(roleattribute chfn_roles)
(roletype chfn_roles chfn_t)
(roletype chfn_roles chkpwd_t)
(roleattribute groupadd_roles)
(roletype groupadd_roles groupadd_t)
(roletype groupadd_roles chkpwd_t)
(roleattribute passwd_roles)
(roleattributeset passwd_roles (system_r ))
(roletype passwd_roles passwd_t)
(roletype passwd_roles chkpwd_t)
(roletype passwd_roles updpwd_t)
(roleattribute sysadm_passwd_roles)
(roleattributeset sysadm_passwd_roles (system_r ))
(roletype sysadm_passwd_roles sysadm_passwd_t)
(roleattribute useradd_roles)
(roletype useradd_roles useradd_t)
(roletype useradd_roles chkpwd_t)
(roletype useradd_roles setfiles_t)
(type admin_passwd_exec_t)
(roletype object_r admin_passwd_exec_t)
(type chfn_t)
(roletype object_r chfn_t)
(type chfn_exec_t)
(roletype object_r chfn_exec_t)
(type crack_t)
(roletype object_r crack_t)
(type crack_exec_t)
(roletype object_r crack_exec_t)
(type crack_db_t)
(roletype object_r crack_db_t)
(type crack_tmp_t)
(roletype object_r crack_tmp_t)
(type groupadd_t)
(roletype object_r groupadd_t)
(type groupadd_exec_t)
(roletype object_r groupadd_exec_t)
(type passwd_t)
(roletype object_r passwd_t)
(type passwd_exec_t)
(roletype object_r passwd_exec_t)
(type sysadm_passwd_t)
(roletype object_r sysadm_passwd_t)
(type sysadm_passwd_tmp_t)
(roletype object_r sysadm_passwd_tmp_t)
(type useradd_t)
(roletype object_r useradd_t)
(type useradd_exec_t)
(roletype object_r useradd_exec_t)
(roleattributeset cil_gen_require system_r)
(roletype system_r chfn_t)
(roletype system_r crack_t)
(roletype system_r groupadd_t)
(roletype system_r useradd_t)
(roleattributeset cil_gen_require semanage_roles)
(roleattributeset semanage_roles (useradd_roles ))
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (admin_passwd_exec_t chfn_exec_t crack_exec_t crack_db_t crack_tmp_t groupadd_exec_t passwd_exec_t sysadm_passwd_tmp_t useradd_exec_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (admin_passwd_exec_t chfn_exec_t crack_exec_t crack_db_t crack_tmp_t groupadd_exec_t passwd_exec_t sysadm_passwd_tmp_t useradd_exec_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (admin_passwd_exec_t chfn_exec_t crack_exec_t crack_db_t crack_tmp_t groupadd_exec_t passwd_exec_t sysadm_passwd_tmp_t useradd_exec_t ))
(typeattributeset cil_gen_require can_change_object_identity)
(typeattributeset can_change_object_identity (chfn_t groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require application_domain_type)
(typeattributeset application_domain_type (chfn_t crack_t groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require domain)
(typeattributeset domain (chfn_t crack_t groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require init_t)
(typeattributeset cil_gen_require security_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require selinux_config_t)
(typeattributeset cil_gen_require application_exec_type)
(typeattributeset application_exec_type (admin_passwd_exec_t chfn_exec_t crack_exec_t groupadd_exec_t passwd_exec_t useradd_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (admin_passwd_exec_t chfn_exec_t crack_exec_t groupadd_exec_t passwd_exec_t useradd_exec_t ))
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (admin_passwd_exec_t chfn_exec_t crack_exec_t groupadd_exec_t passwd_exec_t useradd_exec_t ))
(typeattributeset cil_gen_require tmpfile)
(typeattributeset tmpfile (crack_tmp_t sysadm_passwd_tmp_t ))
(typeattributeset cil_gen_require polymember)
(typeattributeset polymember (crack_tmp_t sysadm_passwd_tmp_t ))
(typeattributeset cil_gen_require initrc_t)
(typeattributeset cil_gen_require systemprocess)
(typeattributeset systemprocess (groupadd_t useradd_t ))
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_kernel_t)
(typeattributeset cil_gen_require ttynode)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require ptynode)
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require autofs_t)
(typeattributeset cil_gen_require urandom_device_t)
(typeattributeset cil_gen_require chkpwd_t)
(typeattributeset cil_gen_require chkpwd_exec_t)
(typeattributeset cil_gen_require shadow_t)
(typeattributeset cil_gen_require auth_cache_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require nsswitch_domain)
(typeattributeset nsswitch_domain (chfn_t groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require faillog_t)
(typeattributeset cil_gen_require var_log_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require cert_t)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require shell_exec_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset cil_gen_require etc_runtime_t)
(typeattributeset cil_gen_require home_root_t)
(typeattributeset cil_gen_require initrc_runtime_t)
(typeattributeset cil_gen_require locale_t)
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require default_context_t)
(typeattributeset cil_gen_require file_context_t)
(typeattributeset cil_gen_require unpriv_userdomain)
(typeattributeset cil_gen_require user_home_t)
(typeattributeset cil_gen_require tmp_t)
(typeattributeset cil_gen_require user_home_dir_t)
(typeattributeset cil_gen_require lastlog_t)
(typeattributeset cil_gen_require can_read_shadow_passwords)
(typeattributeset can_read_shadow_passwords (groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require can_write_shadow_passwords)
(typeattributeset can_write_shadow_passwords (groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require shadow_history_t)
(typeattributeset cil_gen_require shadow_lock_t)
(typeattributeset cil_gen_require can_relabelto_shadow_passwords)
(typeattributeset can_relabelto_shadow_passwords (groupadd_t passwd_t sysadm_passwd_t useradd_t ))
(typeattributeset cil_gen_require var_lib_t)
(typeattributeset cil_gen_require mlsfilewrite)
(typeattributeset mlsfilewrite (passwd_t ))
(typeattributeset cil_gen_require mlsfiledowngrade)
(typeattributeset mlsfiledowngrade (passwd_t ))
(typeattributeset cil_gen_require updpwd_t)
(typeattributeset cil_gen_require updpwd_exec_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require user_tty_device_t)
(typeattributeset cil_gen_require userdomain)
(typeattributeset cil_gen_require user_tmp_t)
(typeattributeset cil_gen_require user_runtime_t)
(typeattributeset cil_gen_require user_runtime_root_t)
(typeattributeset cil_gen_require var_spool_t)
(typeattributeset cil_gen_require mlsfileupgrade)
(typeattributeset mlsfileupgrade (useradd_t ))
(typeattributeset cil_gen_require semanage_t)
(typeattributeset cil_gen_require semanage_exec_t)
(typeattributeset cil_gen_require setfiles_t)
(typeattributeset cil_gen_require setfiles_exec_t)
(typeattributeset cil_gen_require user_home_content_type)
(allow chfn_t chfn_exec_t (file (entrypoint)))
(allow chfn_t chfn_exec_t (file (ioctl read getattr lock map execute open)))
(allow crack_t crack_exec_t (file (entrypoint)))
(allow crack_t crack_exec_t (file (ioctl read getattr lock map execute open)))
(allow groupadd_t groupadd_exec_t (file (entrypoint)))
(allow groupadd_t groupadd_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t groupadd_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t groupadd_t (process (transition)))
(dontaudit initrc_t groupadd_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t groupadd_exec_t process groupadd_t)
(allow groupadd_t initrc_t (fd (use)))
(allow groupadd_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow groupadd_t initrc_t (process (sigchld)))
(allow passwd_t passwd_exec_t (file (entrypoint)))
(allow passwd_t passwd_exec_t (file (ioctl read getattr lock map execute open)))
(allow sysadm_passwd_t admin_passwd_exec_t (file (entrypoint)))
(allow sysadm_passwd_t admin_passwd_exec_t (file (ioctl read getattr lock map execute open)))
(allow useradd_t useradd_exec_t (file (entrypoint)))
(allow useradd_t useradd_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t useradd_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t useradd_t (process (transition)))
(dontaudit initrc_t useradd_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t useradd_exec_t process useradd_t)
(allow useradd_t initrc_t (fd (use)))
(allow useradd_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow useradd_t initrc_t (process (sigchld)))
(allow chfn_t self (capability (chown dac_override fsetid setgid setuid sys_resource)))
(allow chfn_t self (process (transition sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh setrlimit rlimitinh dyntransition setkeycreate setsockcreate getrlimit)))
(allow chfn_t self (fd (use)))
(allow chfn_t self (fifo_file (ioctl read write getattr lock append open)))
(allow chfn_t self (sock_file (read getattr open)))
(allow chfn_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow chfn_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow chfn_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow chfn_t self (msg (send receive)))
(allow chfn_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow chfn_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow chfn_t self (unix_dgram_socket (sendto)))
(allow chfn_t self (unix_stream_socket (connectto)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t proc_t (file (ioctl read getattr lock open)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t proc_t (lnk_file (read getattr)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t proc_t (dir (ioctl read getattr lock open search)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t sysctl_t (dir (getattr open search)))
(allow chfn_t sysctl_kernel_t (dir (getattr open search)))
(allow chfn_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t sysctl_t (dir (getattr open search)))
(allow chfn_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow chfn_t security_t (filesystem (getattr)))
(allow chfn_t sysfs_t (filesystem (getattr)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t proc_t (file (ioctl read getattr lock open)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t proc_t (lnk_file (read getattr)))
(allow chfn_t proc_t (dir (getattr open search)))
(allow chfn_t proc_t (dir (ioctl read getattr lock open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t security_t (dir (ioctl read getattr lock open search)))
(allow chfn_t security_t (file (ioctl read write getattr map open)))
(allow chfn_t security_t (security (check_context)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow chfn_t security_t (dir (ioctl read getattr lock open search)))
(allow chfn_t security_t (file (ioctl read write getattr map open)))
(allow chfn_t security_t (security (compute_av)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t security_t (dir (ioctl read getattr lock open search)))
(allow chfn_t security_t (file (ioctl read write getattr map open)))
(allow chfn_t security_t (security (compute_create)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t security_t (dir (ioctl read getattr lock open search)))
(allow chfn_t security_t (file (ioctl read write getattr map open)))
(allow chfn_t security_t (security (compute_relabel)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t sysfs_t (dir (getattr open search)))
(allow chfn_t security_t (dir (ioctl read getattr lock open search)))
(allow chfn_t security_t (file (ioctl read write getattr map open)))
(allow chfn_t security_t (security (compute_user)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t device_t (dir (ioctl read getattr lock open search)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t device_t (lnk_file (read getattr)))
(allow chfn_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t device_t (dir (ioctl read getattr lock open search)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t device_t (lnk_file (read getattr)))
(allow chfn_t devpts_t (dir (ioctl read getattr lock open search)))
(allow chfn_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow chfn_t fs_t (filesystem (getattr)))
(allow chfn_t autofs_t (dir (getattr open search)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow chfn_t auth_cache_t (dir (getattr open search)))
(allow chfn_t bin_t (dir (getattr open search)))
(allow chfn_t bin_t (lnk_file (read getattr)))
(allow chfn_t usr_t (dir (getattr open search)))
(allow chfn_t chkpwd_exec_t (file (ioctl read getattr map execute open)))
(allow chfn_t chkpwd_t (process (transition)))
(dontaudit chfn_t chkpwd_t (process (noatsecure siginh rlimitinh)))
(typetransition chfn_t chkpwd_exec_t process chkpwd_t)
(allow chkpwd_t chfn_t (fd (use)))
(allow chkpwd_t chfn_t (fifo_file (ioctl read write getattr lock append)))
(allow chkpwd_t chfn_t (process (sigchld)))
(dontaudit chfn_t shadow_t (file (ioctl read getattr lock open)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow chfn_t var_t (dir (getattr open search)))
(allow chfn_t var_log_t (dir (getattr open search)))
(allow chfn_t var_log_t (lnk_file (read getattr)))
(allow chfn_t faillog_t (file (ioctl read write getattr lock append open)))
(allow chfn_t self (capability (audit_write)))
(allow chfn_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow chfn_t cert_t (dir (ioctl read getattr lock open search)))
(allow chfn_t cert_t (dir (getattr open search)))
(allow chfn_t cert_t (file (ioctl read getattr lock open)))
(allow chfn_t cert_t (dir (getattr open search)))
(allow chfn_t cert_t (lnk_file (read getattr)))
(dontaudit chfn_t shadow_t (file (ioctl read getattr lock open)))
(allow chfn_t bin_t (dir (getattr open search)))
(allow chfn_t bin_t (lnk_file (read getattr)))
(allow chfn_t usr_t (dir (getattr open search)))
(allow chfn_t bin_t (dir (getattr open search)))
(allow chfn_t bin_t (dir (ioctl read getattr lock open search)))
(allow chfn_t shell_exec_t (file (execute)))
(allow chfn_t privfd (fd (use)))
(allow chfn_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow chfn_t etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow chfn_t etc_t (dir (getattr open search)))
(allow chfn_t etc_t (lnk_file (read getattr)))
(allow chfn_t etc_t (dir (ioctl read getattr lock open search)))
(allow chfn_t etc_t (dir (getattr open search)))
(allow chfn_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow chfn_t etc_t (dir (getattr open search)))
(allow chfn_t etc_runtime_t (lnk_file (read getattr)))
(dontaudit chfn_t var_t (dir (getattr open search)))
(dontaudit chfn_t home_root_t (dir (getattr open search)))
(dontaudit chfn_t home_root_t (lnk_file (read getattr)))
(dontaudit chfn_t initrc_runtime_t (file (ioctl read write getattr lock append open)))
(allow chfn_t etc_t (dir (getattr open search)))
(allow chfn_t etc_t (lnk_file (read getattr)))
(allow chfn_t usr_t (dir (getattr open search)))
(allow chfn_t locale_t (dir (ioctl read getattr lock open search)))
(allow chfn_t locale_t (dir (getattr open search)))
(allow chfn_t locale_t (file (ioctl read getattr lock open)))
(allow chfn_t locale_t (dir (getattr open search)))
(allow chfn_t locale_t (lnk_file (read getattr)))
(allow chfn_t locale_t (file (map)))
(allow chfn_t devlog_t (sock_file (write getattr append open)))
(allow chfn_t var_run_t (lnk_file (read getattr)))
(allow chfn_t var_t (dir (getattr open search)))
(allow chfn_t var_run_t (dir (getattr open search)))
(allow chfn_t init_runtime_t (dir (getattr open search)))
(allow chfn_t syslogd_runtime_t (dir (getattr open search)))
(allow chfn_t syslogd_t (unix_dgram_socket (sendto)))
(allow chfn_t syslogd_t (unix_stream_socket (connectto)))
(allow chfn_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow chfn_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t device_t (dir (ioctl read getattr lock open search)))
(allow chfn_t device_t (dir (getattr open search)))
(allow chfn_t device_t (lnk_file (read getattr)))
(allow chfn_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit chfn_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow chfn_t etc_t (dir (getattr open search)))
(allow chfn_t selinux_config_t (dir (getattr open search)))
(allow chfn_t default_context_t (dir (getattr open search)))
(allow chfn_t file_context_t (dir (getattr open search)))
(allow chfn_t file_context_t (file (ioctl read getattr lock open)))
(allow chfn_t file_context_t (file (map)))
(allow chfn_t unpriv_userdomain (fd (use)))
(dontaudit chfn_t user_home_t (dir (getattr open search)))
(allow crack_t self (process (sigchld sigkill sigstop signull signal)))
