From f2a9bee15a9044083ed9575f220b75547e38ee21 Mon Sep 17 00:00:00 2001
From: XLion <xlion@xlion.tw>
Date: Thu, 5 Dec 2024 00:10:14 +0800
Subject: [PATCH] selinux

---
 rustdesk_selinux/rustdesk.pp           |  Bin 88816 -> 0 bytes
 rustdesk_selinux/rustdesk.te           | 1565 +++++++++++++++++++++++-
 rustdesk_selinux/rustdesk_selinux.spec |    2 +-
 3 files changed, 1554 insertions(+), 13 deletions(-)
 delete mode 100644 rustdesk_selinux/rustdesk.pp

diff --git a/rustdesk_selinux/rustdesk.pp b/rustdesk_selinux/rustdesk.pp
deleted file mode 100644
index d343d102cc8be52030be7da9c935444d9c505899..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 88816
zcmeHw2b?5Fb-u_#<ebfrPjHfMda^LE0wE9}ArLt&vopQ7!_CgDCfwa(Fe2ydY!hsP
zBN<16F*p!xu*o^+Y!hta{lD+MeqG&LZ%%ixCn5c}e%m|qLRGzb_3BmVo_^0g^q3!A
z>bT>MyELwA<9hU+FLm6rfx8;MpL^HJy#}NC!OB_V{(P8{<vO^?empKFeop4oSwEfb
zyBxk(Pu_F#o+W(QnpT0}b^VOc!sqp}i>OgL8xBVMmhrhd7|znk@^swWm(H#L8VlZ=
z&bqVN<ns7>SzNtI+MT7Wof1vb-u~tF>E0{hyGWD{yDRB%buwOO2DWROj{37PvtAk3
z%3#zdg{|!Ndg;cD&<TV#Ho!^fs<?)O=`0-)x(2RkIva1ySiv<3t<7is@qrP`q?AL*
zdqsTmny3J?F`2I=h~9pRLq-;dqSzefrCQM%sq^aij+UYpwwa0^jC->ofy>}JFd58J
zeqlq`yBjR+D!6*%(J1ZBSTl7x>aM5DY$9vFE-p5n`eBops54LbJ1XCHm9u-8?uDzU
z^6qSXy1%z$<lArL979aE#Z}Vy#>Nn%Zn$qp>D#Y#x=tojI6s;8rJFnI-hOp+LSVWR
zF1jpUOdFH&!A(voL~v5!ccvTTVjo#QVKO+6vj-=W!qm!aI<;~x;q);d4Gu1|Byw}A
z!c0G#j5k>jd4w+W5+O2mr<g_tn4Jl*{=!^Gxmg%LISooi^0BydblyCjr^GYe4i`zh
zm^Qjx4^SrNULB4PERW|iW@L`l@#H{v(qA6Pe5`Y7Z@-Bk+=CIPO`?n$`6)G(kk8nr
zJ<gdo0D-B2%PgC)Eml?sE6c<2c;9?u$H=$e$hmT1x+N}8`_mLF#`(b=)o;J*Im(#m
z54eJ{Rm?Q)&9MgEB+P-*TT6TUma+Vtr3YtRU6QcBI~?>e{+DNy?r6#}$0aw1{qn|m
zIOuJ12y)!PF|3ToL+0av?Tyzr=E$ZFhy$BqfGHhe!1hvN#6e|z-Tf?^&R{ss%O;A9
z$Od6Ix|8lY7x{D%R(>|rDHJ6!^n995$jTCsTbedW&x1>qmeENV>w3Drl1^9+(?f6-
z?Xx@FyJM5b&L(L&H_R@495=+S5nD!?ZfFdJ=}b%%hBr&uskEl7@3|Et$ld6HF8X?T
zy28Gv!&msgV79irkxtfG2CbUAQ<@96e(U4;Xf~F8A&o%yjI5h3OY$=px!p}6iQJQp
zvDKtua>Y75(A^lz1jV+g3>-33nkjdX-Fbg7TjpkUI%Ubs2s5=!F$d8k<<5_#+n$n)
z-0Y<X)86`6rd^Jp3*1yv7tDj<$RfD;J#Rjqb+yeDX+EMts8*W3$}4Iiis>|5>?&SN
zz3xV`%rQ2SCQ*#_Zf|+KKb=eleHq+rk~WhqXT`kG39IYl5yv09Y-MAWI%g{nboZsp
z-C=jK&Q4)PGH5r(gV79Ymg#Ifk<|pVPB*8+@m_W$`)P&!vOJwnx!Gq%DvaWE`|E=d
z7fVbXT*ZNH)BdzK9f)t+7*A$9Lw);)I=hpJ!?QTlWwD9nXWCuQ)Xu&mS9St28`EMI
zdI8$c#p}F?rcMp$A(eB2#P-r_jnV_uL2>Y#YdMAoN*qs2^n1mTqHFb?p|Sl#!xkMq
zXq+9)i-}%xIo+R*X7qNloZ6V1qlB}<87JK$?SrnDQxCs$sL<K+lSRpfj9*yFJ~-=i
zNaxQ)D=YS~495OmEU<R^dHegBb1c)naTT?`v9U4U+486nU*Ix^?&(O+#_33z?ue^6
zu&`p;Kj_Iif`bH0td(KPZyZL`S$870D43%^n386r2ejFIN{9mu3r}oP%spdivSA~c
zt3R$dY}GOA*=fQtp4@0+tW<6nWNM;-#9w4LNG|#b??zO~xUY9m*aaMZ3va1dFFrhD
zBs0^#-i}*52BVZKIHo=>PIA1MxSr?DIQAC@CZ@V{FHb7ClabkQJX*yzV>BD!bYiy2
z9Tn3paB*Ve#bitTgR7HEX#de*xndp-aR!{9?9xqTyGip=Tow?$&G#g^Ka>Tl)GzA|
zc53l9C2M8k8if7FiwS$US-Q>!kfJ-fWo&E7Pp756nGj2yq&QrX`>4zzo|<)&j6ArX
zjicMH+#(f&+34Zycy-KuG&PWw4!1ZR>)8S)lg!1FiBmvU4o->Y*ln_8+Mhap7Q#7Y
ztveKoZqQjJrJzY>RZ!1lCYtjCi(rfAqkg(N7^T7w__({`DlP@O2b0Fm((BkQy|@eI
zNa4ja=^hx^)O-osX0kan-(%(i#N!<Cq{_oFrkmpOyz>M%ZqiGp>0b=o^G&30jyvu|
zd=~wY&7J$kE04m{D9dx%j$Sgm>6j0g!!9~GRWO~7tLUKyz4aXj^^2`KkIq5a0p%Ug
z0bD)sV!{eyFdD3M@wgQZmU%qPRRgK(-BEWheAavg!^HaUBoK=Jt>4S{e%m|2aCIb$
zE<PFdtFqNQ=40sS`jnoR>115RKE=&G-UG~@uamySqj$@XPA6l#L)}Ie&lB!VN9km+
z^OTn=bX$*WYzRGIi|Pl{{%B{)5d%IZ`hM^hefPS9)g66rzrMM{W!jC4j*=G>9;o9&
zouED^!L1|rqP!i;?{rZ62k8NF5uT>qNpI~izLuF;n{36+3El^YqDSj>cShAQ@M1QB
z+zje2E(B~TjkDnXpnC~@oaAD#)#18{>HfHi!(no8g7c!C$K~m4wso2@|3lAJ$u4~G
z>5=ZrfG4*+9^;YZ03Cn>-*iIP#=|v?nPnW&kj~{fPS*$y#^wlDg_|dXTo;l&!hId)
zW)_@$Y@iZ4L*5fv--lZOtcL3hmdqO>%h|mk^7AnQmVrCnJ-MsOYW59=Lz)av_xgp0
zTWt9)GNse;98a^c;9tX~54?!;Wx3ohus(SZg~IYEkZt7&H|wB;tB`ge&#lO@DZ~(V
zlGz?m_YV40C6BpTX>V<UvruY@cQ=Tc%{I9aSRKeSF+6BdL4d>Ky+dY}pUtp|a{HJC
zS8$>5RVa$0aYV2zp0g6>g9=jiU_HM>)?0(xS(^NS2F!Y9%4Sk4qS^@#MSI<;oYnGh
zVVHKODcj9_`i$pbeSJRT-8G^)TT#6{IYpmveq+-q0;HP{@)Ohh0aF~dgE@XDv@>eA
zebm|`0uS1%?=(%@dy;CSzN7W+Un0`pnNnOF61HR<jF<6{?nr*^#jdtT?D$}9e`=h)
zb-8aMHzLl%bGb6)!F}90xQc^jINX`(j=|E;dhgCqH#>nB6V4j=h-X4)&E6Z0HuOR2
z!E7)daio!RG@ioG6$sY(^ue4*cri^=`OP88g$H9<@P+<64|;Q^Wn4uAo38H|*fB6L
zE}@t>H5Q*Qxxi<ox$NOGA$tILc{C1B^3!T}o}oUX36v`p{~2ly1ojA?Mwo2MV|nZ&
zE{7IARc&Ku2~3sj!UxyI*+bPF@H^|`optfy*2OmGm;urVnXo;$;Ga<JxP@c<(+caA
zqi_rM7}Kff#Nw2SZ57W0mnZ%8?#|MC`<LD}w^IMy$lKirJ~zlg#wD6O$BDau^zEeU
z8z|Vx+`{X_Bz$oN`B~n)k9)V^=RCm8cJ`~cW&Yrn&YgU6gU~XuD1PU!0&K~rcMwqu
zxw+_LsbnHECCMIQ$v8NXQBHE$0+cz4=f$+zXE}uM>m51)rgL!>4Q^#P$7?Ib_|4SL
z_L{2N)<ZE`0~33QCpEm7vaJHi+!ti)dzykA3#GHkaIikeU!gJ`?B(-iv;uA}z@DAs
z$XW!y_F7Bzl_KN-^JuP{LY@PS#$EoNaz2rR9a_P3tviv^GukW4+Q5+$O^4M3oT4;2
zf|8-YAA-vMg=WaXKo0D3u%jVAElFh^jMm7)vv3^cpg#PjO|0J*q<FYaU$a6bpcKtU
ziCMWGRZ$|IBcTM`E(y0u*fIDesT`wmb;cUH8x%**$#AeWRc4+}@oWwZG-pM!4mtH3
z?1hwM;W=V|6N@-&9eaX98Oq~PAVKcO<kxp$9|me~Z76<$9Mp7Ic;(m<KX*k}kiaS+
zfhm@Hp+HnDNlbUcRUC%!`)~$3V{rRDKDE!3;9|e?Vw%nE#u%-RSo|WhiyxHAyA0Tk
z^!6}R`=KW7Lk)@sd-3`;8k-}|;Ual^ksWb75>im9yqL0IgmQHA!Hl3>x*lS9PE0pL
z)x&4*%^&<_34)l+#SgItW{}f(jw_}LF7Mvl>R^%{=njXM%+W@Br#1fyKPGOAuKPmF
zq7$6)cFE2%WZRb^_Ehezpzq>=l5IBh2GTF6c+Qh%Ys2m)`<DK(aMnb}Be$fmc0Jsi
z+&HsSJS~m)xkNB#r&0fMFL<+CXeMg6zcCr?r*q+zNgKcR?P4&RtaopYb`(dG_3jAo
z(7A*@i14d1t#QRlJK@DNUEA)Hd(M9>-Cjz;b|3ZInoPVdG8gUSAh)krEbqLsaa;F(
zHp$&%i@GP{=_T|R5Et!ev_&P|Ax+)P9d2;2${9)avwTb&(-4Wwu=p^CvjQ8GAKch9
zgkL9O|4T9p&5v!!OC)aJl1|#uo#NQe@PWu#9G)9%V>DrBgl_-NkbT6&k;+vJFQyf|
zY4QT^wK?k?mdBO1zEfxCy+oo|?8-Pa7T;6jxZ)0c;T<${q`SbxiI5kQO@KIxVi{aD
z>q#y9L3WJe;W}RtMVN!%j$AqTIW~EU6kdP^#Bo(z<mAPq@6oWQ$Jhqeg45LH?lgY^
z64A_{+gGt1Jk~Yk0RhwPaTUk2Ez5eigE$-SjO*<m*R~+8FVOseuYuZ8{Pru}rd;l|
ziVn3q8jtWBZQNp^E8x8A9;@xR)C=oXZ}hiJ55raTP5ZeI*clnyKQinDl=mjMO60|a
z11}B<k_$tElZ?(Lw#>W`Ugpa|%k&6bMVmMeGEQbYZ}r!?e_OYRT(&TA1yNM_&TgC|
zU|UsfQ`4DSRK4>i4o=70u5MeipS?xhgGqnqv6f??Z(H)-8v6Ebc?~w2s|PNb6FW!t
zulW5gJKDMXmeGJvA{#rQM4*&y_dllbdv4KqKke-trX3THZxbvFr}wuRfCp*#X&GMs
z#f2`9WwM1X8OU6?QD}n6>!?{EvxJ9qtY|r3<Dm{&<n7idk}GAdr}8^_wsf{*BH4S&
zk?csyX947q0`S{5)}^OJrMF@40h;w#`|#XR_It*JyC_=jQN0b@%EDV+hkOn8e1kGk
zm<!?k*miVwN+vm_XWB?piD*Tbr)1O%6I)o^$jkO{=V+8$rC*6xw%eX<6#}vEtUvj-
z_GP~La*AKM%6m;o(JiG7%)0<n>f7Gz*xU!C5phlOEA_Tgj&`~WoB<!3aBi|BvG=A?
