config/appconfig-standard/x_contexts


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194

#
# Config file for XSELinux extension
#


#
##
### Rules for X Clients
##
#

#
# The default client rule defines a context to be used for all clients
# connecting to the server from a remote host.
#
client	*				system_u:object_r:remote_xclient_t


#
##
### Rules for X Properties
##
#

#
# Property rules map a property name to a context.  A default property
# rule indicated by an asterisk should follow all other property rules.
#
# Properties that normal clients may only read
property XFree86_VT			system_u:object_r:info_xproperty_t
property XFree86_DDC_EDID1_RAWDATA	system_u:object_r:info_xproperty_t
property RESOURCE_MANAGER		system_u:object_r:info_xproperty_t
property SCREEN_RESOURCES		system_u:object_r:info_xproperty_t
property _MIT_PRIORITY_COLORS		system_u:object_r:info_xproperty_t
property AT_SPI_IOR			system_u:object_r:info_xproperty_t
property _SELINUX_CLIENT_CONTEXT	system_u:object_r:info_xproperty_t
property _NET_WORKAREA			system_u:object_r:info_xproperty_t
property _XKB_RULES_NAMES		system_u:object_r:info_xproperty_t

# Clipboard and selection properties
property CUT_BUFFER0			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER1			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER2			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER3			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER4			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER5			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER6			system_u:object_r:clipboard_xproperty_t
property CUT_BUFFER7			system_u:object_r:clipboard_xproperty_t

# Default fallback type
property *	   			system_u:object_r:xproperty_t


#
##
### Rules for X Extensions
##
#

#
# Extension rules map an extension name to a context.  A default extension
# rule indicated by an asterisk should follow all other extension rules.
#
# Standard extensions
extension BIG-REQUESTS			system_u:object_r:std_xext_t
extension SHAPE				system_u:object_r:std_xext_t
extension SYNC				system_u:object_r:std_xext_t
extension XC-MISC			system_u:object_r:std_xext_t
extension XFIXES			system_u:object_r:std_xext_t
extension XInputExtension		system_u:object_r:std_xext_t
extension XKEYBOARD			system_u:object_r:std_xext_t
extension DAMAGE			system_u:object_r:std_xext_t
extension RENDER			system_u:object_r:std_xext_t
extension XINERAMA			system_u:object_r:std_xext_t

# Direct hardware access extensions
extension XFree86-DGA			system_u:object_r:directhw_xext_t
extension XFree86-VidModeExtension	system_u:object_r:directhw_xext_t

# Screen management and multihead extensions
extension RANDR				system_u:object_r:output_xext_t
extension Composite			system_u:object_r:output_xext_t

# Screensaver, power management extensions
extension DPMS				system_u:object_r:screensaver_xext_t
extension MIT-SCREEN-SAVER		system_u:object_r:screensaver_xext_t

# Shared memory extensions
extension MIT-SHM			system_u:object_r:shmem_xext_t
extension XFree86-Bigfont		system_u:object_r:shmem_xext_t

# Accelerated graphics, OpenGL, direct rendering extensions
extension GLX				system_u:object_r:accelgraphics_xext_t
extension NV-CONTROL			system_u:object_r:accelgraphics_xext_t
extension NV-GLX			system_u:object_r:accelgraphics_xext_t
extension NVIDIA-GLX			system_u:object_r:accelgraphics_xext_t

# Debugging, testing, and recording extensions
extension RECORD			system_u:object_r:debug_xext_t
extension X-Resource			system_u:object_r:debug_xext_t
extension XTEST				system_u:object_r:debug_xext_t

# Security-related extensions
extension SECURITY			system_u:object_r:security_xext_t
extension SELinux			system_u:object_r:security_xext_t
extension XAccessControlExtension	system_u:object_r:security_xext_t
extension XC-APPGROUP			system_u:object_r:security_xext_t

# Video extensions
extension XVideo			system_u:object_r:video_xext_t
extension XVideo-MotionCompensation	system_u:object_r:video_xext_t

# Default fallback type
extension *	   			system_u:object_r:xext_t


#
##
### Rules for X Selections
##
#

# Selection rules map a selection name to a context.  A default selection
# rule indicated by an asterisk should follow all other selection rules.
#
# Standard selections
selection XA_PRIMARY			system_u:object_r:clipboard_xselection_t
selection XA_SECONDARY			system_u:object_r:clipboard_xselection_t
selection PRIMARY			system_u:object_r:clipboard_xselection_t
selection CLIPBOARD			system_u:object_r:clipboard_xselection_t

# Default fallback type
selection *				system_u:object_r:xselection_t


#
##
### Rules for X Events
##
#

#
# Event rules map an event protocol name to a context.  A default event
# rule indicated by an asterisk should follow all other event rules.
#
# Input events
event X11:KeyPress			system_u:object_r:input_xevent_t
event X11:KeyRelease			system_u:object_r:input_xevent_t
event X11:ButtonPress			system_u:object_r:input_xevent_t
event X11:ButtonRelease			system_u:object_r:input_xevent_t
event X11:MotionNotify			system_u:object_r:input_xevent_t
event X11:SelectionNotify		system_u:object_r:input_xevent_t
event XInputExtension:DeviceKeyPress	system_u:object_r:input_xevent_t
event XInputExtension:DeviceKeyRelease	system_u:object_r:input_xevent_t
event XInputExtension:DeviceButtonPress	system_u:object_r:input_xevent_t
event XInputExtension:DeviceButtonRelease	system_u:object_r:input_xevent_t
event XInputExtension:DeviceMotionNotify	system_u:object_r:input_xevent_t
event XInputExtension:DeviceValuator	system_u:object_r:input_xevent_t
event XInputExtension:ProximityIn	system_u:object_r:input_xevent_t
event XInputExtension:ProximityOut	system_u:object_r:input_xevent_t

# Focus events
event X11:FocusIn			system_u:object_r:focus_xevent_t
event X11:FocusOut			system_u:object_r:focus_xevent_t
event X11:EnterNotify			system_u:object_r:focus_xevent_t
event X11:LeaveNotify			system_u:object_r:focus_xevent_t

# Property events
event X11:PropertyNotify		system_u:object_r:property_xevent_t

# Client message events
event X11:ClientMessage			system_u:object_r:client_xevent_t

# Manager events
event X11:ConfigureRequest		system_u:object_r:manage_xevent_t
event X11:ResizeRequest			system_u:object_r:manage_xevent_t
event X11:MapRequest			system_u:object_r:manage_xevent_t
event X11:CirculateRequest		system_u:object_r:manage_xevent_t
event X11:CreateNotify			system_u:object_r:manage_xevent_t
event X11:DestroyNotify			system_u:object_r:manage_xevent_t
event X11:MapNotify			system_u:object_r:manage_xevent_t
event X11:UnmapNotify			system_u:object_r:manage_xevent_t
event X11:ReparentNotify		system_u:object_r:manage_xevent_t
event X11:ConfigureNotify		system_u:object_r:manage_xevent_t
event X11:GravityNotify			system_u:object_r:manage_xevent_t
event X11:CirculateNotify		system_u:object_r:manage_xevent_t
event X11:Expose			system_u:object_r:manage_xevent_t
event X11:VisibilityNotify		system_u:object_r:manage_xevent_t

# Unknown events (that are not registered in the X server's name database)
event <unknown>				system_u:object_r:unknown_xevent_t

# Default fallback type
event *					system_u:object_r:xevent_t