(allow crack_t self (fifo_file (ioctl read write getattr lock append open)))
(allow crack_t crack_db_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow crack_t crack_db_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow crack_t crack_db_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow crack_t crack_db_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
(allow crack_t var_t (dir (getattr open search)))
(allow crack_t crack_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow crack_t crack_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow crack_t crack_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow crack_t crack_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow crack_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition crack_t tmp_t dir crack_tmp_t)
(typetransition crack_t tmp_t file crack_tmp_t)
(allow crack_t proc_t (dir (getattr open search)))
(allow crack_t proc_t (file (ioctl read getattr lock open)))
(allow crack_t proc_t (dir (getattr open search)))
(allow crack_t proc_t (lnk_file (read getattr)))
(allow crack_t proc_t (dir (getattr open search)))
(allow crack_t proc_t (dir (ioctl read getattr lock open search)))
(allow crack_t device_t (dir (getattr open search)))
(allow crack_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow crack_t fs_t (filesystem (getattr)))
(allow crack_t etc_t (dir (ioctl read getattr lock open search)))
(allow crack_t etc_t (dir (getattr open search)))
(allow crack_t etc_t (file (ioctl read getattr lock open)))
(allow crack_t etc_t (dir (getattr open search)))
(allow crack_t etc_t (lnk_file (read getattr)))
(allow crack_t etc_t (dir (ioctl read getattr lock open search)))
(allow crack_t etc_t (dir (getattr open search)))
(allow crack_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow crack_t etc_t (dir (getattr open search)))
(allow crack_t etc_runtime_t (lnk_file (read getattr)))
(allow crack_t usr_t (dir (ioctl read getattr lock open search)))
(allow crack_t usr_t (dir (getattr open search)))
(allow crack_t usr_t (file (ioctl read getattr lock open)))
(allow crack_t usr_t (dir (getattr open search)))
(allow crack_t usr_t (lnk_file (read getattr)))
(allow crack_t bin_t (dir (getattr open search)))
(allow crack_t bin_t (lnk_file (read getattr)))
(allow crack_t usr_t (dir (getattr open search)))
(allow crack_t bin_t (dir (getattr open search)))
(allow crack_t bin_t (dir (ioctl read getattr lock open search)))
(allow crack_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow crack_t devlog_t (sock_file (write getattr append open)))
(allow crack_t var_run_t (lnk_file (read getattr)))
(allow crack_t var_t (dir (getattr open search)))
(allow crack_t var_run_t (dir (getattr open search)))
(allow crack_t init_runtime_t (dir (getattr open search)))
(allow crack_t syslogd_runtime_t (dir (getattr open search)))
(allow crack_t syslogd_t (unix_dgram_socket (sendto)))
(allow crack_t syslogd_t (unix_stream_socket (connectto)))
(allow crack_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow crack_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow crack_t device_t (dir (getattr open search)))
(allow crack_t device_t (dir (ioctl read getattr lock open search)))
(allow crack_t device_t (dir (getattr open search)))
(allow crack_t device_t (lnk_file (read getattr)))
(allow crack_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit crack_t console_device_t (chr_file (ioctl read getattr lock open)))
(dontaudit crack_t user_home_dir_t (dir (getattr open search)))
(allow groupadd_t self (capability (chown dac_override fsetid kill setuid sys_resource audit_write)))
(dontaudit groupadd_t self (capability (fsetid net_admin sys_tty_config)))
(allow groupadd_t self (process (transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh setrlimit rlimitinh dyntransition setkeycreate setsockcreate getrlimit)))
(allow groupadd_t self (fd (use)))
(allow groupadd_t self (fifo_file (ioctl read write getattr lock append open)))
(allow groupadd_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow groupadd_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow groupadd_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow groupadd_t self (msg (send receive)))
(allow groupadd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow groupadd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow groupadd_t self (unix_dgram_socket (sendto)))
(allow groupadd_t self (unix_stream_socket (connectto)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t sysctl_t (dir (getattr open search)))
(allow groupadd_t sysctl_kernel_t (dir (getattr open search)))
(allow groupadd_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t sysctl_t (dir (getattr open search)))
(allow groupadd_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(dontaudit groupadd_t proc_t (filesystem (getattr)))
(allow groupadd_t fs_t (filesystem (getattr)))
(allow groupadd_t autofs_t (dir (getattr open search)))
(allow groupadd_t security_t (filesystem (getattr)))
(allow groupadd_t sysfs_t (filesystem (getattr)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t proc_t (file (ioctl read getattr lock open)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t proc_t (lnk_file (read getattr)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t proc_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t security_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t security_t (file (ioctl read write getattr map open)))
(allow groupadd_t security_t (security (check_context)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow groupadd_t security_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t security_t (file (ioctl read write getattr map open)))
(allow groupadd_t security_t (security (compute_av)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t security_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t security_t (file (ioctl read write getattr map open)))
(allow groupadd_t security_t (security (compute_create)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t security_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t security_t (file (ioctl read write getattr map open)))
(allow groupadd_t security_t (security (compute_relabel)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t sysfs_t (dir (getattr open search)))
(allow groupadd_t security_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t security_t (file (ioctl read write getattr map open)))
(allow groupadd_t security_t (security (compute_user)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t device_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t device_t (lnk_file (read getattr)))
(allow groupadd_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t device_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t device_t (lnk_file (read getattr)))
(allow groupadd_t devpts_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow groupadd_t init_t (fd (use)))
(allow groupadd_t var_run_t (lnk_file (read getattr)))
(allow groupadd_t var_t (dir (getattr open search)))
(allow groupadd_t var_run_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t initrc_runtime_t (file (ioctl read getattr lock open)))
(dontaudit groupadd_t initrc_runtime_t (file (write lock)))
(allow groupadd_t privfd (fd (use)))
(allow groupadd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow groupadd_t etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t etc_t (lnk_file (read getattr)))
(allow groupadd_t etc_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t etc_t (file (getattr relabelfrom relabelto)))
(allow groupadd_t etc_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t etc_runtime_t (lnk_file (read getattr)))
(allow groupadd_t usr_t (dir (getattr open search)))
(allow groupadd_t usr_t (lnk_file (read getattr)))
(allow groupadd_t proc_t (filesystem (getattr)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t sysctl_t (dir (getattr open search)))
(allow groupadd_t sysctl_kernel_t (dir (getattr open search)))
(allow groupadd_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow groupadd_t proc_t (dir (getattr open search)))
(allow groupadd_t sysctl_t (dir (getattr open search)))
(allow groupadd_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t bin_t (dir (getattr open search)))
(allow groupadd_t bin_t (lnk_file (read getattr)))
(allow groupadd_t usr_t (dir (getattr open search)))
(allow groupadd_t bin_t (dir (getattr open search)))
(allow groupadd_t bin_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow groupadd_t self (capability (audit_write)))
(allow groupadd_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow groupadd_t devlog_t (sock_file (write getattr append open)))
(allow groupadd_t var_run_t (lnk_file (read getattr)))
(allow groupadd_t var_t (dir (getattr open search)))
(allow groupadd_t var_run_t (dir (getattr open search)))
(allow groupadd_t init_runtime_t (dir (getattr open search)))
(allow groupadd_t syslogd_runtime_t (dir (getattr open search)))
(allow groupadd_t syslogd_t (unix_dgram_socket (sendto)))
(allow groupadd_t syslogd_t (unix_stream_socket (connectto)))
(allow groupadd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow groupadd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t device_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t device_t (lnk_file (read getattr)))
(allow groupadd_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit groupadd_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t etc_t (lnk_file (read getattr)))
(allow groupadd_t usr_t (dir (getattr open search)))
(allow groupadd_t locale_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t locale_t (dir (getattr open search)))
(allow groupadd_t locale_t (file (ioctl read getattr lock open)))
(allow groupadd_t locale_t (dir (getattr open search)))
(allow groupadd_t locale_t (lnk_file (read getattr)))
(allow groupadd_t locale_t (file (map)))
(allow groupadd_t auth_cache_t (dir (getattr open search)))
(allow groupadd_t bin_t (dir (getattr open search)))
(allow groupadd_t bin_t (lnk_file (read getattr)))
(allow groupadd_t usr_t (dir (getattr open search)))
(allow groupadd_t chkpwd_exec_t (file (ioctl read getattr map execute open)))
(allow groupadd_t chkpwd_t (process (transition)))
(dontaudit groupadd_t chkpwd_t (process (noatsecure siginh rlimitinh)))
(typetransition groupadd_t chkpwd_exec_t process chkpwd_t)
(allow chkpwd_t groupadd_t (fd (use)))
(allow chkpwd_t groupadd_t (fifo_file (ioctl read write getattr lock append)))
(allow chkpwd_t groupadd_t (process (sigchld)))
(dontaudit groupadd_t shadow_t (file (ioctl read getattr lock open)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow groupadd_t device_t (dir (getattr open search)))
(allow groupadd_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow groupadd_t var_t (dir (getattr open search)))
(allow groupadd_t var_log_t (dir (getattr open search)))
(allow groupadd_t var_log_t (lnk_file (read getattr)))
(allow groupadd_t faillog_t (file (ioctl read write getattr lock append open)))
(allow groupadd_t self (capability (audit_write)))
(allow groupadd_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow groupadd_t cert_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t cert_t (dir (getattr open search)))
(allow groupadd_t cert_t (file (ioctl read getattr lock open)))
(allow groupadd_t cert_t (dir (getattr open search)))
(allow groupadd_t cert_t (lnk_file (read getattr)))
(allow groupadd_t var_t (dir (getattr open search)))
(allow groupadd_t var_log_t (dir (getattr open search)))
(allow groupadd_t var_log_t (lnk_file (read getattr)))
(allow groupadd_t lastlog_t (file (ioctl read write getattr setattr lock append open)))
(allow groupadd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t shadow_history_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow groupadd_t shadow_lock_t (dir (getattr open search)))
(allow groupadd_t shadow_lock_t (file (ioctl read write getattr lock append open)))
(allow groupadd_t shadow_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t shadow_t (file (getattr relabelfrom relabelto)))
(allow groupadd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition groupadd_t etc_t file shadow_t)
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow groupadd_t selinux_config_t (dir (getattr open search)))
(allow groupadd_t selinux_config_t (file (ioctl read getattr lock open)))
(allow groupadd_t selinux_config_t (dir (getattr open search)))
(allow groupadd_t selinux_config_t (lnk_file (read getattr)))
(allow groupadd_t etc_t (dir (getattr open search)))
(allow groupadd_t selinux_config_t (dir (getattr open search)))
(allow groupadd_t default_context_t (dir (getattr open search)))
(allow groupadd_t file_context_t (dir (getattr open search)))
(allow groupadd_t file_context_t (file (ioctl read getattr lock open)))
(allow groupadd_t file_context_t (file (map)))
(allow groupadd_t unpriv_userdomain (fd (use)))
(dontaudit groupadd_t user_home_dir_t (dir (getattr open search)))
(allow passwd_t self (capability (chown dac_override dac_read_search fsetid setgid setuid sys_nice sys_resource)))
(dontaudit passwd_t self (capability (sys_tty_config)))
(allow passwd_t self (process (transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh setrlimit rlimitinh dyntransition setkeycreate setsockcreate getrlimit)))
(allow passwd_t self (fd (use)))
(allow passwd_t self (fifo_file (ioctl read write getattr lock append open)))
(allow passwd_t self (sock_file (read getattr open)))
(allow passwd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow passwd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow passwd_t self (unix_dgram_socket (sendto)))
(allow passwd_t self (unix_stream_socket (connectto)))
(allow passwd_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow passwd_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow passwd_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow passwd_t self (msg (send receive)))
(allow passwd_t crack_db_t (dir (ioctl read getattr lock open search)))
(allow passwd_t crack_db_t (dir (getattr open search)))
(allow passwd_t crack_db_t (lnk_file (read getattr)))
(allow passwd_t crack_db_t (dir (getattr open search)))
(allow passwd_t crack_db_t (file (ioctl read getattr lock open)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t sysctl_t (dir (getattr open search)))
(allow passwd_t sysctl_kernel_t (dir (getattr open search)))
(allow passwd_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t sysctl_t (dir (getattr open search)))
(allow passwd_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(dontaudit passwd_t proc_t (filesystem (getattr)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow passwd_t fs_t (filesystem (getattr)))
(allow passwd_t autofs_t (dir (getattr open search)))
(allow passwd_t security_t (filesystem (getattr)))
(allow passwd_t sysfs_t (filesystem (getattr)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t proc_t (file (ioctl read getattr lock open)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t proc_t (lnk_file (read getattr)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t proc_t (dir (ioctl read getattr lock open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow passwd_t security_t (file (ioctl read getattr map open)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow passwd_t security_t (file (ioctl read write getattr map open)))
(allow passwd_t security_t (security (check_context)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow passwd_t security_t (file (ioctl read write getattr map open)))
(allow passwd_t security_t (security (compute_av)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow passwd_t security_t (file (ioctl read write getattr map open)))
(allow passwd_t security_t (security (compute_create)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow passwd_t security_t (file (ioctl read write getattr map open)))
(allow passwd_t security_t (security (compute_relabel)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t sysfs_t (dir (getattr open search)))
(allow passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow passwd_t security_t (file (ioctl read write getattr map open)))
(allow passwd_t security_t (security (compute_user)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (lnk_file (read getattr)))