z=hU_NqQcXY3*S#l>6mJ`IBsq1^7qUd?}Cm4@>>*-<@LQ2R>ZCztmC!P)A0xa6qrwr
zr}4xS-3(#zsjKOPPfs%423K(dYG>5_(avk~p&HTXc82q_$>gD1^}f3E{L?W|x4FEP
zE$UuBRxXcYjBf8Ddl~aFcW?9-3tbl-6BDH<KK9-p$U7gnjw_sYQdwbYqKhgl2?-wM
zJyjOZS|{sSeSA7w)^u9~ztF|%)8c#+0rT<kds$vmD2mS~ZYTqv@tLHEN|Zg-&J|L=
z)Fd-^;1|cRFdQ3v=x&m(<LBnGXkdH!)PA?$7no|IH7~qFYs*FMx{6DR)xqj`=T5r(
zX5&|4xoFeQS?H(YbU*1&FPUdU7p)uQu|CtU<Khy67gOO~lN;Gv!AQ~wQRX{20J&`A
z#e{c$vo!><LrVwyWnssBeCUBLlBtQS*t52f%ibJ0-nor)43-x*tj^e?{K3XfypLn3
zZvJwPc5k*XKf~O4jujd?+B;{|;E@N;Ft5aAg1NNp#nF=`;4CfK7kn1K8@h;NS?1~V
zv~XF<B9GN!^kTl^cd$xY%0BtQ^&BrQVdy?tmU-AEeCK85+h@OvrO=3L8Ln%#<^W0(
z-WEKY^p^YM_3mI~kARWcidj-V`9GOYXZSVnzGePGa9LiL#jW=uc08B1JfqkwcdGzP
z84e%0%J_VZMfj8j*Ya$0BM-aD5^RaK#B5p0rJAuGs%2|k#)*YA-wTc(Tj4RD!Ho7|
zy<gO(v1hsoC%2iJI5Tn7E^4>-Jl+f@qj(uV@H)7OSLLuOK25hM8`kJu1ci`@!d$0r
zZN*ZC!$+<$`Ki8WiF&qUlVW3*fM-ce_Sr*RLf${XO1Qg{4pRsRJyW+li93>dd3Y+B
zs0Z#ijwDm2eySC3r^c&CC@(i1TQdVCsgS{THDu+*v?Txa-+Ve*mcw%z{MPcwXqjyI
zsR^Um98=s{ZOsIfB>ui;Retcwy%D*rs3oE6KiWF%YKAw@EzejSf1<p#$fXR2kGuzI
z^W8aqx1Ot%0&y-rTy7IV$1QX4BGxEN_-;uwJ~PNZjoUOb-9yZhk@?Ba!Nrfi%#5nn
zskI6JRe(E$>jt;00@ng8{7HaY<o{EHJGDCDs=@7QlklGz+^IDP?=iSt75L8$?$m_;
z6ocDUDeo@~?$o5dlMQZHYb@_&26t+E2%ltdyP6Pwxxt-UmGEwZ+f{*IVQ{A={I@f>
zU6t})X>g||_5Do_*F`^n9bnPVi3Yd#2z=WB3;%5bEbV=*!JWF4zsunE9%=7u4DQrL
zzFQgG-Xr>XwZWabwCC0axA%yCUuAHoF73I6!FZn@_3=i7J9Vk=mIk-?h&*pFxKkH-
zZ)R|NkCgX%gFAJp@8$-#_lP{NGq_V1d4D&DtD>LZ3$W<tw*xHo{Z4>Iz83~q%KNPV
zOa0Feu(a<50habWH^3tQ^8zgL{z(oeBF`TOSmb?ifTg|{1z6;HX@EuEmjqba^9KQz
z`hGvaBF`TMSmgb~0L#$31Nw}q*OZZTM}+{&z`Iip3iDD9$}m1H2W6DsIR_i8<Sseb
zBzSrbwg}!e2ipYC$U)IkKXX11Lt51fu(WD5z|yKTz|u==0T!+94X|kSQ2`dM4gxG%
z9R^tB*%x5xwFl?0TJ1vuEb=}yz#`AX0xa@AJisE)BLXb)E(ciTc@A}i)a&dKc^(<)
zBLA}kUF7Qqy1>s0bm3nKbSdwdfiCquBfuih(*rE>J}tn~o~H&_+WV9Mi$0zlU@^1X
zX>*S2)y1xM=b+fti8(0Dx6MJZ$y0Jr?231=nR<1xtCJK0C^mU=4vJ0k7Z6Onx>#MJ
z5J1twYqLqRS6AQu=v+(ctN+d5miqG71b(r~O`|u}_rKHNmRj-a1HWkPpwXLJ-@6QM
z>0I-=z%N=oVDzTWP470irE}LC1HbgzZyLR+bKQFkZs}b3hQKeq`dFhkb?*FkgIhYc
z{!QQ)D|(F4n>rW&hrunKtN%Lii&g!G(VIHAzt`YaRm%Ijz%TvrzCaf%{@Xwo_&)<(
z_|G@ESrhni0haE*yLER<4C!t;C}wt#926rwGY7>)@0EjMNcYS^F|)ICP>hf#kW9Un
znCLkQ0qk%b+&c%Q6|cx!m53FMbEy;Q^;ZVEjHQi07c2VHKo|b?K$r6VEYO926zEdk
zp9i{F!8FjN*Zv~V#j0k3F1_}bfiC>#1-g{?SAj14lR%g9UKQw~k5>m+dT}23g>El|
z>NOKlCvUzp^%Cg{p3pP(66q)&G&1!P=?dNpVCp5(QT8jQULq#I%@R{D5d-0dj;WW3
z3D`+YFA)RbJrky0BF4o#ElfR~=YOgYz=mk~#d)iAtX|7n)zGp0JcFAJ(aNU`ZmBQ%
zNhnWx^+lmP>Gf+He?xuAa}91bq!&JIa7%sJ&qH})6@L`U6M3&={0*)D1qL@8(u<!k
zxTW&{ER-km{9!0h<h`!(H?;oe8{BM&)qK+6mdbA%7U)m(@h71?ssDP$-%wxjEQ6b>
z@6Q?BQeSo`$S3;v<4~T|e|_U`s4sh_!Oe!q|9OL3>Ps(e`4iR0OAW58ue^crH?;oe
z7~E`#zCUAdOXa_m<xf-}FEO~TzWRp7-_ZJ>ZE&+8`u?oJEtUVWmOp98D7ul+8@f-s
zOrXoCx^bWj|I3YD*L~X;jNa1xFAH?Z|HVL;{J&*zQ|o_WfMvKetv?zvm>M}KL#>{J
zG7$NY2ve^i!}L^z0Lmcl<e&`kb`FXIXyu@|2i~n<>NUi9++HDo(u)5!Fwx!33-ea$
z?&isPD|GkqR)br*JNciGUq;byh5XX%Pci<c?rz><a7)*b-wXMrSDzp9ixocA_?x<W
zdYi#5-Ccb@<d^zh5b}#WPc#0e?#}+v;Fh-U2O+<VlHU#aWt2SL_?xPqw;SBj-Qf>I
zei^mD7xK%feS+~fb$9ts2Dfzg`M)8*)c4yVzsU1M<8SKj^`8xH>F)ObLVl_5cS3%V
z=Sjxj)ZOtr3~ud_`hFDhi#_~npo>-iIM4<Dmp~W(-w*W({09LR{-+y%vo7>!1h~Va
ztRLArxw@y?B;v;fM2m?3Eg<Sd{9gglAmRrFL_)+53y2yK-zy;Y5b^y2qDsV13Wzol
zKP@1nCD*i;B`vYEWrJ(#FF$E;y(OBzl(n>>Yui^E+-ylteb3;Q&R5s4{7Fkj!Xpi?
zsek{3!S$9{#-%NPL+9657~E`0&wk(Fmd+<vxBN*<Mn>1*n)=gE8(dfU4jJ6gwg1bl
zyr#DA2L`v)e_ze`la`F!6@zQ)|377LUFAE@@;7v^@G^s&+P)te+|v2xx|Tmt`FaM|
zRDT~exUTKHoaJxm+Wb!pZfgI1$KaOs-*qg1qVn|(uBrY$VsKsCcX`X-(6#&@8{E|X
z`>w$)?Z0bV{zUbc8eCKTeca%>%6A#d-_ZH+r3N>(egAE6OZ)FymOoMbtr}cY{e8^f
zy2^K1%iqxX`y~c9wSE6%a7+7dujQ}l%&`_=86Vd-IB5xd1<T*ibE@kFx_E-)16}w(
zYxKJ2|6ilGw7$;-y5#@AK$rY~W^hyU|7n0_{=FpzHB+x9v*axl0w}ZOt#eRj*jweG
zIHjKlXP^t^N=_H=@v{P5CTu>h#MG;ayOD!qg4I2`l)kx8Nf-ZgsE}Wl12@a*0`AH|
znZs|BgQAHmm}Ziuc#i)vxZV^`ae`^0k;usZLxY=5@f064xRr=!JKpjqO@ZHUaJ?y>
z?TW_V(EZyV8Qg4&XZwJ`E#1#u&hjTs@eCg@xUThI+4vh;|L+^zRQca;a7*RCyyZ`t
z(w+|*T-W-qWc&@S{|^jqs{H?Da7*RClI2fSp8qhouJT^h_#26||91^;s=hyJa4V7a
zU)k~}D$jcjuB*IPG5$s({quVUH&x#sF}RgT|6I}XC#sM48C=);uWtMet^c<TZmRqr
zHn^qopJ4eD)yIDtT-W-qX8aAU|91>-s{9`^xTW%6)8K~g1g{ZbvCpem`AJjYj~l(E
z{8tTh8Oa|Dbm9My(d(N3!vPll7a4z3=`Rkj(ErkgOI1DFM-4_i9G>9Mt-P9g#&;WB
zSI>DTE3cuR_00x1J5v4?ZS=Nu=J+cszp9@4BL*kx$@g3NHTCrGGPtfY!IG8V(3#>*
z1~)sRj}t<DVsEdq@~bNU#|=(&W|~_0HEsVp4X*3VcAAynQ2DPA$`|{5wUt*@c|T@w
zqBHBv%ByL6|IOgK&dhfX<%_(>hw?@Lud(u~s^1S9oaoA6)5@!<eE({2U1z4-hw{b0
zTrQL^{_wR{URCw^0fQ4=**x0HtLe((UktA6%=+u0eDODz59N!0e4Uk7Rrx+_aH1=-
z16E#5+xO1~*L7uZhfu!AdznzawCD9!URCA$kim(rEDu_FHErKJ46f_S=8mC!k@vEp
zd}+@cth{PV?CXuj-|Pteje#!q{)Rvo`F_Ldt7-nf33RFNF@Y}m|2oj6y`Qx56Ww{=
z#pn$!@9zw5cEnyj5%@*k(~aKHng4GMZg#|e|J~}Z>(2Zi0$uF!N<kk|-g^SSz<(e3
z#UEce@XH?Ny9QVH?2*+2Z+kQKs<MOmPJu2Pc0Mb>)YC1`w+nPxoA8!7Q?Dxfn{O59
zvRL8c9ZbEdY>2*Dpv&0;A6{VURb_SYjRIYk6MQs)saKWl($@=gIep+m7fijXfP6ZE
z39A?GjJ{T27sUS*5VAhGwy-mU=;yx+bXkgBE2oQo|HHsU_rwn{{nvEQ{Er6L^$g(u
z3~uNd!0Yn<X-j!uH@Kx|4(|=+i~Zc+^4D}v|2Bi`dPeZS1~>GK;PqBsvn}@fHG^Av
zCi1>ezSzfuEPqY++;1_suKYhVxS?k#-wfr6J^p7XPv8d{e@)K--fD1N+xG*58+xYl
zjZmJ*^R7^yjMs-4e@*kh$>6${|5Jk-ddBeOP@edMcZc!>ez5V^w0&<jxUTL0iNOs$
zbNEsyPvm(|C{O&s!;HVC{qgq(*R{WXY;Z%*V7?m46MysXp*(>fYWy{|pMNm8uJ-jK
zgBxmpUkT-jJdZGXP4AlhxzU?#k^kX=F822qfiC*_xzQVXFY_-0UCRGipiBP03UrbG
zze0P2{;EJ1|MqQzTPolC1HahotBu}li~WDg;Fg}r{FBvRSNJtXZ??sL-X7>u-fIJ0
z?DO}nzN*fb-!?eWliS-{{+h0TPO|(BUGLn~{6kCEH-BLHt2)1b%iu&$mVZ5zC+#^o
zlqd33LU|(Z?^^z<&WGPLIMI{iJB0G2y|)YH>H6IGt2$qQ!{9_uvhNu3OZ~e;ev$7*
z#$VO;e%;_i?+mm;ezB($Lw>Q37aM<7*P~xEIMF*5?T}yW?Y1Gm*v}stKf*t9z57*z
z6TS1$3HhbI+l2fg&mS3oRo9DOF*wmXA*Y7?Qs1tSU*x%7=npCH`T-XDORT)A?(}aE
z=pxTc16}&_hJh~i-6_;B<KsqwF6~_kbjg3?K$rgcu9ctYUDQ*8{8HXc0>9YDcLKlA
z_XK_^|JMS)*u$R~e^vKSUobe){nap+PxoKVygc2X*%Pj~xhm!TvE{Go{_cwgC%XUJ
z7s?a;H9~o!k3$Bxbiey@%U{*{KWA{F`@2Vl@}$4omcOC${M_J{%KI|QU)BBT=M7GD
z|2YWdi9NI|e?#T@nZYgH@4nLVSGD}l7@X+-ej}78`bjK*L-qYrgIn6ZS6Ke4mj79U
z6Fq+zhw`MqtCqi^`u>T*Ep6YQS^lc(<5LDFdcH6U<%zx3Eq_Dh`LV$*mG@6Ae^vGI
zX@e6z|5y*@Nq^QXe?#T@k-;sM_b)7ewJG-b=K&V`orLm)eqMlueyWw%(EObM3;j!0
zUXloW>D>O6|I2|c<zFh$h5xBWuc|-2PhP+J`=<rE=<mLPF8%%VK$rfycc6=YzHe|{
z_v_CH{F471qt|pk_@2RaosXUv_{Cn&GI~w@?~?*u#>d%#F8=AsfiC0mo`EjqJtfeE
z|6YME<$c@WdPnHr3b2&-%>WDkHv%l>KQojs`u?9lm-as^(4~L=JJ3a+=NeqoJE7k-
zxUT!L`x#tQ|M?w*>$?AXUS7Vg2NR>$bp3YA+@5s3cir4RbiMuDkYCzc4f&;iZxQl~
zyw?f&rM=Gy`9(kVkYC#WHG}KAf4F%lPweg4A;0LeX8bi>&wkzDy2^XAkYD8ct&m^p
zJK6Yay8f>Oe(B#A27YPJNr7MLziHqXeY_y>i@bXRzm)fDfnVDH{J<~rof7z^yqg4m
zsqYI$ueXJM)u3M~?~8#h^<5><CI9b)`oz9I7x;yK^}sLre>?C?|9w92OMO=h{31`&
z=rvtmf5qUsu3xVi_(eYrqu2Ba<F6WAZ%hANBk+rUz7*&J-#X|=+H>u|FZsV5_@%yE
z1%7GIwF18!2Rzu?+m_w&Lvm0y(+|u+VSZ2!%2C7pb5KqO9*~1_kZ^7e%D(@8IVi^j
z_sK!IXK~*g6fMsUtm-M>{s2oWrvVnNJTPyidd*p&ixwUf=%Tgr0$qA>5@4}{ae&22
zHUcd2-6xbM`R^NG$$#$vOa5~LEcx#rU>Ri(2(Yy8K&Vf8?c6|@_8ts$Y0v!vUE2Gb
zIbByhcQ>o3=_>89fiC6UEzm`t^8;PvIU~@e{Ko~l@ZUAirMyQ6y0rK7Ko|XN2D<3y
zE`cukd`zGV|D6L}%KME#7yi=%UCMhxpo@MUA7IhvJp#Yb&kV58cN?7OtbMxx3w>9B
zMIW~bu(bcS0T%t87+}%YEdwm=xkZ3Q{#yrF+JCD6%V6qTdpa^qdpRhBcqIpAn09ke
z2Js_vP=@Jp4$2^YL=MU@eRvK^y${PlIh=cF4vN%61FL&vS$zeArOo>cs_v0Z#_<M=
zh8|^5b&qTrc-Y6(6MdeY+qceg110iQP!_b8H&}Y(tiUb3wPw`n9$BttE)Y)(UKW&_
z<+{}wcyHhq`ppAf7N5++)RVF@;&DCEz^alcmn_^fK>#yX8mPj3lTfm>^6o)y>GfX=
zbZOV!0$n7#X`qXS&j@s>uM+5@<GTjB)PI9O7x-R*F8ntPbSdwifiCrpLVIKs-6-&j
zeD?_a(x+E6e(9BUgQ_|c-Z<oz)}I-2OCO(L{8HC*jk~5E|9Jrx`ZEJ8x_wrFMVHSG
zu(ahl0hYEuHNc{qrv+Ga@$>*oTb~hNk^Tub&$c^K-s1x-^_?GJk>_y%7I}X&z*630
z11$ADCcq-kZv<H6eNuo$A5RRhX#YSC>pJCNfJNSUfJL7D0Ty|mlDAh!<TTJlz9$E|
z)He%sY0r597I`NDmi9a$<d^y$A7GK^NdXplpBP}#?{5ZJ%6n{prM~k6Eb?rI`bFNy
z1-i87(Sa`d+{j_Q@AD;tI~}QiY;areBYoN6j@rW)0xa$MVt}Q+p9`?m|M>umy#HpS
zp{n-(nLwBJy))27-p>ZQ=;L1kUF2OedRy<K{%fF%e)k5tl>d%E7x^C*=px@g2fDOp
z5a`mLe+qPghk-8qZx3`SZ(pEGeg7EfBF`w$Mc%I%+)@3!E$~bG*NxuR`=(ztxT7<E
zYH(Zc>#qh_^!e}rOZ|@su#~?XU}@hY11#<723Xp&5@2b6FTm12{Qyh*K45T1?dyX9
z7Wp1#a9i&?J~Y5$-wz0|$nze9J9?k~{sy=8T>ak-?x=m-&)~M6OaF(#9eobqT!Y(s
z?)_eaJ9;1gAqKbgT={(lcl18>gAH!$x%Gb<+|m2Y4>Gu|=feMGa7X*|fd;qr-1+?m
zcl18?Cv#Z$U7rZB==(kfxAnfn#|`f2eT@4W+}8UZA2Ybqmj3)`fJMI_39#71TXTC<
z|M}rS7yEfjpi6&!DA2{;-W=#+5BD^BTkoU2DbS@o_X>28=N|%H?Cs1zm-7EU(4{^1
z2y~I}?*d)QyLX^VeSaJ1(%y3dUF7|nK$r5)3UsOO(*}1`KYtzgMZU9*-q!nwpE9_k
ztGIv6VLjJ>TYzPJ+}+@|o*UgQz@qQd11$RadxJYV9`0grTh9&u!QhVGH#)=Mw%&*O
zTZ20~9`0&zThAH)&ft!YrzL~idY|Mi26uEk+{xg!-UoTB!5tk>cQ&}K_j%rAa7V|(
zX$H6T9P!NtcXT|xJBRfg^<4oL{oKLeww}A*F~FkVPJpF9-)?Y6&zVm(xUD<Xe=@kE
z=f<};xUKgo{@LJ;o?HLA!EN2qzQf>-o<qyt1~$`c>pA$p2D<d8Y=x9A_V+J=F7mbv
zZtFS!I}PsWIeXjSww~Mno57u?>~6Sx$d(Xdxi=`lOZd*q==MomF)ab$W%O)8EI6R^
zM0&OZI^KAffa7JbeG*qpO8|Ho{etQ^_w?iCtqRB@`HFe15aNny2>`Dnse|>C&o1WU
zWqIwBxMEr=0LAY_GtX6UJ@C@UZ+p4dN4byt@nv%PmH_iIIqj3UVp;;g%jotl3gU{1
zbncY-X}nAL&dXr?B(9j20Pr%pzC%KBK<9~c?$ysd?)ZxFE&=9cuzeC&OiKWG8U2Fl
zxcV`!gW~}0$mOAIyi7j(B(9j20Pr&UMcoeWm9JTlhqCc9`RtRpVp;;g%jg%>j*Cy9
z>v<8|R!nT?#jDR3x8uU<^J6^*x33))>FOo<AO5k=>94k@9aoovm*ju=XLW4P_&9tW
z$GRQcH$E=fc5I(rEpCUbqwI(`n1lFK1DEjSd|a2t#dIi3OWF53;gjEanIAUZt@xiF
zx+A!hSH3vkmw>Z!?2|bDvPWAI%RrIN2aCz}w!(K7X85JT_wx(i-&Xj}hUWZ*@8=i3
zzpe27IIM+p{=)b33*WgPGoDq*wv=6{R??xH>gN(Zc;)y*haLwo<`=AkM<p&l9SG7=
zb`{FM+5)^=ujO;fK?{$n{6+lRgjWSQaxQ8w#rO2%;}_{ur1#2MB+t>}4=vEof^xDB
zTguvI{g;Uuw|9~Ji|`A|hZzcGYrRL0U(l|F<uBx4)b9)A^vjV#GF`H5rq67c#`@IZ
z8{xI|*iIJV7wOIF->T<Dc(tCm-i7v{?j(|byYz6hdOOzqi}bb#e<#=g(^7UBpM7q{
zqaP1}HR9LN65|ikFG6z4XYq0Q3+(V%>vN}k=?={OI<l9tzA^jw{|$drRmU%FpNq!b
zqVbYV*HOLJ59}99OZEkyTfY;wJjJ?zmb8?8@?+8W0?RM_l`>qqkejf{wS@1y47N|=
zifIV|FQeNx;);oMp8M%8K)&Svmhx{}*7<-<F8Vqq^6-;=#_znWPUGE*|EX{*FW4n5
zWuN@ucV1SGeG<2`PY8O++)kt~_6Jq9lwGF3LyOk6hYl@TKRwPX$I6S!KeTB5y0H93
z^V~M!Mf_L~i`&cQdi*|qkv=o$v6Pi%`r5wvV3D2|v^NuAt2{*?M_MlDBKa5L7nBb(
z6w20mj~>6ET?@-!$iK+W7s%<Cvt8?BEj_lkMfgQ}vwqvE=SBFPeFBUfY0-FGq_;)*
zJ85x|-&n+temul1OW9?7JNpD`WpTeO>aQLA#Y=BDRdHkcKgxa7qH(uqUfZsHLMFb*
ze>C5X_m}<T88g@H7Q_mli1jc-Xj=^sLVse{RSSGEl}{2N*!naNwr<(@$>aF$#>Nnl
zV2AshqWKUr!gM(lKJYF<N{YqtMg)R&$&Vrp&pQ-|#Jew*SKk<x&zD%+RtGD~!|{0E
z++y$=6F;w8V4SAI!Dw!QrHWj<Nohe~ig?Q39qx7HXO7`$pG43o=C~5@h;yARGmh{`
zUI%348-rvrPkU3u!0C>r8{<4otnu-a_rm9+0c4#`((bw=0Q*Jt;t(k}qS&r3r~47~
zq*(AZtl<9MiCgZKnRR1h?5T;P1I^k$=%vLnS=+4VX<z!k=ZP=+L#&$q_`s-G7T;H5
zN;<eY@v_n)G~7)wBNg90m^2)1ut}5dfq^F>-=AXjO~&(C>g2ykfoES9u4yisb(kr~
zpttVT#ZD~*utV%Q_WssJ^m_|cxt^|L%*+r^sF<l};(HNeXELxzxJ53JYuZP!BZ&~S
zmDKAFRvi-kBnEJin|<2rdgT-afj#sGU2o(_ZycO#ctUE~7A3w|tB61E?RR9PNe|LA
zMUW7@b-`hvtqsP@^T}Yew^$}?8xB1=m;;*brPHbWg4S|T9n*B(Kz_22>AF`4y%_`S
