blk_file { append audit_access create execmod execute getattr ioctl link lock map mounton open quotaon read rename setattr swapon unlink watch write };
bpf { map_create map_read map_write prog_load prog_run };
capability2 { audit_read block_suspend epolwakeup mac_admin mac_override syslog wake_alarm };
capability { audit_control audit_write chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_admin sys_boot sys_chroot sys_module sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config };
cap_userns { audit_control audit_write chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_admin sys_boot sys_chroot sys_module sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config };
chr_file { append audit_access create entrypoint execmod execute execute_no_trans getattr ioctl link lock map mounton open quotaon read rename setattr swapon unlink watch watch_mount watch_sb watch_with_perm watch_reads write };
dbus { acquire_svc send_msg };
dir { add_name append audit_access create execmod execute getattr ioctl link lock map mounton open quotaon read remove_name rename reparent rmdir search setattr swapon unlink watch watch_mount watch_sb watch_with_perm watch_reads write };
fd { use };
fifo_file { append audit_access create execmod execute getattr ioctl link lock map mounton open quotaon read rename setattr swapon unlink watch watch_mount watch_sb watch_with_perm watch_reads write };
file { append audit_access create entrypoint execmod execute execute_no_trans getattr ioctl link lock map mounton open quotaon read rename setattr swapon unlink watch watch_mount watch_sb watch_with_perm watch_reads write };
filesystem { associate getattr mount quotaget quotamod remount transition unmount watch };
key { create link read search setattr view write };
lnk_file { append audit_access create execmod execute getattr ioctl link lock map mounton open quotaon read rename setattr swapon unlink watch watch_mount watch_sb watch_with_perm watch_reads write };
memprotect { mmap_zero };
netlink_audit_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind nlmsg_read nlmsg_readpriv nlmsg_relay nlmsg_tty_audit nlmsg_write read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
netlink_kobject_uevent_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
netlink_route_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind nlmsg_read nlmsg_write read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
netlink_selinux_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
netlink_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
nscd { admin getgrp gethost getnetgrp getpwd getserv getstat shmemgrp shmemhost shmemnetgrp shmempwd shmemserv };
passwd { chfn chsh crontab passwd rootok };
process2 { nnp_transition nosuid_transition };
process { dyntransition execheap execmem execstack fork getattr getcap getpgid getrlimit getsched getsession noatsecure ptrace rlimitinh setcap setcurrent setexec setfscreate setkeycreate setpgid setrlimit setsched setsockcreate share sigchld siginh sigkill signal signull sigstop transition };
security { check_context compute_av compute_create compute_member compute_relabel compute_user read_policy setcheckreqprot validate_trans };
sem { associate create destroy getattr read setattr unix_read unix_write write };
service { disable enable reload start status stop };
shm { associate create destroy getattr lock read setattr unix_read unix_write write };
sock_file { append audit_access create execmod execute getattr ioctl link lock map mounton open quotaon read rename setattr swapon unlink watch watch_mount watch_sb watch_with_perm watch_reads write };
system { disable enable halt ipc_info module_load module_request reboot reload start status stop syslog_console syslog_mod syslog_read undefined };
tcp_socket { accept acceptfrom append bind connect connectto create getattr getopt ioctl listen lock map name_bind name_connect newconn node_bind read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
udp_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind node_bind read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
unix_dgram_socket { accept append bind connect create getattr getopt ioctl listen lock map name_bind read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
unix_stream_socket { accept acceptfrom append bind connect connectto create getattr getopt ioctl listen lock map name_bind newconn read recv_msg recvfrom send_msg sendto setattr setopt shutdown write };
x_colormap { add_color create destroy getattr install read remove_color uninstall use write };
x_cursor { create destroy getattr read setattr use write };
x_drawable { add_child blend create destroy get_property getattr hide list_child list_property manage override read receive remove_child send set_property setattr show write };
x_event { receive send };
x_extension { query use };
x_gc { create destroy getattr setattr use };
x_keyboard { add bell create destroy force_cursor freeze get_property getattr getfocus grab list_property manage read remove set_property setattr setfocus use write };
x_pointer { add bell create destroy force_cursor freeze get_property getattr getfocus grab list_property manage read remove set_property setattr setfocus use write };
x_property { append create destroy getattr read setattr write };
x_resource { read write };
x_screen { getattr hide_cursor saver_getattr saver_hide saver_setattr saver_show setattr show_cursor };
x_selection { getattr read setattr write };
x_server { debug getattr grab manage record setattr };
x_synthetic_event { receive send };