(allow passwd_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (lnk_file (read getattr)))
(allow passwd_t devpts_t (dir (ioctl read getattr lock open search)))
(allow passwd_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow passwd_t auth_cache_t (dir (getattr open search)))
(allow passwd_t bin_t (dir (getattr open search)))
(allow passwd_t bin_t (lnk_file (read getattr)))
(allow passwd_t usr_t (dir (getattr open search)))
(allow passwd_t chkpwd_exec_t (file (ioctl read getattr map execute open)))
(allow passwd_t chkpwd_t (process (transition)))
(dontaudit passwd_t chkpwd_t (process (noatsecure siginh rlimitinh)))
(typetransition passwd_t chkpwd_exec_t process chkpwd_t)
(allow chkpwd_t passwd_t (fd (use)))
(allow chkpwd_t passwd_t (fifo_file (ioctl read write getattr lock append)))
(allow chkpwd_t passwd_t (process (sigchld)))
(dontaudit passwd_t shadow_t (file (ioctl read getattr lock open)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow passwd_t var_t (dir (getattr open search)))
(allow passwd_t var_log_t (dir (getattr open search)))
(allow passwd_t var_log_t (lnk_file (read getattr)))
(allow passwd_t faillog_t (file (ioctl read write getattr lock append open)))
(allow passwd_t self (capability (audit_write)))
(allow passwd_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow passwd_t cert_t (dir (ioctl read getattr lock open search)))
(allow passwd_t cert_t (dir (getattr open search)))
(allow passwd_t cert_t (file (ioctl read getattr lock open)))
(allow passwd_t cert_t (dir (getattr open search)))
(allow passwd_t cert_t (lnk_file (read getattr)))
(allow passwd_t updpwd_exec_t (file (ioctl read getattr map execute open)))
(allow passwd_t updpwd_t (process (transition)))
(dontaudit passwd_t updpwd_t (process (noatsecure siginh rlimitinh)))
(typetransition passwd_t updpwd_exec_t process updpwd_t)
(allow updpwd_t passwd_t (fd (use)))
(allow updpwd_t passwd_t (fifo_file (ioctl read write getattr lock append)))
(allow updpwd_t passwd_t (process (sigchld)))
(dontaudit passwd_t shadow_t (file (ioctl read getattr lock open)))
(allow passwd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t shadow_history_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow passwd_t shadow_lock_t (dir (getattr open search)))
(allow passwd_t shadow_lock_t (file (ioctl read write getattr lock append open)))
(allow passwd_t shadow_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t shadow_t (file (getattr relabelfrom relabelto)))
(allow passwd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition passwd_t etc_t file shadow_t)
(allow passwd_t bin_t (dir (getattr open search)))
(allow passwd_t bin_t (lnk_file (read getattr)))
(allow passwd_t usr_t (dir (getattr open search)))
(allow passwd_t bin_t (dir (getattr open search)))
(allow passwd_t bin_t (dir (ioctl read getattr lock open search)))
(allow passwd_t shell_exec_t (file (execute)))
(allow passwd_t privfd (fd (use)))
(allow passwd_t etc_t (dir (ioctl read getattr lock open search)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t etc_runtime_t (lnk_file (read getattr)))
(allow passwd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow passwd_t etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t etc_t (lnk_file (read getattr)))
(allow passwd_t var_t (dir (getattr open search)))
(dontaudit passwd_t var_run_t (lnk_file (read getattr)))
(dontaudit passwd_t var_run_t (dir (getattr open search)))
(allow passwd_t etc_t (dir (ioctl read getattr lock open search)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t etc_t (file (getattr relabelfrom relabelto)))
(dontaudit passwd_t initrc_runtime_t (file (ioctl read write getattr lock append open)))
(allow passwd_t init_t (fd (use)))
(allow passwd_t self (capability (audit_write)))
(allow passwd_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow passwd_t devlog_t (sock_file (write getattr append open)))
(allow passwd_t var_run_t (lnk_file (read getattr)))
(allow passwd_t var_t (dir (getattr open search)))
(allow passwd_t var_run_t (dir (getattr open search)))
(allow passwd_t init_runtime_t (dir (getattr open search)))
(allow passwd_t syslogd_runtime_t (dir (getattr open search)))
(allow passwd_t syslogd_t (unix_dgram_socket (sendto)))
(allow passwd_t syslogd_t (unix_stream_socket (connectto)))
(allow passwd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow passwd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (lnk_file (read getattr)))
(allow passwd_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit passwd_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t etc_t (lnk_file (read getattr)))
(allow passwd_t usr_t (dir (getattr open search)))
(allow passwd_t locale_t (dir (ioctl read getattr lock open search)))
(allow passwd_t locale_t (dir (getattr open search)))
(allow passwd_t locale_t (file (ioctl read getattr lock open)))
(allow passwd_t locale_t (dir (getattr open search)))
(allow passwd_t locale_t (lnk_file (read getattr)))
(allow passwd_t locale_t (file (map)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow passwd_t selinux_config_t (dir (getattr open search)))
(allow passwd_t selinux_config_t (file (ioctl read getattr lock open)))
(allow passwd_t selinux_config_t (dir (getattr open search)))
(allow passwd_t selinux_config_t (lnk_file (read getattr)))
(allow passwd_t etc_t (dir (getattr open search)))
(allow passwd_t selinux_config_t (dir (getattr open search)))
(allow passwd_t default_context_t (dir (getattr open search)))
(allow passwd_t file_context_t (dir (getattr open search)))
(allow passwd_t file_context_t (file (ioctl read getattr lock open)))
(allow passwd_t file_context_t (file (map)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow passwd_t device_t (dir (getattr open search)))
(allow passwd_t device_t (lnk_file (read getattr)))
(allow passwd_t devpts_t (dir (ioctl read getattr lock open search)))
(allow passwd_t user_devpts_t (chr_file (ioctl read write getattr append open)))
(allow passwd_t user_tty_device_t (chr_file (ioctl read write getattr append open)))
(allow passwd_t unpriv_userdomain (fd (use)))
(allow passwd_t userdomain (process (getattr)))
(allow passwd_t userdomain (dir (getattr open search)))
(allow passwd_t userdomain (file (ioctl read getattr lock open)))
(allow passwd_t userdomain (dir (getattr open search)))
(allow passwd_t userdomain (lnk_file (read getattr)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t proc_t (dir (getattr open search)))
(allow passwd_t user_tmp_t (dir (getattr open search)))
(allow passwd_t user_tmp_t (file (ioctl read getattr lock open)))
(allow passwd_t user_tmp_t (dir (ioctl read getattr lock open search)))
(allow passwd_t tmp_t (dir (getattr open search)))
(allow passwd_t user_runtime_t (dir (getattr open search)))
(allow passwd_t user_runtime_root_t (dir (getattr open search)))
(allow passwd_t var_run_t (lnk_file (read getattr)))
(allow passwd_t var_t (dir (getattr open search)))
(allow passwd_t var_run_t (dir (getattr open search)))
(dontaudit passwd_t user_home_t (dir (getattr open search)))
(allow sysadm_passwd_t self (capability (chown dac_override fsetid setgid setuid sys_resource)))
(allow sysadm_passwd_t self (process (transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh setrlimit rlimitinh dyntransition setkeycreate setsockcreate getrlimit)))
(allow sysadm_passwd_t self (fd (use)))
(allow sysadm_passwd_t self (fifo_file (ioctl read write getattr lock append open)))
(allow sysadm_passwd_t self (sock_file (read getattr open)))
(allow sysadm_passwd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sysadm_passwd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow sysadm_passwd_t self (unix_dgram_socket (sendto)))
(allow sysadm_passwd_t self (unix_stream_socket (connectto)))
(allow sysadm_passwd_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow sysadm_passwd_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow sysadm_passwd_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow sysadm_passwd_t self (msg (send receive)))
(allow sysadm_passwd_t sysadm_passwd_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow sysadm_passwd_t sysadm_passwd_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow sysadm_passwd_t sysadm_passwd_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow sysadm_passwd_t sysadm_passwd_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow sysadm_passwd_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition sysadm_passwd_t tmp_t dir sysadm_passwd_tmp_t)
(typetransition sysadm_passwd_t tmp_t file sysadm_passwd_tmp_t)
(allow sysadm_passwd_t var_t (dir (getattr open search)))
(dontaudit sysadm_passwd_t home_root_t (dir (getattr open search)))
(dontaudit sysadm_passwd_t home_root_t (lnk_file (read getattr)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t sysctl_t (dir (getattr open search)))
(allow sysadm_passwd_t sysctl_kernel_t (dir (getattr open search)))
(allow sysadm_passwd_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t sysctl_t (dir (getattr open search)))
(allow sysadm_passwd_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (file (ioctl read getattr lock open)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (lnk_file (read getattr)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t security_t (filesystem (getattr)))
(allow sysadm_passwd_t sysfs_t (filesystem (getattr)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (file (ioctl read getattr lock open)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (lnk_file (read getattr)))
(allow sysadm_passwd_t proc_t (dir (getattr open search)))
(allow sysadm_passwd_t proc_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t security_t (file (ioctl read write getattr map open)))
(allow sysadm_passwd_t security_t (security (check_context)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sysadm_passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t security_t (file (ioctl read write getattr map open)))
(allow sysadm_passwd_t security_t (security (compute_av)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t security_t (file (ioctl read write getattr map open)))
(allow sysadm_passwd_t security_t (security (compute_create)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t security_t (file (ioctl read write getattr map open)))
(allow sysadm_passwd_t security_t (security (compute_relabel)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t sysfs_t (dir (getattr open search)))
(allow sysadm_passwd_t security_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t security_t (file (ioctl read write getattr map open)))
(allow sysadm_passwd_t security_t (security (compute_user)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow sysadm_passwd_t fs_t (filesystem (getattr)))
(allow sysadm_passwd_t autofs_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (lnk_file (read getattr)))
(allow sysadm_passwd_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (lnk_file (read getattr)))
(allow sysadm_passwd_t devpts_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow sysadm_passwd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t shadow_history_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow sysadm_passwd_t shadow_lock_t (dir (getattr open search)))
(allow sysadm_passwd_t shadow_lock_t (file (ioctl read write getattr lock append open)))
(allow sysadm_passwd_t shadow_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t shadow_t (file (getattr relabelfrom relabelto)))
(allow sysadm_passwd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition sysadm_passwd_t etc_t file shadow_t)
(allow sysadm_passwd_t bin_t (dir (getattr open search)))
(allow sysadm_passwd_t bin_t (lnk_file (read getattr)))
(allow sysadm_passwd_t usr_t (dir (getattr open search)))
(allow sysadm_passwd_t bin_t (dir (getattr open search)))
(allow sysadm_passwd_t bin_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow sysadm_passwd_t bin_t (dir (getattr open search)))
(allow sysadm_passwd_t bin_t (lnk_file (read getattr)))
(allow sysadm_passwd_t usr_t (dir (getattr open search)))
(allow sysadm_passwd_t bin_t (dir (getattr open search)))
(allow sysadm_passwd_t bin_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow sysadm_passwd_t usr_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t usr_t (dir (getattr open search)))
(allow sysadm_passwd_t usr_t (file (ioctl read getattr lock open)))
(allow sysadm_passwd_t usr_t (dir (getattr open search)))
(allow sysadm_passwd_t usr_t (lnk_file (read getattr)))
(allow sysadm_passwd_t privfd (fd (use)))
(allow sysadm_passwd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow sysadm_passwd_t etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t etc_t (lnk_file (read getattr)))
(allow sysadm_passwd_t etc_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t etc_t (file (getattr relabelfrom relabelto)))
(allow sysadm_passwd_t etc_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t etc_runtime_t (lnk_file (read getattr)))
(dontaudit sysadm_passwd_t var_run_t (lnk_file (read getattr)))
(dontaudit sysadm_passwd_t var_run_t (dir (getattr open search)))
(dontaudit sysadm_passwd_t initrc_runtime_t (file (ioctl read write getattr lock append open)))
(allow sysadm_passwd_t etc_t (dir (getattr open search)))
(allow sysadm_passwd_t etc_t (lnk_file (read getattr)))
(allow sysadm_passwd_t usr_t (dir (getattr open search)))
(allow sysadm_passwd_t locale_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t locale_t (dir (getattr open search)))
(allow sysadm_passwd_t locale_t (file (ioctl read getattr lock open)))
(allow sysadm_passwd_t locale_t (dir (getattr open search)))
(allow sysadm_passwd_t locale_t (lnk_file (read getattr)))
(allow sysadm_passwd_t locale_t (file (map)))
(allow sysadm_passwd_t devlog_t (sock_file (write getattr append open)))
(allow sysadm_passwd_t var_run_t (lnk_file (read getattr)))
(allow sysadm_passwd_t var_t (dir (getattr open search)))
(allow sysadm_passwd_t var_run_t (dir (getattr open search)))
(allow sysadm_passwd_t init_runtime_t (dir (getattr open search)))
(allow sysadm_passwd_t syslogd_runtime_t (dir (getattr open search)))
(allow sysadm_passwd_t syslogd_t (unix_dgram_socket (sendto)))
(allow sysadm_passwd_t syslogd_t (unix_stream_socket (connectto)))
(allow sysadm_passwd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sysadm_passwd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (dir (ioctl read getattr lock open search)))
(allow sysadm_passwd_t device_t (dir (getattr open search)))
(allow sysadm_passwd_t device_t (lnk_file (read getattr)))
(allow sysadm_passwd_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit sysadm_passwd_t console_device_t (chr_file (ioctl read getattr lock open)))
(dontaudit sysadm_passwd_t selinux_config_t (dir (getattr open search)))
(allow sysadm_passwd_t unpriv_userdomain (fd (use)))
(dontaudit sysadm_passwd_t user_home_t (dir (getattr open search)))
(allow useradd_t self (capability (chown dac_override fowner fsetid kill setuid sys_resource)))
(dontaudit useradd_t self (capability (net_admin sys_ptrace sys_tty_config)))
(dontaudit useradd_t self (cap_userns (sys_ptrace)))
(allow useradd_t self (process (transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh rlimitinh dyntransition setkeycreate setsockcreate getrlimit)))
(allow useradd_t self (fd (use)))
(allow useradd_t self (fifo_file (ioctl read write getattr lock append open)))
(allow useradd_t self (shm (create destroy getattr setattr read write associate unix_read unix_write lock)))
(allow useradd_t self (sem (create destroy getattr setattr read write associate unix_read unix_write)))
(allow useradd_t self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue)))
(allow useradd_t self (msg (send receive)))
(allow useradd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow useradd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow useradd_t self (unix_dgram_socket (sendto)))
(allow useradd_t self (unix_stream_socket (connectto)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t sysctl_t (dir (getattr open search)))
(allow useradd_t sysctl_kernel_t (dir (getattr open search)))
(allow useradd_t sysctl_kernel_t (file (ioctl read getattr lock open)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t sysctl_t (dir (getattr open search)))