zY~_Y~aJ&Pn?5#~Ahf*96lm2?wX&)<M46<THmuBVtB8I+tWjIe~<1r%t#8$w;owd1`
zjeZ6LWHR=KA{#$LWUII|YHDR;wOG>iv?Taoy3I*?08zD_ob2h@z%`HJVC~NP2<a48
zT;v(84#%DeN;j@W-FUF?jatex8BaaOz)1|c8I+nSj(KeiydxcZc?DDDR=Z#&g$U<G
zwQ+jhhq)w$vSQzR9Th>8+M8@{%*IZwMV$;d^*B82$}R&#4YryR2kd?-+Q~&tqOZ2f
zdmeC;nYY*w=N)+<R_^<58TXUEXZEF5Z8TR8IPztymkoFILSjGd`8`FE*h~IQgE8D)
z84L%r&60oMNZd%%Nl_nsj6<}ywa?kHTqQ`L;3?+v(g0?|ry<C8u|(=nL)jOxMMqHx
zK3`;En?`w@^dg0|6+(I!N$g?-MJuA%q&z@zk-!Q<MBE~U2O@>JkHK4uWLAQeUlCPY
zzHW`dTI6G$AzbKIN{DP(q|iHZC|c}A!bT_F;wT!9pPb#Od5v*cq|lDCxP2NMtw?0U
z^Jsw@0IpaYU5LaiEas7k)QwA6<Pv3Dbi`S)P}aF6?qD$^HM=OzV3CgwdqG@5V>3ls
z96`hLlk$aFfkg`2=f?vqa;cSNG5?ALPWXi|eHz!V$Uti@FceADx5Vu$B3V-&o3BV<
ze`_qhB9{GKioI7Pa*-Fu*DG>}5lQUJtyqnjSHz+)NyJgt8ZXZ{c&CFdhw<?Y$IlEW
zFPk#F;1DOz;GC~rjq|pv@}ex`&C07AT*xaggfM)@Cog>{;SfL1;5;v4=tVfh(Ti}1
zr5E84PcOnDre1_YT)hZ~*m@BT@%17cV(djY#Mz5*h_x5v>am_Xbw|&8JY1Z&y(iWc
zV(>-vA`V}KLoB`shj@Gu4l(&69OCjtIK<|Qa9DarIK=3SaEQ|v;Sj4Y!XaK?ghR}}
z2#2_R5e~8YVw_{+9cL_bs<A8`Z!CCr>e;wwf1d4ncIDY*65B>6iEXHp#JcJvj$V?u
zk2;B?gT&Eu;`CAC^lwtK4bJq42UzSPMU`q$l#{VkzH*hCrKnQt6;*1KqDpO7R7sVJ
ziZzb7fkpAf>ouJoY&t#NbS$FjSWeTiu%=^)O~+!Jj%7EU5zur-S<@L&O=omBosryh
zyh_vYAWhGk?Q!(%c{9gjHXU5Y$=h`5=(w_!>_=xcr)?ca2OURO9Y?2~vhKyy%8pu5
zvAvhwuX2^_QBkqIm;JGF#bc-JWtA%)70&#IxQ6klaOOtDH;nk|&fJYShY=rQ9Y(mi
zQwL%mMtq2S7~$$p9f*Gz@gW9cgsazLD?u#8h!61)BV4@};}91y;zMl22v>LNK#atQ
z4{;JBT-~Vy@e(6G#7vBE^;$eaTaH($J8RLF=aHQ9n&rG=eXUYgDyq~&iYj%GqDuX(
zsFIo#RcgJWN{v@kNtcQ$sY6kvfg*mR?#z<S@{E}Am71w@iZh$moxDw_j=Gb#>CEDF
zXI0R2RseNpMbUIt4|OMR)2XBG<ZU{2)ScB$-B|@S9X`ZxELyR2QCSp4#YRzXgmT43
zQC7Qhm3mQ8u^E>8M!8C+qo|VfViAb<SZtA6j^mpU_c7u_?8gX)_>U1TX~cQ!j_*V)
z$S5!3K}I;lgp6=WBgWMo-;Vf@QC`G|jBtn(8R3#foVV`GJ%||@<we}c2#45_5f1Sq
zBV66_orohD@gbIEghM>Z2$wiItvkLQu_dFth%Xu85MwgJA<krkL#)XNhj^0_4lySq
z9O6z!IK-ZeaELz{;Shr|!XXZ2ghMRK2#0u-5e_jaBV5vmaSdlaLVU_7FJe?ixVkeB
zww&@1uQJNpEXyK8zpPS4l{BEJk^w2I)ZdCKsZ&v<o={XtnTjg)jiO58D=O9o;#)?o
ztUK%Crn6H=tjj2G;+#y>owYaOUPgHl`!d2M<%PC-QHKw4Fr&PPg&E-z=Om`?v;%Q5
zqr8ZX8Q~H~FLh_1f;gE`Uc}0baEYUry0<@a^o-b<PI<9j>JA^`XhwMvOEbbHj$Z0c
zI}leh%8S^V5iW5~+FH)uFL8D;EoU!TcX6empzAfK-e$QD9zXMKi6x;8S<;LlOX@dd
zsgDg=Qnn#W8Z%_cYz$c%cZMttZbQZ`N1V>67Z9s6!XaK~ghR~E2#2_x5e~6CBOKy)
zMmWUqjBtqK8Q~DiGr}RBXM{sc&j^ROo)HeQJtG|Adqz0K_>6Ff^BLg~>odY3-e-hE
z%+CmixStUYu|Fdm;(tas!~l(Ohyxno5DPTIAs%RiLrl;Jhq#~-4zWQa9O8pUIK&8z
zaEKEc;Seh{!XaL0ghR~G2#2_#5e~6KBOKy~MmWR}jc|w~8sQL2G{PaCXoN#d(FljQ
zq7e?UMI#*Ii$*xa7>#g<GwR^HaUSCkb2Q4Ev|?PtSxX`QXp|Q*NF!X`DX-<NrJVAb
z<-D?JDK8xrRnokoN{Uxh$p$iqSl(7EU#Y*1uhbdJS3((Ise_cSgfhO85h$O7Dydkx
zVhtmnX{_~TNhdPLA+Bk}huEeO4)IMR9AcbCIK(-PaENsp;SldM!Xf5qghSlZ2#46G
z5f1TBBOGF&MmWSljc|yC8sQKRHNqh#YJ@{v)Ch;zs1XkFQ6n5;q((TzNsVxbl^Wp?
zFEzp;W@>~(+|&q%*r^c?@lzulVyH$q#8HiKh@~3g5KlG2A*O1CLtNDehuEqS4)IkZ
z9Ad0SIK)|vaEP@U;Sg`t!Fl5-#v%4<ls9R{xR!H<g*dEH-nx?)@mM3iro)H0tPvj`
zn~ZRX&l=$nqcy@IPHTiitkwvJc&!l*F<T=X;<iRO#BPmnh~FCF5W_XXA&zT=YdNbK
z#B+`K5YsinA+BqLLu}Uwhxo1$uI1<oab6=n#CnZzi1!-d5c4&{HJrA!9K9g^Ym^r;
zU?Uvjz(zR4f{kzuM=vc$r-%z1<wb1R2#5Hv5e_k8BV5DLOUuzI;>AXJ5i>TzA#QAh
zL+scH*Kpd_a&&+=vQb{dl8tbPCmZ1qQ#QgioVK+b9U#7Jlov5(BV5&6F?Hg45pOoi
z+w6Gyi^qPm6So)fXQT2EgEqn;4sC=>oE0bH(MEiTNgLr1mo~yRJ8>Vi99inl%Cy;u
z?W$FlC0nhP4?biaR`xH(S1M5XN+{ziDMtB9DB~+BLHSB3<12Nh@|94=SL#gVE1`_9
zWNgakph~7@SzTnQ<FvdI$}*RXNcl=AS;r#&ZDa?Cfg9lv2RFhY7H))Vw&OYw6F1^Z
zoO3P2#*O$8A2-4wMs9>doZJY9Sh*1{an8vQGdJQx+}sF<*trp|<;a(mO<eShIJ!|@
z#L|s$h^HIjT8{1$hYzuJqr8Z(8{rURH^Q}?K2MzXBHnJ47cqAu9OCXqxR%quiPM*e
z!5ig89Nq|rSiBLg<;apac8a*XQC`I6jc|z18{t}xP7$X!;zO+72v_sYM%!M!UU^<$
z#^bHoj{75V&TgA+uWfO?iF0O*xV}-_5ZgDxA-->fLyX@DS9kRn+X3SJMtKqQH^L$A
zZ-hha-w22JzYz{GfFm5@07tl*vtMX9dxMs<4?tYts6505j&L<+4cu_nyNDAU<wdOE
z2v;l5wR)D}tlJScILeFI!4a<JtXUgQA0du#lozptBV5f{dpDf^z%SgQyofCv;cCtr
zv*G9-afYM3h&3GHYR+1@;po2QtQ}k4y3<)pwVZWg)mg8#ymhCuCTuzDznZh|Y<X);
z=k9I8mD#hGcx*M?cEq-UxW$p~5xY3T)x7f!=NtrajHA4WWgOuU&p5)>ymK1oJO{Cj
zqr8Z39N`e-IKtJO_9E7C#D{pt5e_krBOKx$N4T2PUc^6+_z(j*!XXZFghMRk2v>7t
zMoi?04{?zr9AYC!IK)Sea5YC}#7U0$5Gy&tAzpHXL(Jp|S998n*vSze;wMKq#88fK
zh@%|gYEF9*PdVa4OyvlNxXKPL9&a^=ujZVQA<lACUc=!-yyb|m<>XDAv%Z#79^x-Y
z<<*?Iw(8A|&b(iB^46R>5SKZsx9XIK_{<R>Vl+p%syA0S^IO%MqnvrQ>g26CbyS_a
zHKz{5agJoJJM&E4nWO5?Tvqj-{&CI^s?PjTcg_kB=h=}j);;1qJAAPXRh@kRVn0WD
z8_r&%<?JP^-kRUp8#J7KMa$U}SDn2^&DobBKC~lq+>WZVKSHeNC@<ngN4SQwr>i=8
zLF{NJZ){gpM+Y@$zuItgT6OlYHD~|UaP(Jo+EH`%mkmc(h%+6vt>x^?>dxM(<?QpS
z&VHuu@U@)ss?MIN?#R+|WJWyds2zw&9pPHe{tdCIBR<5Zj&Ln!-&l8W4Mztpr@Xo&
zOT*DYtK1Gb(kc%RMU^z5sFDH{Rce=_N^V3^rIDtnlA$Q7GzJt^nz9uYj~>Lij<j2K
zc4$>^H|xzp-j39p>6~3r)!Erpo!wp4+o3r#NyC|O8qQ48aAur_Geb1I*~QuIG@RW|
z)!FSdoZU{<TQxg7f~vQIcXlULCvVNEqw3_XIdxRMRiv{*u6iq4XSH5+^46R>s!raT
zQ%BWV^;Mk}W6j~KIedu29gUB~vHQg7%fzvR#Id2ov9-jp$;7eU#If<DJQif=mz$xe
zlCM=%?2^i|DOc>0$}Lr{*d=*#m0Xf$EIBSYA3|L3VlVLb_dUmNl~)_WRmzu@RT5vg
zN^VzAq?}a>Vtz+bl*-C-mh_s{SyG17S#sjSm6WHFET_j;vPmf|F5lB)N!gOGgvn}*
zb0*&0>Z}_QZyt5l2uXP!m3kY_`XX`W>V~t1NgQ0m$(uNJG#pu~&Kf3h+R-StS2XJN
zevC^T?KR3;meNW+EqX%S@uC%GIFGMntr=fzueI_B&-mhTQ**pe&GAyT@+i;BE7_;u
z5T871N86F5?ReI9+23U4d3D62r|rnxcG}i1yUeVPSodwme%g-hwadM$<(2J6a5cyC
zv>n^4Io_h}SXJ8@8*OJC)LdB{8*<uKb97L1>xg|z&6PRUbIs8~+tXF~p1<f6vC(5&
zbDk?ejP!`F<JelqvB{2O_Z??;M%;9#j#w{M$NoBw?N;5kIey(~Tibh1#%XWcdDf-s
z=%DR9i&J&<(srJ)sXDr9JI?@By|L;%+k^P)k)ErL{t$;f;zKO<2#0v=4$k9?`?Bqv
z(YBp)*0yuL+jh=q+s@f=+d1=XJ7>*^+a9%}<BS=^Z;$xe&V84*b8if>+?~9!FGfsv
zhcCt<w!6a@*MS)C4xclo9lJuj_b4x7zDGF3eUEU6{T|^E|2@JX27HWj{AtJWr-%pd
z<c(!PTzH4ik;U=59mmI39Ut3qe0$ZIk2=oWQ+3*l*zu9fRaXab|5lxOtL>bxRlWJw
zJHvDI(ss@htB$VP&Y5M^(N)_yCq%q?M+dQuBkp{}huHHm&Kav6Z%jMq*=^@6yzShF
zKur3mUc{x3aEMJG;Sirb!XZX|ghQPA2!~kp5f1U{BOGGZM>xc-k8p@xAK?(cKEfe}
zeS||C`v`|v_A$=6N7eD>6z3G8?VMJ$ozoe_xR2^ZocjoeSoaYQ@$MrWV%|qM#J!Jj
z9d9mkPG>sayycwsbi6swIRWZ8^IO|FQR<ZEMjRg;_q;=o`Oyi#GU*m4+@f+i-o)FR
zjVGIxjqVIDh#yTWyYTMB6Hg%VoGxAxo&q~P6;So$ioV~nGTYopfk;lS;LV(~?f@^H
zmRwrWiAJv>Lteb*IfAyc;`^q1=fm!#!gr<?1S7azl1b4=EEMIYVCQbGuZ)L-UWISm
zEl6hXg1@k(qfEQ*KRR)Qe(G1w8EmA}Q_eW^jC&VE%iq*`(aNT;YMvGZ%ioH7;R;5T
z-5D<|-B;<Se3gBLFFY=YW$$OcaHTQ>yUQBJTn|HTfpqqc@C#cyYV8b;Mh=<f8Dkd=
zW`pr4SDXwF4l1E7cl-V2%%kj5udy4xfSGrX(gX6@8{(DMyVB{2yC2GYG~tJ{Svt}}
zQNM68A`-(WnBP(xEQ-v^jxb4SXLWmc8F*!NJgH0%3}(GGyi>lilFkmK>8LUt&nK{_
z4LXQT=&L*GSBB$mzq>*&CfLgQxIYIpog>D=WX9GWzIv(k3{(e&vaZ=$nwK%_&eC<f
zVwa^HX)$=?bY(EYA53f&@0_0QuFS@j@do=6FJ#{Y1@EMuRl1c)dfpt~yRyQuqE%GZ
z(jnqXR95Gs9y9E&Oa~*hc)eaZfQg`z9^7D?*F{NCz+e^Sz*C~iDZcf_>lC-L>lP=T
zdPD-BIg<9S&S!H75@fDS*T(Z<ABtyNauus?r=l`wW@8Bb?4nuio<Qf*%(f1zZ^`>h
zRGZ5f)q6w@zIWCSW-V(_C-k@XNPGBnPS)$9@YTuzn3?K{ole8)r>ouh5cX2RTl>W-
z_jeHzpwgXIrW<K*usXmbva%_>xfR3q(2vYM-k(k;12{{~6*>Xs_m5P>yB>st=*=oC
z<MA+s7pWlXMr8~`8PR+u2)O{mIvFC~Zw*E>O4I(77K*M$$bj)=A0(WP3#{nw3P$1@
zM)d^7wU$oPX$1i)V3Cu3CyQIX;2ytUrVhLg9?Om{ZTm>uV_CEDeH1+w#1gB!yN)dz
zJg^tEY`QjBosD*l=IgtMgX!$#lTTL1FL>z`qAQ?RW`p&Vwyzlnt0VOGE~<3*Y%))m
zWf<>X?G6#jK)!217`pv2G&UN~Dr?>Sw3ERU>d%T<#@n@Nf$8$H$kU&%uW#xAXRqYW
z0zREwCs!)81@VuN9_E7AXOCv^6Jrs!H$)_bsHaxAm>fV}IHf+k#Dq)I;bta9P}5<*
ziFlKA75#9aI~nbQGN#?V*>X{&fCnOlUNj?WGY?yAAQmb>yWH|&!jlQcOIAFzVY)>F
z*Sq^L(ngz5FeF&*4u-!#0}<dwf`{yankVAgDi|}XgM+&(6O1Q>h=8)!htuV3s1FgR
zW~dlU*?ZI7m4~kPrprBe#=YaoAf4Kb8`^o;Z=wVW!G(W%aJDP^+|4?tsVoZiBP_yh
zx0=HiT_8#=3^K#FvfJ{3-{&)Wts`;dp|o6NdK`7jnR1rJk4b49Yv<-J(6%}5DhK0>
zGZ|JT0}TOzxhxwkr_E=0vHJ|$gI~0S(>Kwn$R97T&<q{f_lA#~pw}flO$F2O`apc9
zjQ!B;!+*<_0!x_gI$M2#dOvZWVjldqhr_(L>+F-Ns&&Y4gek9rW)W2pYz4JUr4}%u
z7Io&(-(b|m+Cn@7oI?+Bu&~(JOIODbN0srU4>gGANA}_PKsu$L(K6NsdodB{!bm#j
zXl0ghgTi*7rK(Z5vWhr3nY0CA!)VI%wd<^3P+fOM8?m?KpsjFpXDiLkDV8&Aqbw=e
zII#vA#1ST_kruA2&TN6EtJrjgDR{M_p)e}4CP%eg#+6Mgn~=FIw`Ik6g!Q6K8pYgO
z@>bxItiqEx32<f1`B`$qccqxNv4$)bp#q!&Pg;-xb2&%pX~SXRRDp7eNSWZG7h^*l
zhLgepM3F5_aA%W8_kljc>4zgym~2y#2@py?y*ukN$Xd)$$wu<I65K7OXXN{j7<&Tx
z-YaV!#=y(_2NQd5ILA^<0-No|I%$Uaci(Qzt>ioLXr~rhM{#eHSw%tp)GQTyPH;GM
z4eR4MR`l$K`AEO3g^0-(781p5+&#@@FlUDXkk)jvm5<|o#&IuI9AT!c@S=Jt%F)#E
z%jA{#Mn_v=DO03rs?1SE*6o=I9j;1M$rgU`0AqBrta!1`Uh874j{Aev&B~O!%fl$`
z$O{~=FmM&T#s!p!DM7Zl*oI<Xxfk2f!`M&G49mlEF~vaP<ba(xmi^f%I81hx{#<pe
z52&1Z&RxWFaIRoFLa&PP0INDXJy7sd^mjTHgLHa+{Aq`(T7LOI3n`s=?&27-`L@g(
zAm%C`NA4<~LIy_pMsDw*5XZfx1HvuYbj*j0=c<`jc5&oN7&Avq))k$wp`zl+np=;1
z_=SwcLoYYuX>j$Ma6eP56nL6P{UKinXqHKNRQ)RJ!R~NT-`*cPnO*QseQ`|(CWBdu
zlW*C6!*bP}q>of(0ddcCGwjpO)tGKVB{v3R7PeC}oPuaYrwj)xr&tiF{L2-uc+yE%
Z%pz6IPqk21ry8HEotI~)PWPPf{{T#-g988n

diff --git a/rustdesk_selinux/rustdesk.te b/rustdesk_selinux/rustdesk.te
index ef6fa96..fbb0ea1 100644
--- a/rustdesk_selinux/rustdesk.te
+++ b/rustdesk_selinux/rustdesk.te
@@ -1,25 +1,1566 @@
-policy_module(rustdesk, 1.0.0)
 
-########################################
-#
-# Declarations
-#
+policy_module(rustdesk, 1.0)
 
 type rustdesk_t;
 type rustdesk_exec_t;
+
+gen_require(`
+        # used for direct running of init scripts
+        # by admin domains
+        attribute direct_run_init;
+        attribute direct_init;
+        attribute direct_init_entry;
+
+        attribute init_script_domain_type;
+        attribute initrc_transition_domain;
+        # Attribute used for systemd so domains can allow systemd to create sock_files
+        attribute init_sock_file_type;
+        # Attribute for directories that systemd will watch based on path units
+        # (see systemd.path(5) for more info) (Deprecated)
+        attribute init_watch_path_type;
+
+        # Mark process types as daemons
+        attribute daemon;
+        attribute systemprocess;
+        attribute systemprocess_entry;
+
+        # Mark file type as a daemon run directory
+        attribute daemonrundir;
+
+        class passwd rootok;
+        class dbus { acquire_svc send_msg };
+        class process execmem;
+
+        type abrt_dump_oops_t;
+        type abrt_upload_watch_t;
+        type adjtime_t;
+        type aiccu_t;
+        type amanda_inetd_exec_t;
+        type amanda_t;
+        type antivirus_t;
+        type apcupsd_power_t;
+        type auditd_etc_t;
+        type autofs_device_t;
+        type binfmt_misc_fs_t;
+        type bitlbee_exec_t;
+        type bitlbee_t;
+        type boltd_var_lib_t;
+        type boltd_var_run_t;
+        type boothd_t;
+        type bootloader_exec_t;
+        type bootloader_t;
+        type bpf_t;
+        type bugzilla_script_t;
+        type certwatch_t;
+        type cgroup_t;
+        type chkpwd_exec_t;
+        type chkpwd_t;
+        type chronyc_t;
