allow daemon cluster_conf_t:file { append create getattr ioctl link lock open read rename setattr unlink watch watch_reads write }; [ daemons_enable_cluster_mode ]:True
allow daemon cluster_conf_t:file { getattr ioctl lock open read }; [ daemons_enable_cluster_mode ]:False
allow daemon cluster_tmp_t:file write; [ daemons_enable_cluster_mode ]:True
allow daemon cluster_var_lib_t:file { append create getattr ioctl link lock open read rename setattr unlink watch watch_reads write }; [ daemons_enable_cluster_mode ]:True
allow daemon cluster_var_lib_t:file { getattr ioctl lock open read }; [ daemons_enable_cluster_mode ]:False
allow daemon cluster_var_run_t:file { append create getattr ioctl link lock open read rename setattr unlink watch watch_reads write }; [ daemons_enable_cluster_mode ]:True
allow daemon cluster_var_run_t:file { getattr ioctl lock open read }; [ daemons_enable_cluster_mode ]:False
allow daemon initrc_tmp_t:file write;
allow daemon logfile:file { append getattr ioctl lock };
allow daemon nscd_var_run_t:file map;
allow daemon root_t:file { append create getattr ioctl link lock open read rename setattr unlink watch watch_reads write }; [ daemons_dump_core ]:True
allow daemon systemd_notify_exec_t:file { execute execute_no_trans getattr ioctl lock map open read };
allow daemon user_cron_spool_t:file { append getattr ioctl lock read write };
allow daemon user_home_t:file { append getattr };
allow domain abrt_helper_exec_t:file { execute getattr ioctl map open read };
allow domain abrt_t:file { getattr ioctl lock open read };
allow domain abrt_var_run_t:file { getattr ioctl lock open read };
allow domain afs_cache_t:file { read write };
allow domain base_ro_file_type:file { getattr ioctl lock open read };
allow domain cpu_online_t:file { getattr ioctl lock open read };
allow domain file_type:file map; [ domain_can_mmap_files ]:True
allow domain fonts_cache_t:file { getattr ioctl lock map open read };
allow domain fonts_t:file { getattr ioctl lock map open read };
allow domain ica_tmpfs_t:file { create getattr open };
allow domain ld_so_cache_t:file { getattr ioctl lock map open read };
allow domain ld_so_t:file { execute getattr ioctl map open read };
allow domain lib_t:file { execute map };
allow domain locale_t:file { getattr ioctl lock map open read };
allow domain machineid_t:file { getattr ioctl lock open read };
allow domain man_cache_t:file { getattr ioctl lock open read };
allow domain man_t:file { getattr ioctl lock open read };
allow domain mandb_cache_t:file { getattr ioctl lock open read };
allow domain pkcs11_modules_conf_t:file { getattr ioctl lock map open read };
allow domain prelink_exec_t:file { execute execute_no_trans getattr ioctl lock map open read }; [ fips_mode ]:True
allow domain rpm_script_tmp_t:file open;
allow domain sosreport_tmp_t:file open;
allow domain sysctl_crypto_t:file { getattr ioctl lock open read };
allow domain sysctl_kernel_t:file { getattr ioctl lock open read }; [ fips_mode ]:True
allow domain sysctl_vm_overcommit_t:file { getattr ioctl lock open read };
allow domain textrel_shlib_t:file { execmod execute map };
allow domain tmpfile:file { append getattr ioctl lock read };
allow domain usermodehelper_t:file { getattr ioctl lock open read };
allow domain usr_t:file map;
allow kernel_system_state_reader proc_t:file { getattr ioctl lock open read };
allow mysqld_t base_ro_file_type:file { execute execute_no_trans map };
allow mysqld_t chkpwd_exec_t:file { execute getattr ioctl map open read };
allow mysqld_t cluster_var_run_t:file { append create getattr ioctl link lock open read rename setattr unlink watch watch_reads write };