(allow useradd_t sysctl_kernel_t (dir (ioctl read getattr lock open search)))
(dontaudit useradd_t proc_t (filesystem (getattr)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (lnk_file (read getattr)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (ioctl read getattr lock open search)))
(allow useradd_t shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (lnk_file (read getattr)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (ioctl read getattr lock open search)))
(allow useradd_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow useradd_t privfd (fd (use)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t domain (dir (ioctl read getattr lock open search)))
(allow useradd_t domain (dir (getattr open search)))
(allow useradd_t domain (file (ioctl read getattr lock open)))
(allow useradd_t domain (dir (getattr open search)))
(allow useradd_t domain (lnk_file (read getattr)))
(dontaudit useradd_t var_spool_t (dir (getattr open search)))
(allow useradd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow useradd_t etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t etc_t (lnk_file (read getattr)))
(allow useradd_t var_t (dir (getattr open search)))
(allow useradd_t var_lib_t (dir (getattr open search)))
(allow useradd_t etc_t (dir (ioctl read getattr lock open search)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t etc_t (file (getattr relabelfrom relabelto)))
(allow useradd_t etc_t (dir (ioctl read getattr lock open search)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t etc_runtime_t (file (ioctl read getattr lock open)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t etc_runtime_t (lnk_file (read getattr)))
(allow useradd_t autofs_t (dir (getattr open search)))
(allow useradd_t fs_t (filesystem (getattr)))
(allow useradd_t security_t (filesystem (getattr)))
(allow useradd_t sysfs_t (filesystem (getattr)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t proc_t (file (ioctl read getattr lock open)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t proc_t (lnk_file (read getattr)))
(allow useradd_t proc_t (dir (getattr open search)))
(allow useradd_t proc_t (dir (ioctl read getattr lock open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t security_t (dir (ioctl read getattr lock open search)))
(allow useradd_t security_t (file (ioctl read write getattr map open)))
(allow useradd_t security_t (security (check_context)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t self (netlink_selinux_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow useradd_t security_t (dir (ioctl read getattr lock open search)))
(allow useradd_t security_t (file (ioctl read write getattr map open)))
(allow useradd_t security_t (security (compute_av)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t security_t (dir (ioctl read getattr lock open search)))
(allow useradd_t security_t (file (ioctl read write getattr map open)))
(allow useradd_t security_t (security (compute_create)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t security_t (dir (ioctl read getattr lock open search)))
(allow useradd_t security_t (file (ioctl read write getattr map open)))
(allow useradd_t security_t (security (compute_relabel)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t sysfs_t (dir (getattr open search)))
(allow useradd_t security_t (dir (ioctl read getattr lock open search)))
(allow useradd_t security_t (file (ioctl read write getattr map open)))
(allow useradd_t security_t (security (compute_user)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t device_t (dir (ioctl read getattr lock open search)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t device_t (lnk_file (read getattr)))
(allow useradd_t ttynode (chr_file (ioctl read write getattr lock append open)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t device_t (dir (ioctl read getattr lock open search)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t device_t (lnk_file (read getattr)))
(allow useradd_t devpts_t (dir (ioctl read getattr lock open search)))
(allow useradd_t ptynode (chr_file (ioctl read write getattr lock append open)))
(allow useradd_t auth_cache_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (lnk_file (read getattr)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t chkpwd_exec_t (file (ioctl read getattr map execute open)))
(allow useradd_t chkpwd_t (process (transition)))
(dontaudit useradd_t chkpwd_t (process (noatsecure siginh rlimitinh)))
(typetransition useradd_t chkpwd_exec_t process chkpwd_t)
(allow chkpwd_t useradd_t (fd (use)))
(allow chkpwd_t useradd_t (fifo_file (ioctl read write getattr lock append)))
(allow chkpwd_t useradd_t (process (sigchld)))
(dontaudit useradd_t shadow_t (file (ioctl read getattr lock open)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow useradd_t var_t (dir (getattr open search)))
(allow useradd_t var_log_t (dir (getattr open search)))
(allow useradd_t var_log_t (lnk_file (read getattr)))
(allow useradd_t faillog_t (file (ioctl read write getattr lock append open)))
(allow useradd_t self (capability (audit_write)))
(allow useradd_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow useradd_t cert_t (dir (ioctl read getattr lock open search)))
(allow useradd_t cert_t (dir (getattr open search)))
(allow useradd_t cert_t (file (ioctl read getattr lock open)))
(allow useradd_t cert_t (dir (getattr open search)))
(allow useradd_t cert_t (lnk_file (read getattr)))
(allow useradd_t var_t (dir (getattr open search)))
(allow useradd_t var_log_t (dir (getattr open search)))
(allow useradd_t var_log_t (lnk_file (read getattr)))
(allow useradd_t lastlog_t (file (ioctl read write getattr setattr lock append open)))
(allow useradd_t var_t (dir (getattr open search)))
(allow useradd_t var_log_t (dir (getattr open search)))
(allow useradd_t var_log_t (lnk_file (read getattr)))
(allow useradd_t faillog_t (file (ioctl read write getattr lock append open)))
(allow useradd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t shadow_history_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow useradd_t shadow_lock_t (dir (getattr open search)))
(allow useradd_t shadow_lock_t (file (ioctl read write getattr lock append open)))
(allow useradd_t shadow_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t shadow_t (file (getattr relabelfrom relabelto)))
(allow useradd_t etc_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition useradd_t etc_t file shadow_t)
(allow useradd_t init_t (fd (use)))
(allow useradd_t var_run_t (lnk_file (read getattr)))
(allow useradd_t var_t (dir (getattr open search)))
(allow useradd_t var_run_t (dir (ioctl read getattr lock open search)))
(allow useradd_t initrc_runtime_t (file (ioctl read write getattr lock append open)))
(allow useradd_t self (capability (audit_write)))
(allow useradd_t self (netlink_audit_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay)))
(allow useradd_t devlog_t (sock_file (write getattr append open)))
(allow useradd_t var_run_t (lnk_file (read getattr)))
(allow useradd_t var_t (dir (getattr open search)))
(allow useradd_t var_run_t (dir (getattr open search)))
(allow useradd_t init_runtime_t (dir (getattr open search)))
(allow useradd_t syslogd_runtime_t (dir (getattr open search)))
(allow useradd_t syslogd_t (unix_dgram_socket (sendto)))
(allow useradd_t syslogd_t (unix_stream_socket (connectto)))
(allow useradd_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow useradd_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t device_t (dir (ioctl read getattr lock open search)))
(allow useradd_t device_t (dir (getattr open search)))
(allow useradd_t device_t (lnk_file (read getattr)))
(allow useradd_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit useradd_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t etc_t (lnk_file (read getattr)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t locale_t (dir (ioctl read getattr lock open search)))
(allow useradd_t locale_t (dir (getattr open search)))
(allow useradd_t locale_t (file (ioctl read getattr lock open)))
(allow useradd_t locale_t (dir (getattr open search)))
(allow useradd_t locale_t (lnk_file (read getattr)))
(allow useradd_t locale_t (file (map)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t selinux_config_t (dir (ioctl read getattr lock open search)))
(allow useradd_t selinux_config_t (dir (getattr open search)))
(allow useradd_t selinux_config_t (file (ioctl read getattr lock open)))
(allow useradd_t selinux_config_t (dir (getattr open search)))
(allow useradd_t selinux_config_t (lnk_file (read getattr)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t selinux_config_t (dir (getattr open search)))
(allow useradd_t default_context_t (dir (getattr open search)))
(allow useradd_t file_context_t (dir (getattr open search)))
(allow useradd_t file_context_t (file (ioctl read getattr lock open)))
(allow useradd_t file_context_t (file (map)))
(allow useradd_t etc_t (dir (getattr open search)))
(allow useradd_t selinux_config_t (dir (getattr open search)))
(allow useradd_t default_context_t (dir (ioctl read getattr lock open search)))
(allow useradd_t default_context_t (dir (getattr open search)))
(allow useradd_t default_context_t (file (ioctl read getattr lock open)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (lnk_file (read getattr)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t semanage_exec_t (file (ioctl read getattr map execute open)))
(allow useradd_t semanage_t (process (transition)))
(dontaudit useradd_t semanage_t (process (noatsecure siginh rlimitinh)))
(typetransition useradd_t semanage_exec_t process semanage_t)
(allow semanage_t useradd_t (fd (use)))
(allow semanage_t useradd_t (fifo_file (ioctl read write getattr lock append)))
(allow semanage_t useradd_t (process (sigchld)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t bin_t (dir (getattr open search)))
(allow useradd_t bin_t (lnk_file (read getattr)))
(allow useradd_t usr_t (dir (getattr open search)))
(allow useradd_t setfiles_exec_t (file (ioctl read getattr map execute open)))
(allow useradd_t setfiles_t (process (transition)))
(dontaudit useradd_t setfiles_t (process (noatsecure siginh rlimitinh)))
(typetransition useradd_t setfiles_exec_t process setfiles_t)
(allow setfiles_t useradd_t (fd (use)))
(allow setfiles_t useradd_t (fifo_file (ioctl read write getattr lock append)))
(allow setfiles_t useradd_t (process (sigchld)))
(allow useradd_t unpriv_userdomain (fd (use)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t home_root_t (dir (getattr open search)))
(allow useradd_t home_root_t (lnk_file (read getattr)))
(allow useradd_t user_home_dir_t (dir (ioctl write getattr lock open add_name search)))
(allow useradd_t user_home_content_type (dir (ioctl write getattr lock open add_name search)))
(allow useradd_t user_home_content_type (dir (create getattr)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t user_home_content_type (dir (getattr open search)))
(allow useradd_t user_home_content_type (dir (setattr)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t home_root_t (dir (getattr open search)))
(allow useradd_t home_root_t (lnk_file (read getattr)))
(allow useradd_t user_home_dir_t (dir (ioctl write getattr lock open add_name search)))
(allow useradd_t user_home_content_type (dir (ioctl write getattr lock open add_name search)))
(allow useradd_t user_home_content_type (file (create getattr open)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t user_home_content_type (dir (getattr open search)))
(allow useradd_t user_home_content_type (file (setattr)))
(allow useradd_t user_home_dir_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow useradd_t home_root_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition useradd_t home_root_t dir user_home_dir_t)
(allow useradd_t user_home_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow useradd_t user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow useradd_t user_home_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow useradd_t home_root_t (dir (getattr open search)))
(allow useradd_t home_root_t (lnk_file (read getattr)))
(allow useradd_t user_home_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow useradd_t user_home_t (file (ioctl read write create getattr setattr lock append map unlink link rename open)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t home_root_t (dir (getattr open search)))
(allow useradd_t home_root_t (lnk_file (read getattr)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t home_root_t (dir (getattr open search)))
(allow useradd_t home_root_t (lnk_file (read getattr)))
(allow useradd_t user_home_dir_t (dir (getattr open search)))
(allow useradd_t user_home_content_type (dir (getattr open search)))
(allow useradd_t user_home_content_type (file (ioctl write getattr lock append open)))
(allow useradd_t user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition useradd_t user_home_dir_t fifo_file user_home_t)
(typetransition useradd_t user_home_dir_t sock_file user_home_t)
(typetransition useradd_t user_home_dir_t lnk_file user_home_t)
(typetransition useradd_t user_home_dir_t file user_home_t)
(allow useradd_t home_root_t (dir (getattr open search)))
(allow useradd_t home_root_t (lnk_file (read getattr)))
(allow groupadd_t self (netlink_selinux_socket (create bind)))
(allow useradd_t self (netlink_selinux_socket (create bind)))
(optional usermanage_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow chfn_t init_t (process (sigchld)))
    (allow chfn_t init_t (process (signull)))
    (optional usermanage_optional_3
        (typeattributeset cil_gen_require rpm_t)
        (allow chfn_t rpm_t (fd (use)))
        (allow chfn_t rpm_t (fifo_file (ioctl read getattr lock open)))
    )
    (optional usermanage_optional_4
        (typeattributeset cil_gen_require security_t)
        (typeattributeset cil_gen_require sysfs_t)
        (dontaudit chfn_t security_t (filesystem (getattr)))
        (dontaudit chfn_t sysfs_t (filesystem (getattr)))
        (dontaudit chfn_t sysfs_t (dir (getattr open search)))
        (dontaudit chfn_t security_t (dir (getattr open search)))
        (dontaudit chfn_t security_t (file (ioctl read getattr lock open)))
        (optional usermanage_optional_5
            (typeattributeset cil_gen_require selinux_config_t)
            (dontaudit chfn_t selinux_config_t (dir (getattr open search)))
            (dontaudit chfn_t selinux_config_t (file (ioctl read getattr lock open)))
            (optional usermanage_optional_6
                (typeattributeset cil_gen_require init_t)
                (allow crack_t init_t (process (sigchld)))
                (allow crack_t init_t (process (signull)))
                (optional usermanage_optional_7
                    (typeattributeset cil_gen_require rpm_t)
                    (allow crack_t rpm_t (fd (use)))
                    (allow crack_t rpm_t (fifo_file (ioctl read getattr lock open)))
                )
                (optional usermanage_optional_8
                    (typeattributeset cil_gen_require security_t)
                    (typeattributeset cil_gen_require sysfs_t)
                    (dontaudit crack_t security_t (filesystem (getattr)))
                    (dontaudit crack_t sysfs_t (filesystem (getattr)))
                    (dontaudit crack_t sysfs_t (dir (getattr open search)))
                    (dontaudit crack_t security_t (dir (getattr open search)))
                    (dontaudit crack_t security_t (file (ioctl read getattr lock open)))
                    (optional usermanage_optional_9
                        (typeattributeset cil_gen_require selinux_config_t)
                        (dontaudit crack_t selinux_config_t (dir (getattr open search)))
                        (dontaudit crack_t selinux_config_t (file (ioctl read getattr lock open)))
                        (optional usermanage_optional_10
                            (typeattributeset cil_gen_require init_t)
                            (allow groupadd_t init_t (process (sigchld)))
                            (allow groupadd_t init_t (process (signull)))
                            (optional usermanage_optional_11
                                (typeattributeset cil_gen_require rpm_t)