+        type chronyd_exec_t;
+        type chronyd_keys_t;
+        type chronyd_restricted_t;
+        type chroot_exec_t;
+        type cifs_helper_t;
+        type cinder_domain;
+        type cloudform_domain;
+        type collectd_script_t;
+        type comsat_exec_t;
+        type comsat_t;
+        type config_home_t;
+        type console_device_t;
+        type consolekit_log_t;
+        type container_kvm_t;
+        type container_runtime_domain;
+        type container_runtime_tmpfs_t;
+        type container_var_lib_t;
+        type crack_t;
+        type cups_brf_t;
+        type cupsd_exec_t;
+        type cupsd_lpd_exec_t;
+        type cupsd_lpd_t;
+        type cupsd_t;
+        type cvs_exec_t;
+        type cvs_t;
+        type data_home_t;
+        type dbskkd_exec_t;
+        type dbskkd_t;
+        type default_context_t;
+        type default_t;
+        type devicekit_disk_t;
+        type devicekit_power_t;
+        type devicekit_t;
+        type device_t;
+        type devlog_t;
+        type devpts_t;
+        type dhcpc_state_t;
+        type dhcp_state_t;
+        type dirsrvadmin_script_t;
+        type dri_device_t;
+        type dspam_script_t;
+        type efivarfs_t;
+        type ephemeral_port_t;
+        type etc_aliases_t;
+        type etc_runtime_t;
+        type etc_t;
+        type event_device_t;
+        type faillog_t;
+        type fetchmail_t;
+        type fingerd_exec_t;
+        type fingerd_t;
+        type fixed_disk_device_t;
+        type flatpak_helper_t;
+        type fprintd_exec_t;
+        type fprintd_t;
+        type fprintd_var_lib_t;
+        type fsadm_t;
+        type ftpd_exec_t;
+        type ftpd_t;
+        type fwupd_cache_t;
+        type fwupd_t;
+        type gconfdefaultsm_t;
+        type geoclue_t;
+        type getty_exec_t;
+        type getty_t;
+        type gitd_exec_t;
+        type git_system_t;
+        type gnome_home_type;
+        type gnomesystemmm_t;
+        type guest_t;
+        type home_bin_t;
+        type home_root_t;
+        type hostname_etc_t;
+        type httpd_log_t;
+        type httpd_t;
+        type httpd_tmp_t;
+        type hugetlbfs_t;
+        type ibacm_t;
+        type ibacm_var_run_t;
+        type inetd_child_exec_t;
+        type inetd_child_t;
+        type initctl_t;
+        type init_exec_t;
+        type initrc_state_t;
+        type initrc_t;
+        type initrc_var_run_t;
+        type init_t;
+        type init_tmp_t;
+        type init_var_lib_t;
+        type init_var_run_t;
+        type insights_client_t;
+        type install_exec_t;
+        type install_t;
+        type ipsec_conf_file_t;
+        type ipsec_t;
+        type ipsec_var_run_t;
+        type irqbalance_t;
+        type iscsi_var_lib_t;
+        type jockey_t;
+        type journalctl_exec_t;
+        type kadmind_t;
+        type kdump_crash_t;
+        type kdumpctl_t;
+        type kdump_t;
+        type keepalived_unconfined_script_t;
+        type kernel_t;
+        type kmod_exec_t;
+        type kmod_t;
+        type kmscon_t;
+        type kmsg_device_t;
+        type krb5_keytab_t;
+        type ktalkd_exec_t;
+        type ktalkd_t;
+        type l2tpd_t;
+        type lastlog_t;
+        type ld_so_cache_t;
+        type lldpad_t;
+        type loadkeys_t;
+        type locale_t;
+        type lvm_control_t;
+        type lvm_etc_t;
+        type lvm_t;
+        type lvm_var_run_t;
+        type machineid_t;
+        type mail_spool_t;
+        type mandb_t;
+        type mdadm_t;
+        type mdadm_var_run_t;
+        type memcached_t;
+        type memory_device_t;
+        type mnt_t;
+        type modemmanager_t;
+        type modules_dep_t;
+        type modules_object_t;
+        type mon_procd_t;
+        type mount_t;
+        type mount_var_run_t;
+        type mptcpd_t;
+        type munin_plugin_domain;
+        type munin_t;
+        type mysqld_t;
+        type mythtv_script_t;
+        type naemon_t;
+        type nagios_plugin_domain;
+        type nagios_system_plugin_t;
+        type named_conf_t;
+        type named_zone_t;
+        type net_conf_t;
+        type netlabel_mgmt_t;
+        type networkmanager_dispatcher_plugin;
+        type NetworkManager_dispatcher_t;
+        type NetworkManager_priv_helper_t;
+        type NetworkManager_t;
+        type nfsd_fs_t;
+        type nfsidmap_t;
+        type ninfod_t;
+        type nrpe_exec_t;
+        type nrpe_t;
+        type nsfs_t;
+        type openshift_cgroup_read_t;
+        type openshift_net_read_t;
+        type oracleasm_t;
+        type passwd_file_t;
+        type pcscd_t;
+        type pdns_t;
+        type pegasus_openlmi_domain;
+        type pkcs_slotd_t;
+        type pkcs_slotd_tmpfs_t;
+        type plymouthd_t;
+        type plymouth_exec_t;
+        type policykit_t;
+        type postfix_exec_t;
+        type print_spool_t;
+        type proc_net_t;
+        type proc_security_t;
+        type ptchown_t;
+        type pulseaudio_home_t;
+        type qmail_tcp_env_exec_t;
+        type qmail_tcp_env_t;
+        type qpidd_t;
+        type quota_exec_t;
+        type quota_t;
+        type radiusd_t;
+        type random_device_t;
+        type random_seed_t;
+        type rdisc_t;
+        type rhsmcertd_t;
+        type rlogind_exec_t;
+        type rlogind_t;
+        type root_t;
+        type rpm_script_t;
+        type rpm_var_cache_t;
+        type rpm_var_lib_t;
+        type rshd_exec_t;
+        type rshd_t;
+        type rsync_exec_t;
+        type rsync_t;
+        type rustdesk_exec_t;
+        type rustdesk_t;
+        type sblim_domain;
+        type security_t;
+        type selinux_config_t;
+        type selinux_login_config_t;
+        type semanage_store_t;
+        type session_dbusd_tmp_t;
+        type shell_exec_t;
+        type smbcontrol_t;
+        type smokeping_cgi_script_t;
+        type spc_t;
+        type speech_dispatcher_t;
+        type sshd_exec_t;
+        type sshd_t;
+        type ssh_keysign_t;
+        type sslh_t;
+        type sssd_var_lib_t;
+        type staff_t;
+        type stratisd_data_t;
+        type stunnel_exec_t;
+        type stunnel_t;
+        type sudo_exec_t;
+        type sulogin_exec_t;
+        type sulogin_t;
+        type svc_start_exec_t;
+        type svc_start_t;
+        type svirt_file_type;
+        type svirt_sandbox_domain;
+        type svirt_t;
+        type svirt_tcg_t;
+        type swat_exec_t;
+        type swat_t;
+        type sysctl_kernel_t;
+        type sysfs_t;
+        type syslogd_t;
+        type systemd_bootchart_t;
+        type system_dbusd_t;
+        type system_dbusd_var_run_t;
+        type systemd_coredump_t;
+        type systemd_gpt_generator_t;
+        type systemd_home_t;
+        type systemd_hostnamed_t;
+        type systemd_hwdb_t;
+        type systemd_importd_t;
+        type systemd_initctl_t;
+        type systemd_journal_upload_t;
+        type systemd_localed_t;
+        type systemd_logger_t;
+        type systemd_logind_inhibit_var_run_t;
+        type systemd_logind_sessions_t;
+        type systemd_logind_t;
+        type systemd_logind_var_run_t;
+        type systemd_machined_t;
+        type systemd_modules_load_t;
+        type systemd_mount_directory;
+        type systemd_networkd_exec_t;
+        type systemd_networkd_t;
+        type systemd_network_generator_t;
+        type systemd_notify_t;
+        type systemd_passwd_agent_exec_t;
+        type systemd_passwd_agent_t;
+        type systemd_passwd_var_run_t;
+        type systemd_pstore_t;
+        type systemd_resolved_exec_t;
+        type systemd_resolved_t;
+        type systemd_rfkill_t;
+        type systemd_rfkill_var_lib_t;
+        type systemd_sleep_t;
+        type systemd_socket_proxyd_t;
+        type systemd_sysctl_t;
+        type systemd_systemctl_exec_t;
+        type systemd_timedated_t;
+        type systemd_timedated_var_lib_t;
+        type systemd_tmpfiles_t;
+        type systemd_userdbd_runtime_t;
+        type systemd_userdbd_t;
+        type tangd_db_t;
+        type tangd_t;
+        type targetclid_t;
+        type tcpd_exec_t;
+        type tcpd_t;
+        type telnetd_exec_t;
+        type telnetd_t;
+        type tftpd_exec_t;
+        type tftpd_t;
+        type thin_domain;
+        type thumb_t;
+        type timedatex_t;
+        type tlp_t;
+        type tmpfs_t;
+        type tmpreaper_t;
+        type tmp_t;
+        type tpm_device_t;
+        type tty_device_t;
+        type udev_rules_t;
+        type udev_t;
+        type unconfined_dbusd_t;
+        type unconfined_service_t;
+        type unconfined_t;
+        type unlabeled_t;
+        type unreserved_port_t;
+        type updpwd_exec_t;
+        type updpwd_t;
+        type urandom_device_t;
+        type usbtty_device_t;
+        type user_devpts_t;
+        type user_fonts_cache_t;
+        type user_home_dir_t;
+        type user_home_t;
+        type user_t;
+        type user_tmp_t;
+        type user_tty_device_t;
+        type usr_t;
+        type uucpd_exec_t;
+        type uucpd_t;
+        type uuidd_t;
+        type uuidd_var_run_t;
+        type var_lib_nfs_t;
+        type var_lib_t;
+        type var_log_t;
+        type var_run_t;
+        type var_spool_t;
+        type var_t;
+        type virsh_t;
+        type virtd_t;
+        type virt_etc_rw_t;
+        type virtio_device_t;
+        type vnstatd_t;
+        type watchdog_device_t;
+        type watchdog_t;
+        type wireguard_t;
+        type wireless_device_t;
+        type wtmp_t;
+        type xdm_exec_t;
+        type xdm_t;
+        type xdm_var_lib_t;
+        type xenconsoled_t;
+        type xend_t;
+        type xguest_t;
+        type xserver_port_t;
+        type xserver_t;
+')
+
+###############################################################################
+#
+# Part 1. The following rules are mainly from the open source `init.te`.