allow mysqld_t crack_db_t:file { getattr ioctl lock open read };
allow mysqld_t domain:file { getattr ioctl lock open read };
allow mysqld_t faillog_t:file { create link open read rename setattr unlink watch watch_reads write };
allow mysqld_t hugetlbfs_t:file { append getattr ioctl lock map open read write };
allow mysqld_t ifconfig_exec_t:file { execute getattr ioctl map open read };
allow mysqld_t krb5_home_t:file { getattr ioctl lock open read };
allow mysqld_t krb5_keytab_t:file { getattr ioctl lock open read };
allow mysqld_t lastlog_t:file { create open read setattr write };
allow mysqld_t local_login_home_t:file getattr;
allow mysqld_t mysqld_db_t:file { append create getattr ioctl link lock map open read rename setattr unlink watch watch_reads write };
allow mysqld_t mysqld_etc_t:file { getattr ioctl lock open read };
allow mysqld_t mysqld_exec_t:file { entrypoint execute execute_no_trans getattr ioctl lock map open read };
allow mysqld_t mysqld_log_t:file { create link open read rename setattr unlink watch watch_reads write };
allow mysqld_t mysqld_t:file { append write };
allow mysqld_t mysqld_tmp_t:file { create link map open rename setattr unlink watch watch_reads write };
allow mysqld_t mysqld_var_run_t:file { append create getattr ioctl link lock open read rename setattr unlink watch watch_reads write };
allow mysqld_t openshift_var_lib_t:file getattr;
allow mysqld_t pam_timestamp_exec_t:file { execute execute_no_trans getattr ioctl lock map open read };
allow mysqld_t pcscd_var_run_t:file { getattr ioctl lock open read };
allow mysqld_t proc_net_t:file { getattr ioctl lock open read };
allow mysqld_t rsync_exec_t:file { execute execute_no_trans getattr ioctl lock map open read };
allow mysqld_t security_t:file { append getattr ioctl lock map open read write }; [ kerberos_enabled ]:True
allow mysqld_t sysctl_kernel_t:file { getattr ioctl lock open read };
allow mysqld_t sysfs_t:file { getattr ioctl lock open read };
allow mysqld_t systemd_logind_sessions_t:file { getattr ioctl lock open read };
allow mysqld_t udev_var_run_t:file { getattr ioctl lock open read };
allow mysqld_t updpwd_exec_t:file { execute getattr ioctl map open read };
allow mysqld_t wtmp_t:file { open read };
allow nsswitch_domain cert_t:file { getattr ioctl lock map open read };
allow nsswitch_domain cgroup_t:file { getattr ioctl lock open read };
allow nsswitch_domain dbusd_etc_t:file { getattr ioctl lock open read };
allow nsswitch_domain file_context_t:file { getattr ioctl lock map open read };
allow nsswitch_domain hostname_etc_t:file { getattr ioctl lock open read };
allow nsswitch_domain krb5_conf_t:file { getattr ioctl lock open read };
allow nsswitch_domain krb5_host_rcache_t:file { create link open rename setattr unlink watch watch_reads write };
allow nsswitch_domain net_conf_t:file { getattr ioctl lock open read };
allow nsswitch_domain nscd_var_run_t:file map;
allow nsswitch_domain passwd_file_t:file { getattr ioctl lock map open read };
allow nsswitch_domain samba_etc_t:file { getattr ioctl lock open read };
allow nsswitch_domain samba_var_t:file { getattr ioctl lock open read };
allow nsswitch_domain slapd_cert_t:file { getattr ioctl lock open read }; [ authlogin_nsswitch_use_ldap ]:True
allow nsswitch_domain sssd_public_t:file { getattr ioctl lock map open read };
allow nsswitch_domain sssd_var_lib_t:file { getattr ioctl lock open read };
allow nsswitch_domain system_dbusd_var_lib_t:file { getattr ioctl lock open read };
allow nsswitch_domain var_yp_t:file { getattr ioctl lock open read }; [ nis_enabled ]:True
allow nsswitch_domain virt_var_lib_t:file { getattr ioctl lock open read };