                                (allow groupadd_t rpm_t (fd (use)))
                                (allow groupadd_t rpm_t (fifo_file (ioctl read getattr lock open)))
                            )
                            (optional usermanage_optional_12
                                (typeattributeset cil_gen_require security_t)
                                (typeattributeset cil_gen_require sysfs_t)
                                (dontaudit groupadd_t security_t (filesystem (getattr)))
                                (dontaudit groupadd_t sysfs_t (filesystem (getattr)))
                                (dontaudit groupadd_t sysfs_t (dir (getattr open search)))
                                (dontaudit groupadd_t security_t (dir (getattr open search)))
                                (dontaudit groupadd_t security_t (file (ioctl read getattr lock open)))
                                (optional usermanage_optional_13
                                    (typeattributeset cil_gen_require selinux_config_t)
                                    (dontaudit groupadd_t selinux_config_t (dir (getattr open search)))
                                    (dontaudit groupadd_t selinux_config_t (file (ioctl read getattr lock open)))
                                    (optional usermanage_optional_14
                                        (typeattributeset cil_gen_require init_t)
                                        (allow passwd_t init_t (process (sigchld)))
                                        (allow passwd_t init_t (process (signull)))
                                        (optional usermanage_optional_15
                                            (typeattributeset cil_gen_require rpm_t)
                                            (allow passwd_t rpm_t (fd (use)))
                                            (allow passwd_t rpm_t (fifo_file (ioctl read getattr lock open)))
                                        )
                                        (optional usermanage_optional_16
                                            (typeattributeset cil_gen_require security_t)
                                            (typeattributeset cil_gen_require sysfs_t)
                                            (dontaudit passwd_t security_t (filesystem (getattr)))
                                            (dontaudit passwd_t sysfs_t (filesystem (getattr)))
                                            (dontaudit passwd_t sysfs_t (dir (getattr open search)))
                                            (dontaudit passwd_t security_t (dir (getattr open search)))
                                            (dontaudit passwd_t security_t (file (ioctl read getattr lock open)))
                                            (optional usermanage_optional_17
                                                (typeattributeset cil_gen_require selinux_config_t)
                                                (dontaudit passwd_t selinux_config_t (dir (getattr open search)))
                                                (dontaudit passwd_t selinux_config_t (file (ioctl read getattr lock open)))
                                                (optional usermanage_optional_18
                                                    (typeattributeset cil_gen_require init_t)
                                                    (allow sysadm_passwd_t init_t (process (sigchld)))
                                                    (allow sysadm_passwd_t init_t (process (signull)))
                                                    (optional usermanage_optional_19
                                                        (typeattributeset cil_gen_require rpm_t)
                                                        (allow sysadm_passwd_t rpm_t (fd (use)))
                                                        (allow sysadm_passwd_t rpm_t (fifo_file (ioctl read getattr lock open)))
                                                    )
                                                    (optional usermanage_optional_20
                                                        (typeattributeset cil_gen_require security_t)
                                                        (typeattributeset cil_gen_require sysfs_t)
                                                        (dontaudit sysadm_passwd_t security_t (filesystem (getattr)))
                                                        (dontaudit sysadm_passwd_t sysfs_t (filesystem (getattr)))
                                                        (dontaudit sysadm_passwd_t sysfs_t (dir (getattr open search)))
                                                        (dontaudit sysadm_passwd_t security_t (dir (getattr open search)))
                                                        (dontaudit sysadm_passwd_t security_t (file (ioctl read getattr lock open)))
                                                        (optional usermanage_optional_21
                                                            (typeattributeset cil_gen_require selinux_config_t)
                                                            (dontaudit sysadm_passwd_t selinux_config_t (dir (getattr open search)))
                                                            (dontaudit sysadm_passwd_t selinux_config_t (file (ioctl read getattr lock open)))
                                                            (optional usermanage_optional_22
                                                                (typeattributeset cil_gen_require init_t)
                                                                (allow useradd_t init_t (process (sigchld)))
                                                                (allow useradd_t init_t (process (signull)))
                                                                (optional usermanage_optional_23
                                                                    (typeattributeset cil_gen_require rpm_t)
                                                                    (allow useradd_t rpm_t (fd (use)))
                                                                    (allow useradd_t rpm_t (fifo_file (ioctl read getattr lock open)))
                                                                )
                                                                (optional usermanage_optional_24
                                                                    (typeattributeset cil_gen_require security_t)
                                                                    (typeattributeset cil_gen_require sysfs_t)
                                                                    (dontaudit useradd_t security_t (filesystem (getattr)))
                                                                    (dontaudit useradd_t sysfs_t (filesystem (getattr)))
                                                                    (dontaudit useradd_t sysfs_t (dir (getattr open search)))
                                                                    (dontaudit useradd_t security_t (dir (getattr open search)))
                                                                    (dontaudit useradd_t security_t (file (ioctl read getattr lock open)))
                                                                    (optional usermanage_optional_25
                                                                        (typeattributeset cil_gen_require selinux_config_t)
                                                                        (dontaudit useradd_t selinux_config_t (dir (getattr open search)))
                                                                        (dontaudit useradd_t selinux_config_t (file (ioctl read getattr lock open)))
                                                                        (optional usermanage_optional_26
                                                                            (typeattributeset cil_gen_require krb5_keytab_t)
                                                                            (typeattributeset cil_gen_require etc_t)
                                                                            (allow chfn_t etc_t (dir (getattr open search)))
                                                                            (allow chfn_t krb5_keytab_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_27
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require pcscd_runtime_t)
                                                                            (typeattributeset cil_gen_require var_run_t)
                                                                            (typeattributeset cil_gen_require pcscd_t)
                                                                            (allow chfn_t var_run_t (lnk_file (read getattr)))
                                                                            (allow chfn_t var_t (dir (getattr open search)))
                                                                            (allow chfn_t var_run_t (dir (getattr open search)))
                                                                            (allow chfn_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow chfn_t pcscd_runtime_t (file (ioctl read getattr lock open)))
                                                                            (allow chfn_t var_run_t (lnk_file (read getattr)))
                                                                            (allow chfn_t var_t (dir (getattr open search)))
                                                                            (allow chfn_t var_run_t (dir (getattr open search)))
                                                                            (allow chfn_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow chfn_t pcscd_runtime_t (sock_file (write getattr append open)))
                                                                            (allow chfn_t pcscd_t (unix_stream_socket (connectto)))
                                                                            (allow pcscd_t chfn_t (dir (ioctl read getattr lock open search)))
                                                                            (allow pcscd_t chfn_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_28
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (typeattributeset cil_gen_require bin_t)
                                                                            (typeattributeset cil_gen_require usr_t)
                                                                            (typeattributeset cil_gen_require nscd_t)
                                                                            (typeattributeset cil_gen_require nscd_exec_t)
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (roleattributeset nscd_roles (chfn_roles ))
                                                                            (allow chfn_t bin_t (dir (getattr open search)))
                                                                            (allow chfn_t bin_t (lnk_file (read getattr)))
                                                                            (allow chfn_t usr_t (dir (getattr open search)))
                                                                            (allow chfn_t nscd_exec_t (file (ioctl read getattr map execute open)))
                                                                            (allow chfn_t nscd_t (process (transition)))
                                                                            (dontaudit chfn_t nscd_t (process (noatsecure siginh rlimitinh)))
                                                                            (typetransition chfn_t nscd_exec_t process nscd_t)
                                                                            (allow nscd_t chfn_t (fd (use)))
                                                                            (allow nscd_t chfn_t (fifo_file (ioctl read write getattr lock append)))
                                                                            (allow nscd_t chfn_t (process (sigchld)))
                                                                        )
                                                                        (optional usermanage_optional_29
                                                                            (typeattributeset cil_gen_require crond_t)
                                                                            (typeattributeset cil_gen_require system_cronjob_t)
                                                                            (roleattributeset cil_gen_require system_r)
                                                                            (roletype system_r crack_t)
                                                                            (allow system_cronjob_t crack_exec_t (file (ioctl read getattr map execute open)))
                                                                            (allow system_cronjob_t crack_t (process (transition)))
                                                                            (dontaudit system_cronjob_t crack_t (process (noatsecure siginh rlimitinh)))
                                                                            (typetransition system_cronjob_t crack_exec_t process crack_t)
                                                                            (allow crack_t system_cronjob_t (fd (use)))
                                                                            (allow crack_t system_cronjob_t (fifo_file (ioctl read write getattr lock append)))
                                                                            (allow crack_t system_cronjob_t (process (sigchld)))
                                                                            (allow crond_t crack_exec_t (file (ioctl read getattr map execute open)))
                                                                            (allow crond_t crack_t (process (transition)))
                                                                            (dontaudit crond_t crack_t (process (noatsecure siginh rlimitinh)))
                                                                            (typetransition crond_t crack_exec_t process crack_t)
                                                                            (allow crack_t crond_t (fd (use)))
                                                                            (allow crack_t crond_t (fifo_file (ioctl read write getattr lock append)))
                                                                            (allow crack_t crond_t (process (sigchld)))
                                                                        )
                                                                        (optional usermanage_optional_30
                                                                            (typeattributeset cil_gen_require krb5_keytab_t)
                                                                            (typeattributeset cil_gen_require etc_t)
                                                                            (allow groupadd_t etc_t (dir (getattr open search)))
                                                                            (allow groupadd_t krb5_keytab_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_31
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require pcscd_runtime_t)
                                                                            (typeattributeset cil_gen_require var_run_t)
                                                                            (typeattributeset cil_gen_require pcscd_t)
                                                                            (allow groupadd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow groupadd_t var_t (dir (getattr open search)))
                                                                            (allow groupadd_t var_run_t (dir (getattr open search)))
                                                                            (allow groupadd_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow groupadd_t pcscd_runtime_t (file (ioctl read getattr lock open)))