+#               https://github.com/fedora-selinux/selinux-policy/blob/rawhide/policy/modules/system/init.te
+#
+#         Note: Part 1 will probably be mostly the same as Part 3. But it's acceptable for now.
+#
+
 init_daemon_domain(rustdesk_t, rustdesk_exec_t)
 
-permissive rustdesk_t;
+domain_role_change_exemption(rustdesk_t)
+domain_subj_id_change_exemption(rustdesk_t)
+domain_obj_id_change_exemption(rustdesk_t)
+role system_r types rustdesk_t;
+corecmd_shell_entry_type(rustdesk_t)
+typeattribute rustdesk_t init_script_domain_type;
+
 
 ########################################
+
+# Use capabilities, old rule:
+allow rustdesk_t self:capability ~{ audit_control audit_write sys_module };
+allow rustdesk_t self:capability2 ~{ mac_admin mac_override };
+allow rustdesk_t self:cap_userns all_cap_userns_perms;
+allow rustdesk_t self:tcp_socket { listen accept };
+allow rustdesk_t self:packet_socket create_socket_perms;
+allow rustdesk_t self:key manage_key_perms;
+allow rustdesk_t self:bpf { map_create map_read map_write prog_load prog_run };
+
+allow rustdesk_t self:file mounton;
+allow rustdesk_t self:fifo_file rw_fifo_file_perms;
+
+allow rustdesk_t self:service manage_service_perms;
+allow rustdesk_t self:user_namespace create;
+
+# Re-exec itself
+can_exec(rustdesk_t, rustdesk_exec_t)
+# executing content in /run/initramfs
+manage_files_pattern(rustdesk_t, initrc_state_t, initrc_state_t)
+can_exec(rustdesk_t, initrc_state_t)
+
+allow rustdesk_t initrc_t:unix_stream_socket { connectto create_stream_socket_perms };
+allow rustdesk_t initrc_t:tcp_socket create_stream_socket_perms;
+allow initrc_t rustdesk_t:unix_stream_socket { connectto rw_stream_socket_perms sendto };
+allow initrc_t rustdesk_t:fifo_file rw_fifo_file_perms;
+
+manage_files_pattern(rustdesk_t, init_tmp_t, init_tmp_t)
+manage_dirs_pattern(rustdesk_t, init_tmp_t, init_tmp_t)
+manage_lnk_files_pattern(rustdesk_t, init_tmp_t, init_tmp_t)
+manage_sock_files_pattern(rustdesk_t, init_tmp_t, init_tmp_t)
+files_tmp_filetrans(rustdesk_t, init_tmp_t, { file sock_file })
+allow rustdesk_t init_tmp_t:file map;
+
+manage_dirs_pattern(rustdesk_t, init_var_lib_t, init_var_lib_t)
+manage_files_pattern(rustdesk_t, init_var_lib_t, init_var_lib_t)
+manage_lnk_files_pattern(rustdesk_t, init_var_lib_t, init_var_lib_t)
+manage_sock_files_pattern(rustdesk_t, init_var_lib_t, init_var_lib_t)
+files_var_lib_filetrans(rustdesk_t, init_var_lib_t, { dir file })
+allow rustdesk_t init_var_lib_t:dir mounton;
+allow rustdesk_t init_var_lib_t:file map;
+
+manage_dirs_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+manage_files_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+manage_lnk_files_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+manage_sock_files_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+manage_fifo_files_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+manage_blk_files_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+manage_chr_files_pattern(rustdesk_t, init_var_run_t, init_var_run_t)
+files_pid_filetrans(rustdesk_t, init_var_run_t, { dir file blk_file chr_file fifo_file})
+allow rustdesk_t init_var_run_t:dir mounton;
+allow rustdesk_t init_var_run_t:file mounton;
+allow rustdesk_t init_var_run_t:sock_file relabelto;
+allow rustdesk_t init_var_run_t:blk_file { getattr relabelto };
+allow rustdesk_t init_var_run_t:chr_file { getattr relabelto };
+allow rustdesk_t init_var_run_t:fifo_file { getattr relabelto };
+
+allow rustdesk_t machineid_t:file manage_file_perms;
+files_pid_filetrans(rustdesk_t, machineid_t, file, "machine-id")
+files_etc_filetrans(rustdesk_t, machineid_t, file, "machine-id")
+allow rustdesk_t machineid_t:file mounton;
+
+allow rustdesk_t initctl_t:fifo_file manage_fifo_file_perms;
+dev_filetrans(rustdesk_t, initctl_t, fifo_file)
+
+# Modify utmp
+allow rustdesk_t initrc_var_run_t:file { rw_file_perms setattr };
+
+kernel_read_system_state(rustdesk_t)
+kernel_share_state(rustdesk_t)
+kernel_stream_connect(rustdesk_t)
+kernel_rw_stream_socket_perms(rustdesk_t)
+kernel_rw_unix_dgram_sockets(rustdesk_t)
+kernel_mounton_systemd_ProtectKernelTunables(rustdesk_t)
+kernel_read_core_if(rustdesk_t)
+kernel_mounton_core_if(rustdesk_t)
+kernel_mounton_all_sysctls(rustdesk_t)
+kernel_get_sysvipc_info(rustdesk_t)
+kernel_load_module(rustdesk_t)
+kernel_read_all_proc(rustdesk_t)
+kernel_list_all_proc(rustdesk_t)
+kernel_mounton_all_proc(rustdesk_t)
+
+# There is bug in kernel 4.16 where lot of domains requesting module_request, for now dontauditing
+kernel_dontaudit_request_load_module(rustdesk_t)
+
+corecmd_exec_chroot(rustdesk_t)
+corecmd_exec_bin(rustdesk_t)
+
+corenet_all_recvfrom_netlabel(rustdesk_t)
+corenet_tcp_bind_all_ports(rustdesk_t)
+corenet_udp_bind_all_ports(rustdesk_t)
+
+dev_create_all_files(rustdesk_t)
+dev_create_all_chr_files(rustdesk_t)
+dev_list_sysfs(rustdesk_t)
+dev_manage_sysfs(rustdesk_t)
+dev_mounton_all_device_nodes(rustdesk_t)
+dev_setattr_all_blk_files(rustdesk_t)
+dev_setattr_all_chr_files(rustdesk_t)
+dev_read_urand(rustdesk_t)
+dev_read_raw_memory(rustdesk_t)
+# Early devtmpfs
+dev_rw_generic_chr_files(rustdesk_t)
+dev_filetrans_all_named_dev(rustdesk_t)
+dev_write_watchdog(rustdesk_t)
+dev_rw_inherited_input_dev(rustdesk_t)
+dev_rw_dri(rustdesk_t)
+dev_rw_tpm(rustdesk_t)
+
+domain_getpgid_all_domains(rustdesk_t)
+domain_kill_all_domains(rustdesk_t)
+domain_signal_all_domains(rustdesk_t)
+domain_signull_all_domains(rustdesk_t)
+domain_sigstop_all_domains(rustdesk_t)
+domain_sigchld_all_domains(rustdesk_t)
+domain_read_all_domains_state(rustdesk_t)
+domain_getattr_all_domains(rustdesk_t)
+domain_setrlimit_all_domains(rustdesk_t)
+domain_rlimitinh_all_domains(rustdesk_t)
+domain_noatsecure_all_domains(rustdesk_t)
+domain_setpriority_all_domains(rustdesk_t)
+
+files_read_config_files(rustdesk_t)
+files_read_all_pids(rustdesk_t)
+files_map_all_pids(rustdesk_t)
+files_read_system_conf_files(rustdesk_t)
+files_rw_generic_pids(rustdesk_t)
+files_dontaudit_search_isid_type_dirs(rustdesk_t)
+files_read_isid_type_files(rustdesk_t)
+files_read_etc_runtime_files(rustdesk_t)
+files_manage_all_locks(rustdesk_t)
+files_manage_etc_runtime_files(rustdesk_t)
+files_manage_etc_symlinks(rustdesk_t)
+files_etc_filetrans_etc_runtime(rustdesk_t, file)
+# Run /etc/X11/prefdm
+files_exec_etc_files(rustdesk_t)
+files_read_usr_files(rustdesk_t)
+files_write_root_dirs(rustdesk_t)
+# file descriptors inherited from the rootfs
+files_dontaudit_rw_root_files(rustdesk_t)
+files_dontaudit_rw_root_chr_files(rustdesk_t)
+files_dontaudit_mounton_modules_object(rustdesk_t)
+files_manage_mnt_dirs(rustdesk_t)
+files_manage_mnt_files(rustdesk_t)
+files_read_mnt_symlinks(rustdesk_t)
+files_mounton_etc(rustdesk_t)
+files_create_default_dir(rustdesk_t)
+files_remount_rootfs(rustdesk_t)
+files_create_var_dirs(rustdesk_t)
+files_watch_non_security_dirs(rustdesk_t)
+files_watch_non_security_files(rustdesk_t)
+files_watch_non_security_lnk_files(rustdesk_t)
+
+fs_read_efivarfs_files(rustdesk_t)
+fs_setattr_efivarfs_files(rustdesk_t)
+fs_read_nfsd_files(rustdesk_t)
+
+fstools_getattr_swap_files(rustdesk_t)
+
+mcs_process_set_categories(rustdesk_t)
+
+mls_file_read_all_levels(rustdesk_t)
+mls_file_write_all_levels(rustdesk_t)
+mls_file_downgrade(rustdesk_t)
+mls_file_upgrade(rustdesk_t)
+mls_fd_use_all_levels(rustdesk_t)
+mls_fd_share_all_levels(rustdesk_t)
+mls_process_set_level(rustdesk_t)
+mls_process_write_down(rustdesk_t)
+mls_socket_read_all_levels(rustdesk_t)
+mls_socket_write_all_levels(rustdesk_t)
+mls_rangetrans_source(rustdesk_t)
+
+selinux_set_all_booleans(rustdesk_t)
+selinux_load_policy(rustdesk_t)
+selinux_mounton_fs(rustdesk_t)
+allow rustdesk_t security_t:security load_policy;
+
+selinux_compute_access_vector(rustdesk_t)
+selinux_compute_create_context(rustdesk_t)
+selinux_compute_user_contexts(rustdesk_t)
+selinux_validate_context(rustdesk_t)
+selinux_compute_relabel_context(rustdesk_t)
+selinux_unmount_fs(rustdesk_t)
+
+term_create_pty_dir(rustdesk_t)
+term_use_unallocated_ttys(rustdesk_t)
+term_setattr_unallocated_ttys(rustdesk_t)
+term_use_console(rustdesk_t)
+term_use_all_inherited_terms(rustdesk_t)
+term_use_usb_ttys(rustdesk_t)
+term_use_all_ptys(rustdesk_t)
+term_setattr_all_ptys(rustdesk_t)
+term_use_virtio_console(rustdesk_t)
+term_watch_console_dev(rustdesk_t)
+term_watch_reads_console_dev(rustdesk_t)
+term_watch_unallocated_ttys(rustdesk_t)
+term_watch_reads_unallocated_ttys(rustdesk_t)
+term_watch_user_ttys(rustdesk_t)
+term_watch_reads_user_ttys(rustdesk_t)
+
+# Run init scripts
+init_domtrans_script(rustdesk_t)
+init_exec_notrans_direct_init_entry(rustdesk_t)
+
+libs_rw_ld_so_cache(rustdesk_t)
+
+logging_create_devlog_dev(rustdesk_t)
+logging_send_syslog_msg(rustdesk_t)
+logging_send_audit_msgs(rustdesk_t)
+logging_manage_generic_logs(rustdesk_t)
+logging_mmap_generic_logs(rustdesk_t)
+logging_relabel_devlog_dev(rustdesk_t)
+logging_manage_audit_config(rustdesk_t)
+logging_create_syslog_netlink_audit_socket(rustdesk_t)
+logging_write_var_log_dirs(rustdesk_t)
+logging_manage_var_log_symlinks(rustdesk_t)
+
+seutil_read_config(rustdesk_t)
+seutil_read_login_config(rustdesk_t)
+seutil_read_default_contexts(rustdesk_t)
+seutil_read_module_store(rustdesk_t)
+
+miscfiles_manage_localization(rustdesk_t)
+miscfiles_filetrans_named_content(rustdesk_t)
+
+udev_manage_rules_files(rustdesk_t)
+
+userdom_use_user_ttys(rustdesk_t)
+userdom_manage_tmp_dirs(rustdesk_t)
+userdom_manage_tmp_sockets(rustdesk_t)
+userdom_delete_user_tmp_files(rustdesk_t)
+userdom_delete_user_home_content_files(rustdesk_t)
+userdom_connectto_stream(rustdesk_t)
+userdom_rw_inherited_user_pipes(rustdesk_t)
+userdom_transition_login_userdomain(rustdesk_t)
+userdom_nnp_transition_login_userdomain(rustdesk_t)
+userdom_noatsecure_login_userdomain(rustdesk_t)
+userdom_sigchld_login_userdomain(rustdesk_t)
+userdom_use_user_ptys(rustdesk_t)
+userdom_watch_user_ptys(rustdesk_t)
+userdom_watch_reads_user_ptys(rustdesk_t)
+
+allow rustdesk_t self:process setsched;
+
+ifdef(`distro_redhat',`
+	fs_manage_tmpfs_files(rustdesk_t)
+	fs_manage_tmpfs_symlinks(rustdesk_t)
+	fs_manage_tmpfs_sockets(rustdesk_t)
+	fs_manage_tmpfs_chr_files(rustdesk_t)
+	fs_exec_tmpfs_files(rustdesk_t)
+	fs_read_tmpfs_symlinks(rustdesk_t)
+	fs_tmpfs_filetrans(rustdesk_t, initctl_t, fifo_file)
+	fs_tmpfs_filetrans_named_content(rustdesk_t)
+    fs_relabelfrom_tmpfs_lnk_files(rustdesk_t)
+
+	logging_stream_connect_syslog(rustdesk_t)
+	logging_relabel_syslog_pid_socket(rustdesk_t)
+')
+
+corecmd_shell_domtrans(rustdesk_t, initrc_t)
+
+storage_raw_rw_fixed_disk(rustdesk_t)
+
+sysnet_read_dhcpc_state(rustdesk_t)
+
+allow rustdesk_t self:system all_system_perms;
+allow rustdesk_t self:system module_load;
+allow rustdesk_t self:unix_dgram_socket { create_socket_perms sendto };
+allow rustdesk_t self:process { setkeycreate setsockcreate setfscreate setrlimit setexec };
+allow rustdesk_t self:process { getcap setcap };
+allow rustdesk_t self:unix_stream_socket { create_stream_socket_perms connectto recvfrom };
+allow rustdesk_t self:netlink_kobject_uevent_socket create_socket_perms;
+allow rustdesk_t self:netlink_selinux_socket create_socket_perms;
+allow rustdesk_t self:unix_dgram_socket lock;
+# Until systemd is fixed
+allow daemon rustdesk_t:socket_class_set { getopt read getattr ioctl setopt write };
+allow rustdesk_t self:udp_socket create_socket_perms;
+allow rustdesk_t self:netlink_route_socket create_netlink_socket_perms;
+
+allow rustdesk_t initrc_t:unix_dgram_socket create_socket_perms;
+
+kernel_list_unlabeled(rustdesk_t)
+kernel_read_unlabeled_lnk_files(rustdesk_t)
+kernel_read_network_state(rustdesk_t)
+kernel_rw_all_sysctls(rustdesk_t)
+kernel_rw_security_state(rustdesk_t)
+kernel_rw_usermodehelper_state(rustdesk_t)
+kernel_read_software_raid_state(rustdesk_t)
+kernel_unmount_debugfs(rustdesk_t)
+kernel_setsched(rustdesk_t)
+kernel_mounton_kernel_sysctl(rustdesk_t)
+
+dev_write_kmsg(rustdesk_t)
+dev_write_urand(rustdesk_t)
+dev_rw_lvm_control(rustdesk_t)
+dev_rw_autofs(rustdesk_t)
+dev_manage_generic_symlinks(rustdesk_t)
+dev_manage_generic_dirs(rustdesk_t)
+dev_manage_generic_files(rustdesk_t)
+dev_read_generic_chr_files(rustdesk_t)
+dev_relabel_generic_dev_dirs(rustdesk_t)
+dev_relabel_all_dev_nodes(rustdesk_t)
+dev_relabel_all_dev_files(rustdesk_t)
+dev_manage_sysfs_dirs(rustdesk_t)
+dev_relabel_sysfs_dirs(rustdesk_t)
+dev_rw_wireless(rustdesk_t)
+
+files_search_all(rustdesk_t)
+files_mounton_all_mountpoints(rustdesk_t)
+files_unmount_all_file_type_fs(rustdesk_t)
+files_remount_all_file_type_fs(rustdesk_t)
+files_mounton_kernel_symbol_table(rustdesk_t)
+files_manage_all_pid_dirs(rustdesk_t)
+files_write_all_pid_sockets(rustdesk_t)
+files_manage_etc_dirs(rustdesk_t)
+files_manage_generic_tmp_dirs(rustdesk_t)
+files_relabel_all_pid_dirs(rustdesk_t)
+files_relabel_all_pid_files(rustdesk_t)
+files_create_all_pid_sockets(rustdesk_t)
+files_delete_all_pids(rustdesk_t)
+files_exec_generic_pid_files(rustdesk_t)
+files_create_all_pid_pipes(rustdesk_t)
+files_create_all_spool_sockets(rustdesk_t)
+files_delete_all_spool_sockets(rustdesk_t)
+files_create_var_lib_dirs(rustdesk_t)
+files_create_var_lib_symlinks(rustdesk_t)
+files_read_var_lib_symlinks(rustdesk_t)
+files_manage_urandom_seed(rustdesk_t)
+files_list_locks(rustdesk_t)
+files_list_spool(rustdesk_t)
+files_list_var(rustdesk_t)
+files_write_var_dirs(rustdesk_t)
+files_manage_var_symlinks(rustdesk_t)
+files_setattr_var_dirs(rustdesk_t)
+files_list_boot(rustdesk_t)
+files_list_home(rustdesk_t)
+files_create_lock_dirs(rustdesk_t)
+files_relabel_all_files(rustdesk_t)
+files_read_kernel_modules(rustdesk_t)
+files_map_kernel_modules(rustdesk_t)
+files_dontaudit_mounton_isid(rustdesk_t)
+files_delete_tmp_files(rustdesk_t)
+files_delete_tmp_pipes(rustdesk_t)
+files_delete_tmp_sockets(rustdesk_t)
+fs_getattr_all_fs(rustdesk_t)
+fs_manage_cgroup_dirs(rustdesk_t)
+fs_manage_cgroup_files(rustdesk_t)
+fs_manage_bpf_dirs(rustdesk_t)
+fs_manage_bpf_files(rustdesk_t)
+fs_manage_hugetlbfs_dirs(rustdesk_t)
+fs_manage_tmpfs_dirs(rustdesk_t)
+fs_relabel_tmpfs_blk_file(rustdesk_t)
+fs_relabel_tmpfs_chr_file(rustdesk_t)
+fs_relabel_pstore_dirs(rustdesk_t)
+fs_relabel_tmpfs_dirs(rustdesk_t)
+fs_relabel_tmpfs_files(rustdesk_t)
+fs_relabel_tmpfs_fifo_files(rustdesk_t)
+fs_mount_all_fs(rustdesk_t)
+fs_unmount_all_fs(rustdesk_t)
+fs_remount_all_fs(rustdesk_t)
+fs_list_all(rustdesk_t)
+fs_list_auto_mountpoints(rustdesk_t)
+fs_register_binary_executable_type(rustdesk_t)
+fs_relabel_tmpfs_sock_file(rustdesk_t)
+fs_rw_tmpfs_files(rustdesk_t)	
+fs_relabel_cgroup_dirs(rustdesk_t)
+fs_search_cgroup_dirs(rustdesk_t)
+# for network namespaces
+fs_read_nsfs_files(rustdesk_t)
+
+storage_getattr_removable_dev(rustdesk_t)
+
+term_relabel_ptys_dirs(rustdesk_t)
+
+auth_relabel_login_records(rustdesk_t)
+auth_relabel_pam_console_data_dirs(rustdesk_t)
+auth_manage_faillog(rustdesk_t)
+
+clock_read_adjtime(rustdesk_t)
+
+init_read_script_state(rustdesk_t)
+
+seutil_read_file_contexts(rustdesk_t)
+
+systemd_exec_systemctl(rustdesk_t)
+systemd_manage_home_content(rustdesk_t)
+systemd_manage_unit_dirs(rustdesk_t)
+systemd_manage_random_seed(rustdesk_t)
+systemd_manage_all_unit_files(rustdesk_t)
+systemd_logger_stream_connect(rustdesk_t)
+systemd_login_manage_pid_files(rustdesk_t)
+systemd_config_all_services(rustdesk_t)
+systemd_relabelto_fifo_file_passwd_run(rustdesk_t)
+systemd_relabel_unit_dirs(rustdesk_t)
+systemd_relabel_unit_files(rustdesk_t)
+systemd_relabel_unit_symlinks(rustdesk_t)
+systemd_login_status(rustdesk_t)
+systemd_map_networkd_exec_files(rustdesk_t)
+systemd_map_resolved_exec_files(rustdesk_t)
+systemd_rfkill_setattr_lib(rustdesk_t)
+systemd_rfkill_mounton_var_lib(rustdesk_t)
+systemd_rfkill_manage_lib_dirs(rustdesk_t)
+systemd_timedated_mounton_var_lib(rustdesk_t)
+systemd_mounton_inhibit_dir(rustdesk_t)
+systemd_timedated_manage_lib_dirs(rustdesk_t)
+systemd_login_mounton_pid_dirs(rustdesk_t)
+systemd_mounton_inherited_logind_sessions_dirs(rustdesk_t)
+systemd_delete_private_tmp(rustdesk_t)
+systemd_userdbd_stream_connect(rustdesk_t)
+systemd_userdbd_runtime_filetrans(rustdesk_t)
+systemd_userdbd_runtime_manage_symlinks(rustdesk_t)
+systemd_write_inherited_logind_sessions_pipes(rustdesk_t)
