# Allow rpm to run unconfined.
define(`unlimitedRPM')

# Allow privileged utilities like hotplug and insmod to run unconfined.
dnl define(`unlimitedUtils')

# Allow rc scripts to run unconfined, including any daemon
# started by an rc script that does not have a domain transition
# explicitly defined.
dnl define(`unlimitedRC')

# Allow sysadm_t to directly start daemons
dnl define(`direct_sysadm_daemon')

# Do not allow sysadm_t to be in the security manager domain
define(`separate_secadm')

# Do not audit things that we know to be broken but which
# are not security risks
define(`hide_broken_symptoms')

# Allow user_r to reach sysadm_r via su, sudo, or userhelper.
# Otherwise, only staff_r can do so.
dnl define(`user_canbe_sysadm')

# Allow xinetd to run unconfined, including any services it starts
# that do not have a domain transition explicitly defined.
dnl define(`unlimitedInetd')

# for ndc_t to be used for restart shell scripts
dnl define(`ndc_shell_script')

# Enable Polyinstantiation support
dnl define(`support_polyinstatiation')
define(`mls_policy')