                                                                            (allow groupadd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow groupadd_t var_t (dir (getattr open search)))
                                                                            (allow groupadd_t var_run_t (dir (getattr open search)))
                                                                            (allow groupadd_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow groupadd_t pcscd_runtime_t (sock_file (write getattr append open)))
                                                                            (allow groupadd_t pcscd_t (unix_stream_socket (connectto)))
                                                                            (allow pcscd_t groupadd_t (dir (ioctl read getattr lock open search)))
                                                                            (allow pcscd_t groupadd_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_32
                                                                            (typeattributeset cil_gen_require apt_t)
                                                                            (allow groupadd_t apt_t (fd (use)))
                                                                        )
                                                                        (optional usermanage_optional_33
                                                                            (typeattributeset cil_gen_require cloud_init_t)
                                                                            (typeattributeset cil_gen_require cloud_init_tmp_t)
                                                                            (allow groupadd_t cloud_init_t (fd (use)))
                                                                            (allow groupadd_t cloud_init_tmp_t (file (ioctl write getattr lock append)))
                                                                        )
                                                                        (optional usermanage_optional_34
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require var_run_t)
                                                                            (typeattributeset cil_gen_require dbusd_system_bus_client)
                                                                            (typeattributeset cil_gen_require system_dbusd_t)
                                                                            (typeattributeset cil_gen_require system_dbusd_runtime_t)
                                                                            (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                                                                            (typeattributeset cil_gen_require var_lib_t)
                                                                            (typeattributeset cil_gen_require session_dbusd_tmp_t)
                                                                            (typeattributeset cil_gen_require dbusd_etc_t)
                                                                            (typeattributeset cil_gen_require dbusd_system_bus_client)
                                                                            (typeattributeset dbusd_system_bus_client (groupadd_t ))
                                                                            (allow groupadd_t system_dbusd_t (dbus (send_msg)))
                                                                            (allow groupadd_t self (dbus (send_msg)))
                                                                            (allow system_dbusd_t groupadd_t (dbus (send_msg)))
                                                                            (allow groupadd_t var_t (dir (getattr open search)))
                                                                            (allow groupadd_t var_lib_t (dir (getattr open search)))
                                                                            (allow groupadd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                            (allow groupadd_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                                                                            (allow groupadd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                            (allow groupadd_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                                                            (allow groupadd_t session_dbusd_tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t session_dbusd_tmp_t (sock_file (read write getattr append open)))
                                                                            (allow groupadd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow groupadd_t var_t (dir (getattr open search)))
                                                                            (allow groupadd_t var_run_t (dir (getattr open search)))
                                                                            (allow groupadd_t system_dbusd_runtime_t (dir (getattr open search)))
                                                                            (allow groupadd_t system_dbusd_runtime_t (sock_file (write getattr append open)))
                                                                            (allow groupadd_t system_dbusd_t (unix_stream_socket (connectto)))
                                                                            (allow groupadd_t dbusd_etc_t (dir (ioctl read getattr lock open search)))
                                                                            (allow groupadd_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                                                            (allow groupadd_t system_dbusd_runtime_t (dir (ioctl read getattr lock open search)))
                                                                            (allow groupadd_t system_dbusd_runtime_t (sock_file (read)))
                                                                            (allow groupadd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                            (allow groupadd_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                                                        )
                                                                        (optional usermanage_optional_35
                                                                            (typeattributeset cil_gen_require dpkg_t)
                                                                            (allow groupadd_t dpkg_t (fd (use)))
                                                                            (allow groupadd_t dpkg_t (fifo_file (ioctl read write getattr lock append open)))
                                                                        )
                                                                        (optional usermanage_optional_36
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (typeattributeset cil_gen_require bin_t)
                                                                            (typeattributeset cil_gen_require usr_t)
                                                                            (typeattributeset cil_gen_require nscd_t)
                                                                            (typeattributeset cil_gen_require nscd_exec_t)
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (roleattributeset nscd_roles (groupadd_roles ))
                                                                            (allow groupadd_t bin_t (dir (getattr open search)))
                                                                            (allow groupadd_t bin_t (lnk_file (read getattr)))
                                                                            (allow groupadd_t usr_t (dir (getattr open search)))
                                                                            (allow groupadd_t nscd_exec_t (file (ioctl read getattr map execute open)))
                                                                            (allow groupadd_t nscd_t (process (transition)))
                                                                            (dontaudit groupadd_t nscd_t (process (noatsecure siginh rlimitinh)))
                                                                            (typetransition groupadd_t nscd_exec_t process nscd_t)
                                                                            (allow nscd_t groupadd_t (fd (use)))
                                                                            (allow nscd_t groupadd_t (fifo_file (ioctl read write getattr lock append)))
                                                                            (allow nscd_t groupadd_t (process (sigchld)))
                                                                        )
                                                                        (optional usermanage_optional_37
                                                                            (typeattributeset cil_gen_require tmp_t)
                                                                            (typeattributeset cil_gen_require puppet_tmp_t)
                                                                            (allow groupadd_t tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t puppet_tmp_t (file (ioctl read write getattr lock append open)))
                                                                        )
                                                                        (optional usermanage_optional_38
                                                                            (typeattributeset cil_gen_require rpm_t)
                                                                            (typeattributeset cil_gen_require tmp_t)
                                                                            (typeattributeset cil_gen_require rpm_tmp_t)
                                                                            (allow groupadd_t rpm_t (fd (use)))
                                                                            (allow groupadd_t rpm_t (fifo_file (ioctl read write getattr lock append open)))
                                                                            (allow groupadd_t tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t rpm_tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t rpm_tmp_t (file (ioctl read getattr lock open)))
                                                                            (allow groupadd_t rpm_tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t rpm_tmp_t (lnk_file (read getattr)))
                                                                            (allow groupadd_t tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t rpm_tmp_t (dir (getattr open search)))
                                                                            (allow groupadd_t rpm_tmp_t (file (ioctl getattr lock append open)))
                                                                        )
                                                                        (optional usermanage_optional_39
                                                                            (typeattributeset cil_gen_require etc_t)
                                                                            (typeattributeset cil_gen_require systemd_conf_t)
                                                                            (allow groupadd_t etc_t (dir (getattr open search)))
                                                                            (allow groupadd_t systemd_conf_t (file (getattr)))
                                                                            (optional usermanage_optional_40
                                                                                (typeattributeset cil_gen_require init_t)
                                                                                (typeattributeset cil_gen_require var_t)
                                                                                (typeattributeset cil_gen_require var_run_t)
                                                                                (typeattributeset cil_gen_require dbusd_system_bus_client)
                                                                                (typeattributeset cil_gen_require system_dbusd_t)
                                                                                (typeattributeset cil_gen_require system_dbusd_runtime_t)
                                                                                (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                                                                                (typeattributeset cil_gen_require var_lib_t)
                                                                                (typeattributeset cil_gen_require session_dbusd_tmp_t)
                                                                                (typeattributeset cil_gen_require dbusd_etc_t)
                                                                                (typeattributeset cil_gen_require dbusd_system_bus_client)
                                                                                (typeattributeset dbusd_system_bus_client (groupadd_t ))
                                                                                (allow groupadd_t system_dbusd_t (dbus (send_msg)))
                                                                                (allow groupadd_t self (dbus (send_msg)))
                                                                                (allow system_dbusd_t groupadd_t (dbus (send_msg)))
                                                                                (allow groupadd_t var_t (dir (getattr open search)))
                                                                                (allow groupadd_t var_lib_t (dir (getattr open search)))
                                                                                (allow groupadd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                                (allow groupadd_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                                                                                (allow groupadd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                                (allow groupadd_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                                                                (allow groupadd_t session_dbusd_tmp_t (dir (getattr open search)))
                                                                                (allow groupadd_t session_dbusd_tmp_t (sock_file (read write getattr append open)))
                                                                                (allow groupadd_t var_run_t (lnk_file (read getattr)))
                                                                                (allow groupadd_t var_t (dir (getattr open search)))
                                                                                (allow groupadd_t var_run_t (dir (getattr open search)))
                                                                                (allow groupadd_t system_dbusd_runtime_t (dir (getattr open search)))
                                                                                (allow groupadd_t system_dbusd_runtime_t (sock_file (write getattr append open)))
                                                                                (allow groupadd_t system_dbusd_t (unix_stream_socket (connectto)))
                                                                                (allow groupadd_t dbusd_etc_t (dir (ioctl read getattr lock open search)))
                                                                                (allow groupadd_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                                                                (allow groupadd_t system_dbusd_runtime_t (dir (ioctl read getattr lock open search)))