+
+create_sock_files_pattern(rustdesk_t, init_sock_file_type, init_sock_file_type)
+
+create_dirs_pattern(rustdesk_t, var_log_t, var_log_t)
+
+auth_use_nsswitch(rustdesk_t)
+auth_rw_login_records(rustdesk_t)
+auth_rw_lastlog(rustdesk_t)
+auth_domtrans_chk_passwd(rustdesk_t)
+auth_manage_passwd(rustdesk_t)
+
+allow rustdesk_t var_run_t:dir relabelto;
+
+allow rustdesk_t daemon:unix_stream_socket create_stream_socket_perms;
+allow rustdesk_t daemon:unix_dgram_socket create_socket_perms;
+allow rustdesk_t daemon:tcp_socket create_stream_socket_perms;
+allow rustdesk_t daemon:udp_socket create_socket_perms;
+allow daemon rustdesk_t:unix_dgram_socket sendto;
+# need write to /var/run/systemd/notify
+init_write_pid_socket(daemon)
+allow daemon rustdesk_t:unix_stream_socket { append write read getattr ioctl };
+
+allow rustdesk_t daemon:process siginh;
+
+ifdef(`hide_broken_symptoms',`
+	# RHEL4 systems seem to have a stray
+	# fds open from the initrd
+	ifdef(`distro_rhel4',`
+		kernel_dontaudit_use_fds(daemon)
+	')
+
+	dontaudit daemon rustdesk_t:dir search_dir_perms;
+	dontaudit daemon rustdesk_t:file read_file_perms;
+')
+
+dontaudit systemprocess rustdesk_t:unix_stream_socket getattr;
+
+allow rustdesk_t daemon:unix_stream_socket create_stream_socket_perms;
+allow rustdesk_t daemon:unix_dgram_socket create_socket_perms;
+allow daemon rustdesk_t:unix_stream_socket ioctl;
+allow daemon rustdesk_t:unix_dgram_socket sendto;
+
+# Handle upstart/systemd direct transition to a executable
+allow rustdesk_t systemprocess:process { dyntransition siginh };
+allow rustdesk_t systemprocess:unix_stream_socket create_stream_socket_perms;
+allow rustdesk_t systemprocess:unix_dgram_socket create_socket_perms;
+allow systemprocess rustdesk_t:unix_dgram_socket sendto;
+allow systemprocess rustdesk_t:unix_stream_socket { append write read getattr ioctl };
+
+
+###############################################################################
 #
-# rustdesk local policy
+# Part 2. The following rules are generated by
+#               `grep rustdesk /var/log/audit/audit.log | audit2allow -a -M test`
 #
-allow rustdesk_t self:fifo_file rw_fifo_file_perms;
-allow rustdesk_t self:unix_stream_socket create_stream_socket_perms;
 
-domain_use_interactive_fds(rustdesk_t)
+#============= rustdesk_t ==============
+corenet_tcp_connect_unreserved_ports(rustdesk_t)
 
-files_read_etc_files(rustdesk_t)
+allow rustdesk_t self:process execmem;
+allow rustdesk_t data_home_t:dir { add_name create remove_name write };
+allow rustdesk_t config_home_t:dir { write add_name remove_name };
+allow rustdesk_t data_home_t:file { create link open read rename setattr unlink write };
+allow rustdesk_t config_home_t:file { create link open read rename setattr unlink write };
+allow rustdesk_t sudo_exec_t:file { execute execute_no_trans map open read } ;
+allow rustdesk_t systemd_logind_t:dbus send_msg;
+allow rustdesk_t tmp_t:file { setattr open setattr unlink write unlink };
+allow rustdesk_t user_tmp_t:file { open write read link unlink map };
+allow systemd_coredump_t rustdesk_exec_t:file read;
+allow rustdesk_t event_device_t:chr_file { append open ioctl lock read write };
+allow rustdesk_t session_dbusd_tmp_t:sock_file write;
+allow rustdesk_t unconfined_dbusd_t:unix_stream_socket connectto;
+allow unconfined_t rustdesk_exec_t:file { execute getattr open read };
+allow init_t rustdesk_exec_t:file getattr;
+allow rustdesk_t pulseaudio_home_t:file { read open write lock };
+allow rustdesk_t user_fonts_cache_t:dir { add_name remove_name } ;
+allow rustdesk_t user_fonts_cache_t:file { create open read write lock unlink };
+
+#!!!! This AVC can be allowed using the boolean 'nis_enabled'
+allow rustdesk_t unreserved_port_t:tcp_socket name_connect;
+allow rustdesk_t xserver_port_t:tcp_socket name_connect;
+allow rustdesk_t xserver_t:unix_stream_socket connectto;
+allow rustdesk_t ephemeral_port_t:tcp_socket name_connect;
+
+
+###############################################################################
+#
+# Part 3. The following rules are from the system installed rules.
+#               `dnf install setools-console`
+#               `sesearch -A | grep 'allow init_t ' | sed 's/allow init_t /allow rustdesk_t /g'`
+#
 
-miscfiles_read_localization(rustdesk_t)
+#============= merge from init_t ==============
+allow rustdesk_t abrt_dump_oops_t:dbus send_msg;
+allow rustdesk_t abrt_upload_watch_t:dbus send_msg;
+allow rustdesk_t adjtime_t:file { ioctl lock open read };
+allow rustdesk_t aiccu_t:dbus send_msg;
+allow rustdesk_t amanda_inetd_exec_t:file ioctl;
+allow rustdesk_t amanda_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t antivirus_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t apcupsd_power_t:file { ioctl lock open read };
+allow rustdesk_t auditd_etc_t:dir { add_name remove_name write };
+allow rustdesk_t auditd_etc_t:file { append create ioctl link lock open read rename setattr unlink watch watch_reads write };
+allow rustdesk_t autofs_device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t base_ro_file_type:file { execute execute_no_trans map };
+allow rustdesk_t binfmt_misc_fs_t:file { append ioctl lock open read write };
+allow rustdesk_t bitlbee_exec_t:file ioctl;
+allow rustdesk_t bitlbee_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t boltd_var_lib_t:dir { add_name create link mounton remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t boltd_var_lib_t:fifo_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t boltd_var_lib_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t boltd_var_lib_t:sock_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t boltd_var_run_t:dir mounton;
+allow rustdesk_t boolean_type:dir { getattr ioctl lock open read search };
+allow rustdesk_t boolean_type:file { append getattr ioctl lock open read write };
+allow rustdesk_t boothd_t:dbus send_msg;
+allow rustdesk_t bootloader_exec_t:file { execute ioctl map open read };
+allow rustdesk_t bootloader_t:process transition;
+allow rustdesk_t bpf_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t bpf_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t bpf_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t bugzilla_script_t:dbus send_msg;
+allow rustdesk_t certwatch_t:dbus send_msg;
+allow rustdesk_t cgroup_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t cgroup_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t cgroup_t:file { append create link rename setattr unlink watch_reads write };
+allow rustdesk_t cgroup_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t chkpwd_exec_t:file { execute ioctl map open read };
+allow rustdesk_t chkpwd_t:process transition;
+allow rustdesk_t chronyc_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t chronyd_exec_t:file ioctl;
+allow rustdesk_t chronyd_keys_t:file { ioctl lock open read };
+allow rustdesk_t chronyd_restricted_t:dbus send_msg;
+allow rustdesk_t chronyd_restricted_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t chronyd_restricted_t:process transition;
+allow rustdesk_t chroot_exec_t:file { execute execute_no_trans ioctl lock map open read };
+allow rustdesk_t cifs_helper_t:dbus send_msg;
+allow rustdesk_t cinder_domain:dbus send_msg;
+allow rustdesk_t cloudform_domain:dbus send_msg;
+allow rustdesk_t collectd_script_t:dbus send_msg;
+allow rustdesk_t comsat_exec_t:file { execute ioctl map open read };
+allow rustdesk_t comsat_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t comsat_t:process transition;
+allow rustdesk_t comsat_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t configfile:file { ioctl lock open read };
+allow rustdesk_t configfile:lnk_file read;
+allow rustdesk_t console_device_t:chr_file { read watch watch_reads };
+allow rustdesk_t consolekit_log_t:dir { add_name remove_name write };
+allow rustdesk_t consolekit_log_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t container_kvm_t:dbus send_msg;
+allow rustdesk_t container_runtime_domain:dbus send_msg;
+allow rustdesk_t container_runtime_tmpfs_t:file { ioctl lock open read };
+allow rustdesk_t container_runtime_tmpfs_t:lnk_file read;
+allow rustdesk_t container_var_lib_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t container_var_lib_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t container_var_lib_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t crack_t:dbus send_msg;
+allow rustdesk_t cups_brf_t:dbus send_msg;
+allow rustdesk_t cupsd_exec_t:file ioctl;
+allow rustdesk_t cupsd_lpd_exec_t:file ioctl;
+allow rustdesk_t cupsd_lpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t cupsd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t cvs_exec_t:file ioctl;
+allow rustdesk_t cvs_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t daemon:fifo_file { append getattr ioctl lock open write };
+allow rustdesk_t daemon:process siginh;
+allow rustdesk_t daemon:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t daemon:udp_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t daemon:unix_dgram_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t daemon:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t dbskkd_exec_t:file { execute ioctl map open read };
+allow rustdesk_t dbskkd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t dbskkd_t:process transition;
+allow rustdesk_t dbskkd_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t default_context_t:file { ioctl lock open read };
+allow rustdesk_t default_t:dir create;
+allow rustdesk_t devicekit_disk_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t devicekit_power_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t devicekit_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t device_node:blk_file { getattr mounton relabelfrom relabelto setattr };
+allow rustdesk_t device_node:chr_file { create getattr mounton relabelfrom relabelto setattr };
+allow rustdesk_t device_node:dir { getattr relabelfrom relabelto };
+allow rustdesk_t device_node:fifo_file { getattr relabelfrom relabelto };
+allow rustdesk_t device_node:file { create getattr mounton open relabelfrom relabelto };
+allow rustdesk_t device_node:lnk_file { getattr relabelfrom relabelto };
+allow rustdesk_t device_node:sock_file { getattr relabelfrom relabelto };
+allow rustdesk_t device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t device_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t device_t:file { append ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t device_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t devlog_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t devlog_t:sock_file { create ioctl link lock read rename setattr unlink };
+allow rustdesk_t devpts_t:chr_file { append ioctl lock read write };
+allow rustdesk_t devpts_t:dir create;
+allow rustdesk_t dhcpc_state_t:file { ioctl lock open read };
+allow rustdesk_t dhcp_state_t:file setattr;
+allow rustdesk_t direct_init_entry:file execute_no_trans;
+allow rustdesk_t dirsrvadmin_script_t:dbus send_msg;
+allow rustdesk_t domain:dir { getattr ioctl lock open read search };
+allow rustdesk_t domain:file { getattr ioctl lock open read };
+allow rustdesk_t domain:lnk_file { getattr read };
+allow rustdesk_t domain:process { getattr getpgid noatsecure rlimitinh setrlimit setsched sigchld sigkill signal signull sigstop };
+allow rustdesk_t dri_device_t:chr_file { append ioctl lock map open read write };
+allow rustdesk_t dspam_script_t:dbus send_msg;
+allow rustdesk_t efivarfs_t:file { ioctl lock open read setattr };
+allow rustdesk_t etc_aliases_t:dir { add_name remove_name write };
+allow rustdesk_t etc_aliases_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t etc_aliases_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t etc_runtime_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t etc_runtime_t:file { append create link rename setattr unlink watch_reads write };
+allow rustdesk_t etc_t:dir { add_name create link mounton remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t etc_t:dir { create link mounton rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t etc_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t faillog_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t faillog_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t faillog_t:file { create link open read rename setattr unlink watch_reads write };
+allow rustdesk_t fetchmail_t:dbus send_msg;
+allow rustdesk_t filesystem_type:dir { getattr ioctl lock open read search write };
+allow rustdesk_t filesystem_type:filesystem { getattr mount remount unmount };
+allow rustdesk_t file_type:blk_file { getattr relabelfrom relabelto };
+allow rustdesk_t file_type:chr_file { getattr relabelfrom relabelto };
+allow rustdesk_t file_type:dir { getattr ioctl lock open read relabelfrom relabelto search };
+allow rustdesk_t file_type:fifo_file { getattr relabelfrom relabelto };
+allow rustdesk_t file_type:file { getattr relabelfrom relabelto };
+allow rustdesk_t file_type:filesystem { getattr remount unmount };
+allow rustdesk_t file_type:lnk_file { getattr relabelfrom relabelto };
+allow rustdesk_t file_type:sock_file { getattr relabelfrom relabelto };
+allow rustdesk_t fingerd_exec_t:file ioctl;
+allow rustdesk_t fingerd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t fixed_disk_device_t:blk_file { append ioctl lock open read write };
+allow rustdesk_t fixed_disk_device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t fixed_disk_device_t:lnk_file read;
+allow rustdesk_t flatpak_helper_t:dbus send_msg;
+allow rustdesk_t fprintd_exec_t:file { ioctl lock };
+allow rustdesk_t fprintd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t fprintd_var_lib_t:dir { mounton setattr };
+allow rustdesk_t fsadm_t:dbus send_msg;
+allow rustdesk_t fsadm_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t ftpd_exec_t:file ioctl;
+allow rustdesk_t ftpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t fwupd_cache_t:dir { remove_name rmdir write };
+allow rustdesk_t fwupd_cache_t:file unlink;
+allow rustdesk_t fwupd_t:dbus send_msg;
+allow rustdesk_t gconfdefaultsm_t:dbus send_msg;
+allow rustdesk_t geoclue_t:dbus send_msg;
+allow rustdesk_t geoclue_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t getty_exec_t:file ioctl;
+allow rustdesk_t getty_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t gitd_exec_t:file ioctl;
+allow rustdesk_t git_system_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t gnome_home_type:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t gnome_home_type:file { append create ioctl link lock map open read rename setattr unlink watch_reads write };
+allow rustdesk_t gnome_home_type:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t gnome_home_type:sock_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t gnomesystemmm_t:dbus send_msg;
+allow rustdesk_t guest_t:dbus send_msg;
+allow rustdesk_t home_bin_t:file { execute execute_no_trans ioctl map open read };
+allow rustdesk_t home_root_t:lnk_file read;
+allow rustdesk_t hostname_etc_t:file unlink;
+allow rustdesk_t httpd_log_t:dir { add_name create setattr write };
+allow rustdesk_t httpd_tmp_t:file unlink;
+allow rustdesk_t httpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t hugetlbfs_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t hugetlbfs_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t ibacm_t:netlink_rdma_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t ibacm_var_run_t:fifo_file { append ioctl link lock read rename setattr write };
+allow rustdesk_t ibacm_var_run_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t ibacm_var_run_t:sock_file { ioctl link lock read rename };
+allow rustdesk_t inetd_child_exec_t:file ioctl;
+allow rustdesk_t inetd_child_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t initctl_t:fifo_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t init_exec_t:file { entrypoint execute execute_no_trans ioctl lock map open read };
+allow rustdesk_t initrc_state_t:dir { add_name remove_name write };
+allow rustdesk_t initrc_state_t:file { append create execute execute_no_trans ioctl link lock map open read rename setattr unlink watch_reads write };
