View file File name : base_container.cil Content :(block container (type process) (type socket) (roletype system_r process) (typeattributeset domain (process )) (typeattributeset container_domain (process )) (typeattributeset svirt_sandbox_domain (process )) (typeattributeset mcs_constrained_type (process )) (typeattributeset file_type (socket )) (allow process socket (sock_file (create open getattr setattr read write rename link unlink ioctl lock append))) (allow process proc_type (file (getattr open read))) (allow process cpu_online_t (file (getattr open read))) (allow container_runtime_t process (key (create link read search setattr view write))) )