                                                                                (allow groupadd_t system_dbusd_runtime_t (sock_file (read)))
                                                                                (allow groupadd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                                (allow groupadd_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                                                                (allow groupadd_t init_t (dbus (send_msg)))
                                                                                (allow init_t groupadd_t (dbus (send_msg)))
                                                                            )
                                                                        )
                                                                        (optional usermanage_optional_41
                                                                            (typeattributeset cil_gen_require unconfined_t)
                                                                            (allow groupadd_t unconfined_t (fd (use)))
                                                                            (allow groupadd_t unconfined_t (fifo_file (ioctl write getattr lock append)))
                                                                        )
                                                                        (optional usermanage_optional_42
                                                                            (typeattributeset cil_gen_require krb5_keytab_t)
                                                                            (typeattributeset cil_gen_require etc_t)
                                                                            (allow passwd_t etc_t (dir (getattr open search)))
                                                                            (allow passwd_t krb5_keytab_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_43
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require pcscd_runtime_t)
                                                                            (typeattributeset cil_gen_require var_run_t)
                                                                            (typeattributeset cil_gen_require pcscd_t)
                                                                            (allow passwd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow passwd_t var_t (dir (getattr open search)))
                                                                            (allow passwd_t var_run_t (dir (getattr open search)))
                                                                            (allow passwd_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow passwd_t pcscd_runtime_t (file (ioctl read getattr lock open)))
                                                                            (allow passwd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow passwd_t var_t (dir (getattr open search)))
                                                                            (allow passwd_t var_run_t (dir (getattr open search)))
                                                                            (allow passwd_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow passwd_t pcscd_runtime_t (sock_file (write getattr append open)))
                                                                            (allow passwd_t pcscd_t (unix_stream_socket (connectto)))
                                                                            (allow pcscd_t passwd_t (dir (ioctl read getattr lock open search)))
                                                                            (allow pcscd_t passwd_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_44
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (typeattributeset cil_gen_require bin_t)
                                                                            (typeattributeset cil_gen_require usr_t)
                                                                            (typeattributeset cil_gen_require nscd_t)
                                                                            (typeattributeset cil_gen_require nscd_exec_t)
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (roleattributeset nscd_roles (passwd_roles ))
                                                                            (allow passwd_t bin_t (dir (getattr open search)))
                                                                            (allow passwd_t bin_t (lnk_file (read getattr)))
                                                                            (allow passwd_t usr_t (dir (getattr open search)))
                                                                            (allow passwd_t nscd_exec_t (file (ioctl read getattr map execute open)))
                                                                            (allow passwd_t nscd_t (process (transition)))
                                                                            (dontaudit passwd_t nscd_t (process (noatsecure siginh rlimitinh)))
                                                                            (typetransition passwd_t nscd_exec_t process nscd_t)
                                                                            (allow nscd_t passwd_t (fd (use)))
                                                                            (allow nscd_t passwd_t (fifo_file (ioctl read write getattr lock append)))
                                                                            (allow nscd_t passwd_t (process (sigchld)))
                                                                            (optional usermanage_optional_45
                                                                                (roleattributeset cil_gen_require nscd_roles)
                                                                                (typeattributeset cil_gen_require bin_t)
                                                                                (typeattributeset cil_gen_require usr_t)
                                                                                (typeattributeset cil_gen_require nscd_t)
                                                                                (typeattributeset cil_gen_require nscd_exec_t)
                                                                                (roleattributeset cil_gen_require nscd_roles)
                                                                                (roleattributeset nscd_roles (sysadm_passwd_roles ))
                                                                                (allow sysadm_passwd_t bin_t (dir (getattr open search)))
                                                                                (allow sysadm_passwd_t bin_t (lnk_file (read getattr)))
                                                                                (allow sysadm_passwd_t usr_t (dir (getattr open search)))
                                                                                (allow sysadm_passwd_t nscd_exec_t (file (ioctl read getattr map execute open)))
                                                                                (allow sysadm_passwd_t nscd_t (process (transition)))
                                                                                (dontaudit sysadm_passwd_t nscd_t (process (noatsecure siginh rlimitinh)))
                                                                                (typetransition sysadm_passwd_t nscd_exec_t process nscd_t)
                                                                                (allow nscd_t sysadm_passwd_t (fd (use)))
                                                                                (allow nscd_t sysadm_passwd_t (fifo_file (ioctl read write getattr lock append)))
                                                                                (allow nscd_t sysadm_passwd_t (process (sigchld)))
                                                                            )
                                                                        )
                                                                        (optional usermanage_optional_46
                                                                            (typeattributeset cil_gen_require krb5_keytab_t)
                                                                            (typeattributeset cil_gen_require etc_t)
                                                                            (allow useradd_t etc_t (dir (getattr open search)))
                                                                            (allow useradd_t krb5_keytab_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_47
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require pcscd_runtime_t)
                                                                            (typeattributeset cil_gen_require var_run_t)
                                                                            (typeattributeset cil_gen_require pcscd_t)
                                                                            (allow useradd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow useradd_t var_t (dir (getattr open search)))
                                                                            (allow useradd_t var_run_t (dir (getattr open search)))
                                                                            (allow useradd_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow useradd_t pcscd_runtime_t (file (ioctl read getattr lock open)))
                                                                            (allow useradd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow useradd_t var_t (dir (getattr open search)))
                                                                            (allow useradd_t var_run_t (dir (getattr open search)))
                                                                            (allow useradd_t pcscd_runtime_t (dir (getattr open search)))
                                                                            (allow useradd_t pcscd_runtime_t (sock_file (write getattr append open)))
                                                                            (allow useradd_t pcscd_t (unix_stream_socket (connectto)))
                                                                            (allow pcscd_t useradd_t (dir (ioctl read getattr lock open search)))
                                                                            (allow pcscd_t useradd_t (file (ioctl read getattr lock open)))
                                                                        )
                                                                        (optional usermanage_optional_48
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require var_spool_t)
                                                                            (typeattributeset cil_gen_require mail_spool_t)
                                                                            (allow useradd_t var_t (dir (getattr open search)))
                                                                            (allow useradd_t var_spool_t (dir (getattr open search)))
                                                                            (allow useradd_t mail_spool_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t mail_spool_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
                                                                            (allow useradd_t mail_spool_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t mail_spool_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                                                            (allow useradd_t mail_spool_t (file (map)))
                                                                            (allow useradd_t mail_spool_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t mail_spool_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
                                                                        )
                                                                        (optional usermanage_optional_49
                                                                            (typeattributeset cil_gen_require httpd_user_content_t)
                                                                            (typeattributeset cil_gen_require httpd_user_rw_content_t)
                                                                            (typeattributeset cil_gen_require httpd_user_ra_content_t)
                                                                            (typeattributeset cil_gen_require httpd_user_htaccess_t)
                                                                            (typeattributeset cil_gen_require httpd_user_script_exec_t)
                                                                            (allow useradd_t httpd_user_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_rw_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_ra_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_script_exec_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_content_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
                                                                            (allow useradd_t httpd_user_rw_content_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
                                                                            (allow useradd_t httpd_user_ra_content_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
                                                                            (allow useradd_t httpd_user_script_exec_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
                                                                            (allow useradd_t httpd_user_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_rw_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_ra_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_htaccess_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_script_exec_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_content_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                                                            (allow useradd_t httpd_user_rw_content_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                                                            (allow useradd_t httpd_user_ra_content_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                                                            (allow useradd_t httpd_user_htaccess_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                                                            (allow useradd_t httpd_user_script_exec_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
                                                                            (allow useradd_t httpd_user_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_rw_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_ra_content_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_script_exec_t (dir (ioctl read write getattr lock open add_name remove_name search)))
                                                                            (allow useradd_t httpd_user_content_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
                                                                            (allow useradd_t httpd_user_rw_content_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
                                                                            (allow useradd_t httpd_user_ra_content_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
                                                                            (allow useradd_t httpd_user_script_exec_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename)))
                                                                        )
                                                                        (optional usermanage_optional_50
                                                                            (typeattributeset cil_gen_require apt_t)
