_runtime_t (file (ioctl read getattr lock open)))
(allow bootloader_t udev_runtime_t (dir (getattr open search)))
(allow bootloader_t udev_runtime_t (lnk_file (read getattr)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t device_t (dir (getattr open search)))
(allow bootloader_t device_t (lnk_file (read getattr)))
(allow bootloader_t devpts_t (dir (ioctl read getattr lock open search)))
(allow bootloader_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow bootloader_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(dontaudit bootloader_t user_home_dir_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(dontaudit bootloader_t user_home_t (file (ioctl write getattr lock append open)))
(optional bootloader_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow bootloader_t init_t (process (sigchld)))
    (allow bootloader_t init_t (process (signull)))
)
(optional bootloader_optional_3
    (typeattributeset cil_gen_require rpm_t)
    (allow bootloader_t rpm_t (fd (use)))
    (allow bootloader_t rpm_t (fifo_file (ioctl read getattr lock open)))
)
(optional bootloader_optional_4
    (typeattributeset cil_gen_require security_t)
    (typeattributeset cil_gen_require sysfs_t)
    (dontaudit bootloader_t security_t (filesystem (getattr)))
    (dontaudit bootloader_t sysfs_t (filesystem (getattr)))
    (dontaudit bootloader_t sysfs_t (dir (getattr open search)))
    (dontaudit bootloader_t security_t (dir (getattr open search)))
    (dontaudit bootloader_t security_t (file (ioctl read getattr lock open)))
    (optional bootloader_optional_5
        (typeattributeset cil_gen_require selinux_config_t)
        (dontaudit bootloader_t selinux_config_t (dir (getattr open search)))
        (dontaudit bootloader_t selinux_config_t (file (ioctl read getattr lock open)))
        (optional bootloader_optional_6
            (typeattributeset cil_gen_require bin_t)
            (typeattributeset cil_gen_require usr_t)
            (typeattributeset cil_gen_require fsadm_exec_t)
            (allow bootloader_t fsadm_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
            (allow bootloader_t bin_t (dir (getattr open search)))
            (allow bootloader_t bin_t (lnk_file (read getattr)))
            (allow bootloader_t usr_t (dir (getattr open search)))
        )
        (optional bootloader_optional_7
            (typeattributeset cil_gen_require device_t)
            (typeattributeset cil_gen_require gpmctl_t)
            (allow bootloader_t device_t (dir (getattr open search)))
            (allow bootloader_t device_t (dir (ioctl read getattr lock open search)))
            (allow bootloader_t device_t (dir (getattr open search)))
            (allow bootloader_t device_t (lnk_file (read getattr)))
            (allow bootloader_t gpmctl_t (sock_file (getattr)))
            (allow bootloader_t gpmctl_t (fifo_file (getattr)))
        )
        (optional bootloader_optional_8
            (typeattributeset cil_gen_require device_t)
            (typeattributeset cil_gen_require bin_t)
            (typeattributeset cil_gen_require usr_t)
            (typeattributeset cil_gen_require etc_t)
            (typeattributeset cil_gen_require lvm_control_t)
            (typeattributeset cil_gen_require lvm_t)
            (typeattributeset cil_gen_require lvm_exec_t)
            (typeattributeset cil_gen_require lvm_etc_t)
            (allow bootloader_t device_t (dir (getattr open search)))
            (allow bootloader_t lvm_control_t (chr_file (ioctl read write getattr lock append open)))
            (allow bootloader_t bin_t (dir (getattr open search)))
            (allow bootloader_t bin_t (lnk_file (read getattr)))
            (allow bootloader_t usr_t (dir (getattr open search)))
            (allow bootloader_t lvm_exec_t (file (ioctl read getattr map execute open)))
            (allow bootloader_t lvm_t (process (transition)))
            (dontaudit bootloader_t lvm_t (process (noatsecure siginh rlimitinh)))
            (typetransition bootloader_t lvm_exec_t process lvm_t)
            (allow lvm_t bootloader_t (fd (use)))
            (allow lvm_t bootloader_t (fifo_file (ioctl read write getattr lock append)))
            (allow lvm_t bootloader_t (process (sigchld)))
            (allow bootloader_t etc_t (dir (getattr open search)))
            (allow bootloader_t lvm_etc_t (dir (ioctl read getattr lock open search)))
            (allow bootloader_t lvm_etc_t (dir (getattr open search)))
            (allow bootloader_t lvm_etc_t (file (ioctl read getattr lock open)))
        )
        (optional bootloader_optional_9
            (typeattributeset cil_gen_require bin_t)
            (typeattributeset cil_gen_require usr_t)
            (typeattributeset cil_gen_require boot_t)
            (typeattributeset cil_gen_require etc_t)
            (typeattributeset cil_gen_require modules_object_t)
            (typeattributeset cil_gen_require kmod_t)
            (typeattributeset cil_gen_require kmod_exec_t)
            (typeattributeset cil_gen_require modules_conf_t)
            (typeattributeset cil_gen_require modules_dep_t)
            (allow bootloader_t bin_t (dir (getattr open search)))
            (allow bootloader_t bin_t (lnk_file (read getattr)))
            (allow bootloader_t usr_t (dir (getattr open search)))
            (allow bootloader_t kmod_exec_t (file (ioctl read getattr map execute open)))
            (allow bootloader_t kmod_t (process (transition)))
            (dontaudit bootloader_t kmod_t (process (noatsecure siginh rlimitinh)))
            (typetransition bootloader_t kmod_exec_t process kmod_t)
            (allow kmod_t bootloader_t (fd (use)))
            (allow kmod_t bootloader_t (fifo_file (ioctl read write getattr lock append)))
            (allow kmod_t bootloader_t (process (sigchld)))
            (allow bootloader_t etc_t (dir (getattr open search)))
            (allow bootloader_t boot_t (dir (getattr open search)))