+allow rustdesk_t initrc_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t initrc_t:process transition;
+allow rustdesk_t initrc_t:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t initrc_t:unix_dgram_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t initrc_t:unix_stream_socket { accept append bind connect connectto create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t initrc_var_run_t:file { append setattr write };
+allow rustdesk_t init_script_file_type:file { execute ioctl map open read };
+allow rustdesk_t init_script_file_type:service { disable enable reload start status stop };
+allow rustdesk_t init_t:association sendto;
+allow rustdesk_t init_t:bpf { map_create map_read map_write prog_load prog_run };
+allow rustdesk_t init_t:capability2 { audit_read block_suspend bpf checkpoint_restore epolwakeup perfmon syslog wake_alarm };
+allow rustdesk_t init_t:capability { audit_write audit_control sys_module chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_admin sys_boot sys_chroot sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config };
+allow rustdesk_t init_t:cap_userns { audit_control audit_write chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_admin sys_boot sys_chroot sys_module sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config };
+allow rustdesk_t init_t:dir watch;
+allow rustdesk_t init_t:fifo_file { create link rename setattr unlink append getattr ioctl lock open read write };
+allow rustdesk_t init_t:file { append mounton write };
+allow rustdesk_t init_t:key { create read setattr view write };
+allow rustdesk_t init_t:lnk_file { ioctl lock };
+allow rustdesk_t init_t:lockdown { confidentiality integrity };
+allow rustdesk_t init_tmp_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t init_tmp_t:file { create link map open rename setattr unlink watch_reads write };
+allow rustdesk_t init_tmp_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t init_tmp_t:sock_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t init_t:netlink_audit_socket { append bind connect create getattr getopt ioctl lock nlmsg_read nlmsg_relay nlmsg_tty_audit read setattr setopt shutdown write };
+allow rustdesk_t init_t:netlink_kobject_uevent_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t init_t:netlink_route_socket { append bind connect create getattr getopt ioctl lock nlmsg_read nlmsg_write read setattr setopt shutdown write };
+allow rustdesk_t init_t:netlink_selinux_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t init_t:packet_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t init_t:peer recv;
+allow rustdesk_t init_t:process { fork getcap getsched setcap setexec setfscreate setkeycreate setsockcreate };
+allow rustdesk_t init_t:sem { associate create destroy getattr read setattr unix_read unix_write write };
+allow rustdesk_t init_t:service { disable enable reload start status stop };
+allow rustdesk_t init_t:shm { associate create destroy getattr lock read setattr unix_read unix_write write };
+allow rustdesk_t init_t:system { disable enable halt ipc_info module_load module_request reboot reload start status stop syslog_console syslog_mod syslog_read undefined };
+allow rustdesk_t init_t:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t init_t:udp_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t init_t:unix_dgram_socket { append bind connect create getattr getopt ioctl lock read sendto setattr setopt shutdown write };
+allow rustdesk_t init_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read recvfrom sendto setattr setopt shutdown write };
+allow rustdesk_t init_t:user_namespace create;
+allow rustdesk_t init_var_lib_t:dir { add_name create link mounton remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t init_var_lib_t:dir { create link mounton rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t init_var_lib_t:file { append create ioctl link lock map open read rename setattr unlink watch_reads write };
+allow rustdesk_t init_var_lib_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t init_var_lib_t:sock_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t init_var_run_t:blk_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t init_var_run_t:chr_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t init_var_run_t:dir mounton;
+allow rustdesk_t init_var_run_t:fifo_file { append ioctl link lock read rename setattr write };
+allow rustdesk_t init_var_run_t:file { append create link mounton rename setattr watch_reads write };
+allow rustdesk_t init_var_run_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t init_var_run_t:sock_file { ioctl link lock read rename };
+allow rustdesk_t init_var_run_t:sock_file { ioctl link lock rename };
+allow rustdesk_t insights_client_t:fifo_file read;
+allow rustdesk_t install_exec_t:file { execute ioctl map open read };
+allow rustdesk_t install_t:dbus send_msg;
+allow rustdesk_t install_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t install_t:process transition;
+allow rustdesk_t install_t:unix_stream_socket { accept append bind connect connectto create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t ipsec_conf_file_t:file { ioctl lock open read };
+allow rustdesk_t ipsec_t:unix_stream_socket connectto;
+allow rustdesk_t ipsec_var_run_t:file { append create link rename setattr watch_reads write };
+allow rustdesk_t irqbalance_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t iscsi_var_lib_t:file { ioctl lock open read };
+allow rustdesk_t jockey_t:dbus send_msg;
+allow rustdesk_t journalctl_exec_t:file { execute execute_no_trans ioctl lock map open read };
+allow rustdesk_t kadmind_t:dbus send_msg;
+allow rustdesk_t kdump_crash_t:file { ioctl lock open read };
+allow rustdesk_t kdumpctl_t:dbus send_msg;
+allow rustdesk_t kdump_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t keepalived_unconfined_script_t:dbus send_msg;
+allow rustdesk_t kernel_t:dbus send_msg;
+allow rustdesk_t kernel_t:fd use;
+allow rustdesk_t kernel_t:fifo_file { append getattr ioctl lock read write };
+allow rustdesk_t kernel_t:system ipc_info;
+allow rustdesk_t kernel_t:unix_dgram_socket { getattr ioctl read write };
+allow rustdesk_t kernel_t:unix_stream_socket { append bind connect getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t kmod_exec_t:file ioctl;
+allow rustdesk_t kmod_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t kmscon_t:dbus send_msg;
+allow rustdesk_t kmsg_device_t:chr_file { append ioctl lock open write };
+allow rustdesk_t krb5_keytab_t:file { ioctl lock open read };
+allow rustdesk_t ktalkd_exec_t:file ioctl;
+allow rustdesk_t ktalkd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t l2tpd_t:dbus send_msg;
+allow rustdesk_t lastlog_t:file { append ioctl lock open read setattr write };
+allow rustdesk_t lastlog_t:file { open read setattr write };
+allow rustdesk_t ld_so_cache_t:file { append write };
+allow rustdesk_t lldpad_t:dbus send_msg;
+allow rustdesk_t loadkeys_t:dbus send_msg;
+allow rustdesk_t locale_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t locale_t:file { append create link rename setattr unlink watch_reads write };
+allow rustdesk_t locale_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t lockfile:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t lockfile:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t lockfile:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t login_userdomain:process2 nnp_transition;
+allow rustdesk_t login_userdomain:process transition;
+allow rustdesk_t lvm_control_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t lvm_etc_t:file map;
+allow rustdesk_t lvm_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t lvm_var_run_t:fifo_file { append ioctl lock read write };
+allow rustdesk_t machineid_t:file { append create link mounton rename setattr unlink watch_reads write };
+allow rustdesk_t mail_spool_t:lnk_file read;
+allow rustdesk_t mandb_t:dbus send_msg;
+allow rustdesk_t mdadm_t:unix_stream_socket connectto;
+allow rustdesk_t mdadm_var_run_t:file { append create link rename setattr watch_reads write };
+allow rustdesk_t memcached_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t memory_device_t:chr_file { ioctl lock map open read };
+allow rustdesk_t mnt_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t mnt_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t mnt_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t mnt_t:lnk_file read;
+allow rustdesk_t modemmanager_t:dbus send_msg;
+allow rustdesk_t modemmanager_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t modules_dep_t:file { ioctl lock map open read };
+allow rustdesk_t modules_object_t:dir mounton;
+allow rustdesk_t modules_object_t:file { ioctl lock map open read };
+allow rustdesk_t modules_object_t:lnk_file read;
+allow rustdesk_t mon_procd_t:dbus send_msg;
+allow rustdesk_t mountpoint:dir mounton;
+allow rustdesk_t mountpoint:file mounton;
+allow rustdesk_t mount_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t mount_var_run_t:file { append create link rename setattr watch_reads write };
+allow rustdesk_t mptcpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t munin_plugin_domain:dbus send_msg;
+allow rustdesk_t munin_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t mysqld_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t mythtv_script_t:dbus send_msg;
+allow rustdesk_t naemon_t:dbus send_msg;
+allow rustdesk_t nagios_plugin_domain:dbus send_msg;
+allow rustdesk_t nagios_system_plugin_t:dbus send_msg;
+allow rustdesk_t named_conf_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t named_conf_t:file { append create link rename setattr unlink watch_reads write };
+allow rustdesk_t named_zone_t:dir setattr;
+allow rustdesk_t net_conf_t:dir { add_name remove_name write };
+allow rustdesk_t net_conf_t:fifo_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t netlabel_mgmt_t:dbus send_msg;
+allow rustdesk_t networkmanager_dispatcher_plugin:dbus send_msg;
+allow rustdesk_t NetworkManager_dispatcher_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t NetworkManager_priv_helper_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t NetworkManager_t:unix_stream_socket connectto;
+allow rustdesk_t nfsd_fs_t:file { ioctl lock open read };
+allow rustdesk_t nfsidmap_t:dbus send_msg;
+allow rustdesk_t ninfod_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t non_security_file_type:dir create;
+allow rustdesk_t non_security_file_type:dir { mounton setattr write };
+allow rustdesk_t non_security_file_type:dir setattr;
+allow rustdesk_t non_security_file_type:dir watch;
+allow rustdesk_t non_security_file_type:file mounton;
+allow rustdesk_t non_security_file_type:file watch;
+allow rustdesk_t non_security_file_type:lnk_file watch;
+allow rustdesk_t nrpe_exec_t:file ioctl;
+allow rustdesk_t nrpe_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t nsfs_t:file { getattr ioctl lock open read };
+allow rustdesk_t nsswitch_domain:dbus send_msg;
+allow rustdesk_t openshift_cgroup_read_t:dbus send_msg;
+allow rustdesk_t openshift_net_read_t:dbus send_msg;
+allow rustdesk_t oracleasm_t:dbus send_msg;
+allow rustdesk_t passwd_file_t:file { append create link rename setattr unlink watch_reads write };
+allow rustdesk_t pcscd_t:unix_stream_socket connectto;
+allow rustdesk_t pdns_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t pegasus_openlmi_domain:dbus send_msg;
+allow rustdesk_t pidfile:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t pidfile:fifo_file { create open unlink };
+allow rustdesk_t pidfile:file { ioctl lock map open read unlink };
+allow rustdesk_t pidfile:lnk_file read;
+allow rustdesk_t pidfile:sock_file { append create open setattr unlink write };
+allow rustdesk_t pkcs_slotd_tmpfs_t:file unlink;
+allow rustdesk_t pkcs_slotd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t pkcs_slotd_t:shm destroy;
+allow rustdesk_t plymouthd_t:unix_stream_socket connectto;
+allow rustdesk_t plymouth_exec_t:file { execute execute_no_trans ioctl lock map open read };
+allow rustdesk_t policykit_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t port_type:tcp_socket name_bind;
+allow rustdesk_t port_type:udp_socket name_bind;
+allow rustdesk_t postfix_exec_t:file { execute execute_no_trans ioctl lock map open read };
+allow rustdesk_t print_spool_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t print_spool_t:fifo_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t print_spool_t:file { append create ioctl link lock map open read rename setattr unlink watch_reads write };
+allow rustdesk_t print_spool_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t proc_net_t:lnk_file { getattr read };
+allow rustdesk_t proc_security_t:file { append write };
+allow rustdesk_t proc_type:dir { getattr ioctl lock mounton open read search };
+allow rustdesk_t proc_type:file { getattr ioctl lock mounton open read };
+allow rustdesk_t ptchown_t:dbus send_msg;
+allow rustdesk_t ptynode:chr_file { append ioctl lock open read write };
+allow rustdesk_t qmail_tcp_env_exec_t:file { execute ioctl map open read };
+allow rustdesk_t qmail_tcp_env_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t qmail_tcp_env_t:process transition;
+allow rustdesk_t qmail_tcp_env_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t qpidd_t:dbus send_msg;
+allow rustdesk_t quota_exec_t:file { execute ioctl map open read };
+allow rustdesk_t quota_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t quota_t:process transition;
+allow rustdesk_t quota_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t radiusd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t random_device_t:chr_file { ioctl lock open read };
+allow rustdesk_t random_seed_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t rdisc_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t rhsmcertd_t:dbus send_msg;
+allow rustdesk_t rlogind_exec_t:file ioctl;
+allow rustdesk_t rlogind_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t root_t:dir write;
+allow rustdesk_t rpm_script_t:unix_stream_socket { append bind connect getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t rpm_var_cache_t:file { ioctl lock open read };
+allow rustdesk_t rpm_var_cache_t:lnk_file read;
+allow rustdesk_t rpm_var_lib_t:file { ioctl lock map open read };
+allow rustdesk_t rpm_var_lib_t:lnk_file read;
+allow rustdesk_t rshd_exec_t:file { execute ioctl map open read };
+allow rustdesk_t rshd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t rshd_t:process transition;
+allow rustdesk_t rshd_t:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t rshd_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t rsync_exec_t:file ioctl;
+allow rustdesk_t rsync_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t rustdesk_exec_t:file { entrypoint execute ioctl lock map open read };
+allow rustdesk_t rustdesk_t:association sendto;
+allow rustdesk_t rustdesk_t:bpf { map_create map_read map_write prog_load prog_run };
+allow rustdesk_t rustdesk_t:capability2 { audit_read block_suspend bpf checkpoint_restore epolwakeup perfmon syslog wake_alarm };
+allow rustdesk_t rustdesk_t:capability { audit_write chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_admin sys_boot sys_chroot sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config };
+allow rustdesk_t rustdesk_t:capability sys_module;
+allow rustdesk_t rustdesk_t:cap_userns { audit_control audit_write chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_admin sys_boot sys_chroot sys_module sys_nice sys_pacct sys_ptrace sys_rawio sys_resource sys_time sys_tty_config };
+allow rustdesk_t rustdesk_t:dbus send_msg;
+allow rustdesk_t rustdesk_t:dir watch;
+allow rustdesk_t rustdesk_t:fifo_file { create link rename setattr unlink };
+allow rustdesk_t rustdesk_t:fifo_file open;
+allow rustdesk_t rustdesk_t:file { append mounton write };
+allow rustdesk_t rustdesk_t:key { create read setattr view write };
+allow rustdesk_t rustdesk_t:lnk_file { ioctl lock };
+allow rustdesk_t rustdesk_t:lockdown { confidentiality integrity };
+allow rustdesk_t rustdesk_t:netlink_audit_socket { append bind connect create lock nlmsg_read nlmsg_relay nlmsg_tty_audit setattr shutdown };