                                                                            (allow useradd_t apt_t (fd (use)))
                                                                        )
                                                                        (optional usermanage_optional_51
                                                                            (typeattributeset cil_gen_require cloud_init_t)
                                                                            (typeattributeset cil_gen_require cloud_init_tmp_t)
                                                                            (allow useradd_t cloud_init_t (fd (use)))
                                                                            (allow useradd_t cloud_init_tmp_t (file (ioctl write getattr lock append)))
                                                                        )
                                                                        (optional usermanage_optional_52
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require var_run_t)
                                                                            (typeattributeset cil_gen_require dbusd_system_bus_client)
                                                                            (typeattributeset cil_gen_require system_dbusd_t)
                                                                            (typeattributeset cil_gen_require system_dbusd_runtime_t)
                                                                            (typeattributeset cil_gen_require system_dbusd_var_lib_t)
                                                                            (typeattributeset cil_gen_require var_lib_t)
                                                                            (typeattributeset cil_gen_require session_dbusd_tmp_t)
                                                                            (typeattributeset cil_gen_require dbusd_etc_t)
                                                                            (typeattributeset cil_gen_require dbusd_system_bus_client)
                                                                            (typeattributeset dbusd_system_bus_client (useradd_t ))
                                                                            (allow useradd_t system_dbusd_t (dbus (send_msg)))
                                                                            (allow useradd_t self (dbus (send_msg)))
                                                                            (allow system_dbusd_t useradd_t (dbus (send_msg)))
                                                                            (allow useradd_t var_t (dir (getattr open search)))
                                                                            (allow useradd_t var_lib_t (dir (getattr open search)))
                                                                            (allow useradd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                            (allow useradd_t system_dbusd_var_lib_t (file (ioctl read getattr lock open)))
                                                                            (allow useradd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                            (allow useradd_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                                                            (allow useradd_t session_dbusd_tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t session_dbusd_tmp_t (sock_file (read write getattr append open)))
                                                                            (allow useradd_t var_run_t (lnk_file (read getattr)))
                                                                            (allow useradd_t var_t (dir (getattr open search)))
                                                                            (allow useradd_t var_run_t (dir (getattr open search)))
                                                                            (allow useradd_t system_dbusd_runtime_t (dir (getattr open search)))
                                                                            (allow useradd_t system_dbusd_runtime_t (sock_file (write getattr append open)))
                                                                            (allow useradd_t system_dbusd_t (unix_stream_socket (connectto)))
                                                                            (allow useradd_t dbusd_etc_t (dir (ioctl read getattr lock open search)))
                                                                            (allow useradd_t dbusd_etc_t (file (ioctl read getattr lock open)))
                                                                            (allow useradd_t system_dbusd_runtime_t (dir (ioctl read getattr lock open search)))
                                                                            (allow useradd_t system_dbusd_runtime_t (sock_file (read)))
                                                                            (allow useradd_t system_dbusd_var_lib_t (dir (getattr open search)))
                                                                            (allow useradd_t system_dbusd_var_lib_t (lnk_file (read getattr)))
                                                                        )
                                                                        (optional usermanage_optional_53
                                                                            (typeattributeset cil_gen_require dpkg_t)
                                                                            (allow useradd_t dpkg_t (fd (use)))
                                                                            (allow useradd_t dpkg_t (fifo_file (ioctl read write getattr lock append open)))
                                                                        )
                                                                        (optional usermanage_optional_54
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (typeattributeset cil_gen_require bin_t)
                                                                            (typeattributeset cil_gen_require usr_t)
                                                                            (typeattributeset cil_gen_require nscd_t)
                                                                            (typeattributeset cil_gen_require nscd_exec_t)
                                                                            (roleattributeset cil_gen_require nscd_roles)
                                                                            (roleattributeset nscd_roles (useradd_roles ))
                                                                            (allow useradd_t bin_t (dir (getattr open search)))
                                                                            (allow useradd_t bin_t (lnk_file (read getattr)))
                                                                            (allow useradd_t usr_t (dir (getattr open search)))
                                                                            (allow useradd_t nscd_exec_t (file (ioctl read getattr map execute open)))
                                                                            (allow useradd_t nscd_t (process (transition)))
                                                                            (dontaudit useradd_t nscd_t (process (noatsecure siginh rlimitinh)))
                                                                            (typetransition useradd_t nscd_exec_t process nscd_t)
                                                                            (allow nscd_t useradd_t (fd (use)))
                                                                            (allow nscd_t useradd_t (fifo_file (ioctl read write getattr lock append)))
                                                                            (allow nscd_t useradd_t (process (sigchld)))
                                                                        )
                                                                        (optional usermanage_optional_55
                                                                            (typeattributeset cil_gen_require tmp_t)
                                                                            (typeattributeset cil_gen_require puppet_tmp_t)
                                                                            (allow useradd_t tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t puppet_tmp_t (file (ioctl read write getattr lock append open)))
                                                                        )
                                                                        (optional usermanage_optional_56
                                                                            (typeattributeset cil_gen_require var_log_t)
                                                                            (typeattributeset cil_gen_require var_t)
                                                                            (typeattributeset cil_gen_require samba_log_t)
                                                                            (booleanif (samba_domain_controller)
                                                                                (true
                                                                                    (allow useradd_t samba_log_t (file (ioctl getattr lock append open)))
                                                                                    (allow useradd_t samba_log_t (dir (ioctl read getattr lock open search)))
                                                                                    (allow useradd_t var_log_t (lnk_file (read getattr)))
                                                                                    (allow useradd_t var_log_t (dir (getattr open search)))
                                                                                    (allow useradd_t var_t (dir (getattr open search)))
                                                                                )
                                                                            )
                                                                        )
                                                                        (optional usermanage_optional_57
                                                                            (typeattributeset cil_gen_require rpm_t)
                                                                            (typeattributeset cil_gen_require tmp_t)
                                                                            (typeattributeset cil_gen_require rpm_tmp_t)
                                                                            (allow useradd_t rpm_t (fd (use)))
                                                                            (allow useradd_t rpm_t (fifo_file (ioctl read write getattr lock append open)))
                                                                            (allow useradd_t tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t rpm_tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t rpm_tmp_t (file (ioctl read getattr lock open)))
                                                                            (allow useradd_t rpm_tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t rpm_tmp_t (lnk_file (read getattr)))
                                                                            (allow useradd_t tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t rpm_tmp_t (dir (getattr open search)))
                                                                            (allow useradd_t rpm_tmp_t (file (ioctl getattr lock append open)))
                                                                        )
                                                                        (optional usermanage_optional_58
                                                                            (typeattributeset cil_gen_require unconfined_t)
                                                                            (allow useradd_t unconfined_t (fd (use)))
                                                                            (allow useradd_t unconfined_t (fifo_file (ioctl write getattr lock append)))
                                                                        )
                                                                    )
                                                                )
                                                            )
                                                        )
                                                    )
                                                )
                                            )
                                        )
                                    )
                                )
                            )
                        )
                    )
                )
            )
        )
    )
)
(filecon "/usr/bin/chage" file (system_u object_r passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/chfn" file (system_u object_r chfn_exec_t (systemlow systemlow)))
(filecon "/usr/bin/chpasswd" file (system_u object_r passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/chsh" file (system_u object_r chfn_exec_t (systemlow systemlow)))
(filecon "/usr/bin/crack_[a-z]*" file (system_u object_r crack_exec_t (systemlow systemlow)))
(filecon "/usr/bin/cracklib-[a-z]*" file (system_u object_r crack_exec_t (systemlow systemlow)))
(filecon "/usr/bin/gpasswd" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/groupadd" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/groupdel" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/groupmod" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/grpconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/grpunconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/passwd" file (system_u object_r passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/pwconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/pwunconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/useradd" file (system_u object_r useradd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/userdel" file (system_u object_r useradd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/usermod" file (system_u object_r useradd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/vigr" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/bin/vipw" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/lib/cracklib_dict.*" file (system_u object_r crack_db_t (systemlow systemlow)))
(filecon "/usr/sbin/chpasswd" file (system_u object_r passwd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/crack_[a-z]*" file (system_u object_r crack_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/cracklib-[a-z]*" file (system_u object_r crack_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/gpasswd" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/groupadd" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/groupdel" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/groupmod" file (system_u object_r groupadd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/grpconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/grpunconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/pwconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/pwunconv" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/useradd" file (system_u object_r useradd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/userdel" file (system_u object_r useradd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/usermod" file (system_u object_r useradd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/vigr" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/vipw" file (system_u object_r admin_passwd_exec_t (systemlow systemlow)))
(filecon "/usr/share/cracklib(/.*)?" any (system_u object_r crack_db_t (systemlow systemlow)))
(filecon "/var/cache/cracklib(/.*)?" any (system_u object_r crack_db_t (systemlow systemlow)))