            (allow bootloader_t modules_conf_t (dir (ioctl read getattr lock open search)))
            (allow bootloader_t modules_conf_t (file (ioctl read getattr lock open)))
            (allow bootloader_t modules_conf_t (lnk_file (read getattr)))
            (allow bootloader_t modules_object_t (dir (ioctl read getattr lock open search)))
            (allow bootloader_t modules_object_t (dir (getattr open search)))
            (allow bootloader_t modules_object_t (lnk_file (read getattr)))
            (allow bootloader_t modules_dep_t (file (ioctl read getattr lock map open)))
        )
        (optional bootloader_optional_10
            (typeattributeset cil_gen_require var_t)
            (typeattributeset cil_gen_require var_run_t)
            (typeattributeset cil_gen_require nscd_t)
            (typeattributeset cil_gen_require nscd_runtime_t)
            (booleanif (nscd_use_shm)
                (true
                    (allow bootloader_t nscd_runtime_t (sock_file (read getattr open)))
                    (allow bootloader_t nscd_runtime_t (dir (ioctl read getattr lock open search)))
                    (dontaudit bootloader_t nscd_runtime_t (file (ioctl read getattr lock open)))
                    (allow bootloader_t nscd_t (unix_stream_socket (connectto)))
                    (allow bootloader_t nscd_runtime_t (sock_file (write getattr append open)))
                    (allow bootloader_t nscd_runtime_t (dir (getattr open search)))
                    (allow bootloader_t var_run_t (dir (getattr open search)))
                    (allow bootloader_t var_t (dir (getattr open search)))
                    (allow bootloader_t var_run_t (lnk_file (read getattr)))
                    (allow bootloader_t nscd_t (fd (use)))
                    (allow bootloader_t nscd_t (nscd (getgrp gethost getpwd shmemgrp shmemhost shmempwd)))
                    (allow bootloader_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                )
                (false
                    (allow nscd_t bootloader_t (process (getattr)))
                    (allow nscd_t bootloader_t (lnk_file (read getattr)))
                    (allow nscd_t bootloader_t (file (ioctl read getattr lock open)))
                    (allow nscd_t bootloader_t (dir (ioctl read getattr lock open search)))
                    (dontaudit bootloader_t nscd_runtime_t (file (ioctl read getattr lock open)))
                    (allow bootloader_t nscd_t (unix_stream_socket (connectto)))
                    (allow bootloader_t nscd_runtime_t (sock_file (write getattr append open)))
                    (allow bootloader_t nscd_runtime_t (dir (getattr open search)))
                    (allow bootloader_t var_run_t (dir (getattr open search)))
                    (allow bootloader_t var_t (dir (getattr open search)))
                    (allow bootloader_t var_run_t (lnk_file (read getattr)))
                    (dontaudit bootloader_t nscd_t (nscd (shmemgrp shmemhost shmempwd getserv shmemserv)))
                    (dontaudit bootloader_t nscd_t (fd (use)))
                    (allow bootloader_t nscd_t (nscd (getgrp gethost getpwd)))
                    (allow bootloader_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                )
            )
        )
        (optional bootloader_optional_11
            (typeattributeset cil_gen_require var_t)
            (typeattributeset cil_gen_require var_run_t)
            (typeattributeset cil_gen_require mdadm_runtime_t)
            (allow bootloader_t var_run_t (lnk_file (read getattr)))
            (allow bootloader_t var_t (dir (getattr open search)))
            (allow bootloader_t var_run_t (dir (getattr open search)))
            (allow bootloader_t mdadm_runtime_t (dir (ioctl read getattr lock open search)))
            (allow bootloader_t mdadm_runtime_t (file (ioctl read getattr lock open)))
        )
        (optional bootloader_optional_12
            (typeattributeset cil_gen_require rpm_t)
            (allow bootloader_t rpm_t (fifo_file (ioctl read write getattr lock append open)))
        )
    )
)
(filecon "/etc/lilo\.conf.*" file (system_u object_r bootloader_etc_t ((s0) (s0))))
(filecon "/etc/yaboot\.conf.*" file (system_u object_r bootloader_etc_t ((s0) (s0))))
(filecon "/usr/bin/bootctl" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/efibootmgr" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/grub" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/grub2?-bios-setup" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/grub2?-install" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/grub2?-mkconfig" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/grub2?-probe" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/lilo.*" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/mkrlconf" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/mvrefind" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/refind-install" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/bin/ybin.*" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/bootctl" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/efibootmgr" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/grub" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/grub2?-bios-setup" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/grub2?-install" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/grub2?-mkconfig" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/grub2?-probe" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/lilo.*" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/mkrlconf" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/mvrefind" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/refind-install" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/usr/sbin/ybin.*" file (system_u object_r bootloader_exec_t ((s0) (s0))))
(filecon "/var/lib/os-prober(/.*)?" any (system_u object_r bootloader_tmp_t ((s0) (s0))))
