class testing
class fooclass

sid test_sid
#end

#sid decl
sid security


class testing
{
	read
	open
	close
	write
	exec
}
class fooclass
{
	read
	open
	close
	write
	exec
}
#end

#attribs

attribute attrs;
#end


type foo_t, attrs;
type typea_t;
type typeb_t;
type typec_t;
#end


bool foo_b true;
bool baz_b false;
#end


role foo_r types foo_t;
role rolea_r;
role roleb_r;
#end

#role decl


allow typea_t typeb_t : testing write;
allow typea_t typeb_t : testing {open close};
type_transition typea_t typeb_t : testing typec_t;
#end

#audit rules
#dontaudit {kernel} unknown : dir search;


allow rolea_r roleb_r;
#end

#rbac stuff
#allow system {guest local_user};
#allow local_user guest;


user foo_u roles foo_r;
#end

sid test_sid foo_u:foo_r:foo_t