+allow rustdesk_t rustdesk_t:netlink_kobject_uevent_socket { append bind connect create lock setattr shutdown };
+allow rustdesk_t rustdesk_t:netlink_route_socket { append bind connect create lock nlmsg_read nlmsg_write setattr shutdown };
+allow rustdesk_t rustdesk_t:netlink_selinux_socket { append bind connect create lock setattr shutdown };
+allow rustdesk_t rustdesk_t:packet_socket { append bind connect create lock setattr shutdown };
+allow rustdesk_t rustdesk_t:peer recv;
+allow rustdesk_t rustdesk_t:process { fork getcap getsched setcap setexec setfscreate setkeycreate setsockcreate };
+allow rustdesk_t rustdesk_t:sem { associate create destroy getattr read setattr unix_read unix_write write };
+allow rustdesk_t rustdesk_t:service { disable enable reload start status stop };
+allow rustdesk_t rustdesk_t:shm { associate create destroy getattr lock read setattr unix_read unix_write write };
+allow rustdesk_t rustdesk_t:system { disable enable halt ipc_info module_load module_request reboot reload start status stop syslog_console syslog_mod syslog_read undefined };
+allow rustdesk_t rustdesk_t:unix_stream_socket { connectto recvfrom };
+allow rustdesk_t rustdesk_t:user_namespace create;
+allow rustdesk_t sblim_domain:dbus send_msg;
+allow rustdesk_t security_t:file map;
+allow rustdesk_t security_t:security { check_context compute_av compute_create compute_relabel compute_user load_policy };
+allow rustdesk_t selinux_config_t:file { ioctl lock open read };
+allow rustdesk_t selinux_config_t:lnk_file read;
+allow rustdesk_t selinux_login_config_t:file { ioctl lock open read };
+allow rustdesk_t selinux_login_config_t:lnk_file read;
+allow rustdesk_t semanage_store_t:file { ioctl lock open read };
+allow rustdesk_t semanage_store_t:lnk_file read;
+allow rustdesk_t session_dbusd_tmp_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t shell_exec_t:file entrypoint;
+allow rustdesk_t smbcontrol_t:dbus send_msg;
+allow rustdesk_t smokeping_cgi_script_t:dbus send_msg;
+allow rustdesk_t spc_t:dbus send_msg;
+allow rustdesk_t speech_dispatcher_t:dbus send_msg;
+allow rustdesk_t spoolfile:sock_file { create open setattr unlink };
+allow rustdesk_t sshd_exec_t:file ioctl;
+allow rustdesk_t sshd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t ssh_keysign_t:dbus send_msg;
+allow rustdesk_t sslh_t:dbus send_msg;
+allow rustdesk_t sssd_var_lib_t:sock_file { create setattr unlink };
+allow rustdesk_t staff_t:fd use;
+allow rustdesk_t stratisd_data_t:lnk_file read;
+allow rustdesk_t stunnel_exec_t:file ioctl;
+allow rustdesk_t stunnel_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t sulogin_exec_t:file ioctl;
+allow rustdesk_t sulogin_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t svc_start_exec_t:file ioctl;
+allow rustdesk_t svc_start_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t svirt_file_type:chr_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t svirt_file_type:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t svirt_file_type:fifo_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t svirt_file_type:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t svirt_file_type:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t svirt_sandbox_domain:process transition;
+allow rustdesk_t svirt_sandbox_domain:unix_dgram_socket sendto;
+allow rustdesk_t svirt_tcg_t:dbus send_msg;
+allow rustdesk_t svirt_t:dbus send_msg;
+allow rustdesk_t swat_exec_t:file { execute ioctl map open read };
+allow rustdesk_t swat_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t swat_t:process transition;
+allow rustdesk_t swat_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t sysctl_kernel_t:file mounton;
+allow rustdesk_t sysctl_type:dir { getattr ioctl lock mounton open read search };
+allow rustdesk_t sysctl_type:file { append getattr ioctl lock open read setattr write };
+allow rustdesk_t sysfs_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t sysfs_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t sysfs_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t sysfs_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t syslogd_t:netlink_audit_socket { append bind connect create getattr getopt ioctl lock nlmsg_read nlmsg_write read setattr setopt shutdown write };
+allow rustdesk_t syslogd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_bootchart_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t system_dbusd_t:dbus acquire_svc;
+allow rustdesk_t system_dbusd_var_run_t:sock_file { read watch };
+allow rustdesk_t systemd_coredump_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_gpt_generator_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_home_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t systemd_home_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t systemd_home_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t systemd_hostnamed_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_hwdb_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_importd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_initctl_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_journal_upload_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_localed_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_logger_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_logger_t:unix_stream_socket connectto;
+allow rustdesk_t systemd_logind_inhibit_var_run_t:dir mounton;
+allow rustdesk_t systemd_logind_inhibit_var_run_t:fifo_file write;
+allow rustdesk_t systemd_logind_sessions_t:dir mounton;
+allow rustdesk_t systemd_logind_sessions_t:fifo_file write;
+allow rustdesk_t systemd_logind_t:fd use;
+allow rustdesk_t systemd_logind_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_logind_t:system status;
+allow rustdesk_t systemd_logind_var_run_t:dir mounton;
+allow rustdesk_t systemd_logind_var_run_t:file { append create link rename setattr watch_reads write };
+allow rustdesk_t systemd_machined_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_modules_load_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_mount_directory:dir { create mounton };
+allow rustdesk_t systemd_networkd_exec_t:file map;
+allow rustdesk_t systemd_networkd_t:netlink_route_socket { append bind connect create getattr getopt ioctl lock nlmsg_read nlmsg_write read setattr setopt shutdown write };
+allow rustdesk_t systemd_networkd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_network_generator_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_notify_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_passwd_agent_exec_t:file { execute ioctl lock map open read };
+allow rustdesk_t systemd_passwd_agent_exec_t:file { ioctl lock };
+allow rustdesk_t systemd_passwd_agent_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_passwd_var_run_t:fifo_file { append ioctl link lock read rename setattr write };
+allow rustdesk_t systemd_passwd_var_run_t:file { append create link rename setattr watch_reads write };
+allow rustdesk_t systemd_passwd_var_run_t:sock_file { ioctl link lock read rename };
+allow rustdesk_t systemd_private_tmp_type:dir { remove_name rmdir write };
+allow rustdesk_t systemd_private_tmp_type:fifo_file unlink;
+allow rustdesk_t systemd_private_tmp_type:file unlink;
+allow rustdesk_t systemd_private_tmp_type:lnk_file unlink;
+allow rustdesk_t systemd_private_tmp_type:sock_file unlink;
+allow rustdesk_t systemd_pstore_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_resolved_exec_t:file map;
+allow rustdesk_t systemd_resolved_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_rfkill_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_rfkill_var_lib_t:dir { add_name create link mounton remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t systemd_sleep_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_socket_proxyd_t:unix_stream_socket connectto;
+allow rustdesk_t systemd_sysctl_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_systemctl_exec_t:file { execute execute_no_trans ioctl lock map open read };
+allow rustdesk_t systemd_timedated_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_timedated_var_lib_t:dir { add_name create link mounton remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t systemd_timedated_var_lib_t:lnk_file read;
+allow rustdesk_t systemd_tmpfiles_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemd_unit_file_type:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t systemd_unit_file_type:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t systemd_unit_file_type:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t systemd_unit_file_type:service { disable enable reload start status stop };
+allow rustdesk_t systemd_userdbd_runtime_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t systemd_userdbd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t systemprocess:process { dyntransition siginh };
+allow rustdesk_t systemprocess:unix_dgram_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t systemprocess:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t tangd_db_t:file { ioctl lock open read };
+allow rustdesk_t tangd_t:dbus send_msg;
+allow rustdesk_t targetclid_t:dbus send_msg;
+allow rustdesk_t tcpd_exec_t:file { execute ioctl map open read };
+allow rustdesk_t tcpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t tcpd_t:process transition;
+allow rustdesk_t tcpd_t:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t tcpd_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t telnetd_exec_t:file ioctl;
+allow rustdesk_t telnetd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t tftpd_exec_t:file ioctl;
+allow rustdesk_t tftpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t thin_domain:dbus send_msg;
+allow rustdesk_t thumb_t:dbus send_msg;
+allow rustdesk_t timedatex_t:dbus send_msg;
+allow rustdesk_t tlp_t:dbus send_msg;
+allow rustdesk_t tmpfs_t:chr_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t tmpfs_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t tmpfs_t:file { append create execute execute_no_trans ioctl link lock map open read rename setattr unlink watch_reads write };
+allow rustdesk_t tmpfs_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t tmpfs_t:sock_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t tmpreaper_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t tmp_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t tmp_t:fifo_file unlink;
+allow rustdesk_t tmp_t:sock_file unlink;
+allow rustdesk_t tpm_device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t tty_device_t:chr_file { append ioctl lock open read watch watch_reads write };
+allow rustdesk_t ttynode:chr_file { append ioctl lock read write };
+allow rustdesk_t udev_rules_t:dir { add_name remove_name write };
+allow rustdesk_t udev_rules_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t udev_t:netlink_kobject_uevent_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t unconfined_service_t:fifo_file { append getattr ioctl lock open write };
+allow rustdesk_t unconfined_service_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t unconfined_service_t:process { siginh transition };
+allow rustdesk_t unconfined_service_t:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t unconfined_service_t:udp_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t unconfined_service_t:unix_dgram_socket { append bind connect create getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t unconfined_service_t:unix_stream_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t unlabeled_t:file { ioctl lock open read };
+allow rustdesk_t unlabeled_t:lnk_file read;
+allow rustdesk_t updpwd_exec_t:file { execute ioctl map open read };
+allow rustdesk_t updpwd_t:process transition;
+allow rustdesk_t urandom_device_t:chr_file { append write };
+allow rustdesk_t usbtty_device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t user_devpts_t:chr_file { watch watch_reads };
+allow rustdesk_t userdomain:fifo_file { append getattr ioctl lock read write };
+allow rustdesk_t userdomain:unix_stream_socket { append bind connect connectto getattr getopt ioctl lock read setattr setopt shutdown write };
+allow rustdesk_t userdomain:unix_stream_socket connectto;
+allow rustdesk_t user_home_dir_t:lnk_file read;
+allow rustdesk_t user_home_t:file unlink;
+allow rustdesk_t user_t:fd use;
+allow rustdesk_t user_tmp_t:dir { add_name create link remove_name rename reparent rmdir setattr unlink watch_reads write };
+allow rustdesk_t user_tmp_t:dir { create link rename reparent rmdir setattr unlink watch_reads };
+allow rustdesk_t user_tmp_t:sock_file { append create ioctl link lock open read rename setattr unlink write };
+allow rustdesk_t user_tty_device_t:chr_file { open watch watch_reads };
+allow rustdesk_t usr_t:dir { add_name remove_name write };
+allow rustdesk_t uucpd_exec_t:file ioctl;
+allow rustdesk_t uucpd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t uuidd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t uuidd_var_run_t:fifo_file { append ioctl link lock read rename setattr write };
+allow rustdesk_t uuidd_var_run_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t uuidd_var_run_t:sock_file { ioctl link lock read rename };
+allow rustdesk_t var_lib_nfs_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t var_lib_t:dir { add_name create remove_name setattr write };
+allow rustdesk_t var_lib_t:dir { create setattr };
+allow rustdesk_t var_lib_t:file { append create ioctl link lock open read rename setattr unlink watch_reads write };
+allow rustdesk_t var_lib_t:lnk_file { create read write };
+allow rustdesk_t var_log_t:dir { add_name create remove_name setattr write };
+allow rustdesk_t var_log_t:dir { create setattr };
+allow rustdesk_t var_log_t:file { append create ioctl link lock map open read rename setattr unlink watch_reads write };
+allow rustdesk_t var_log_t:file { create link map open read rename setattr unlink watch_reads write };
+allow rustdesk_t var_log_t:lnk_file { append create ioctl link lock read rename setattr unlink watch_reads write };
+allow rustdesk_t var_run_t:file { append execute execute_no_trans write };
+allow rustdesk_t var_run_t:lnk_file unlink;
+allow rustdesk_t var_spool_t:dir { add_name remove_name write };
+allow rustdesk_t var_t:dir { add_name create remove_name setattr write };
+allow rustdesk_t var_t:dir { create setattr };
+allow rustdesk_t var_t:lnk_file { append create ioctl link lock rename setattr unlink watch_reads write };
+allow rustdesk_t virsh_t:dbus send_msg;
+allow rustdesk_t virtd_t:unix_stream_socket connectto;
+allow rustdesk_t virt_etc_rw_t:file { ioctl lock open read };
+allow rustdesk_t virt_etc_rw_t:lnk_file read;
+allow rustdesk_t virtio_device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t vnstatd_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t watchdog_device_t:chr_file { append ioctl lock open write };
+allow rustdesk_t watchdog_t:dbus send_msg;
+allow rustdesk_t wireguard_t:dbus send_msg;
+allow rustdesk_t wireless_device_t:chr_file { append ioctl lock open read write };
+allow rustdesk_t wtmp_t:file { append ioctl lock open read write };
+allow rustdesk_t wtmp_t:file { open read write };
+allow rustdesk_t xdm_exec_t:file ioctl;
+allow rustdesk_t xdm_t:process2 { nnp_transition nosuid_transition };
+allow rustdesk_t xdm_var_lib_t:file { ioctl lock open read };
+allow rustdesk_t xdm_var_lib_t:lnk_file read;
+allow rustdesk_t xenconsoled_t:dbus send_msg;
+allow rustdesk_t xend_t:dbus send_msg;
+allow rustdesk_t xguest_t:dbus send_msg;
+allow rustdesk_t xserver_port_t:tcp_socket name_connect;
+allow rustdesk_t xserver_t:tcp_socket { accept append bind connect create getattr getopt ioctl listen lock read setattr setopt shutdown write };
+allow rustdesk_t xserver_t:unix_stream_socket connectto;
diff --git a/rustdesk_selinux/rustdesk_selinux.spec b/rustdesk_selinux/rustdesk_selinux.spec
index e3388d2..0c7f29b 100644
--- a/rustdesk_selinux/rustdesk_selinux.spec
+++ b/rustdesk_selinux/rustdesk_selinux.spec
@@ -7,7 +7,7 @@ restorecon -R /usr/lib/rustdesk/rustdesk; \
 %define selinux_policyver 40.29-2
 
 Name:   rustdesk_selinux
-Version:	1.0
+Version:	1.1
 Release:	1%{?dist}
 Summary:	SELinux policy module for RustDesk: https://rustdesk.com/docs/en/client/linux/selinux/