Chapter 8. Ancillary Policy Statements
The most important SELinux policy statement typesrole-based
access control and type enforcement statementswere explained
in the two preceding chapters. However, a typical SELinux policy
contains several other statement types that the administrator of an
SELinux system may want to understand. This chapter explains these
statement types, including constraint declarations, context-related
declarations, and Flask-related declarations. Most administrators
will seldom need to refer to the material in this chapter, since
these statement types are primarily important to SELinux developers
rather than SELinux system administrators. However, occasionally a
policy modification will fail because it violates a policy
constraint. At these times, an understanding of policy constraint
declarations is helpful.