#
#=DESCRIPTION validate audit allow w/capabilities in hats.
#=EXRESULT PASS
# vim:syntax=apparmor
# Last Modified: Sun Apr 17 19:44:44 2005
#

/does/not/exist2 {
  ^chown {
    audit allow capability chown,
  }
  ^dac_override {
    audit allow capability dac_override,
  }
  ^dac_read_search {
    audit allow capability dac_read_search,
  }
  ^fowner {
    audit allow capability fowner,
  }
  ^fsetid {
    audit allow capability fsetid,
  }
  ^kill {
    audit allow capability kill,
  }
  ^setgid {
    audit allow capability setgid,
  }
  ^setuid {
    audit allow capability setuid,
  }
  ^setpcap {
    audit allow capability setpcap,
  }
  ^linux_immutable {
    audit allow capability linux_immutable,
  }
  ^net_bind_service {
    audit allow capability net_bind_service,
  }
  ^net_broadcast {
    audit allow capability net_broadcast,
  }
  ^net_admin {
    audit allow capability net_admin,
  }
  ^net_raw {
    audit allow capability net_raw,
  }
  ^ipc_lock {
    audit allow capability ipc_lock,
  }
  ^ipc_owner {
    audit allow capability ipc_owner,
  }
  ^sys_module {
    audit allow capability sys_module,
  }
  ^sys_rawio {
    audit allow capability sys_rawio,
  }
  ^sys_chroot {
    audit allow capability sys_chroot,
  }
  ^sys_ptrace {
    audit allow capability sys_ptrace,
  }
  ^sys_pacct {
    audit allow capability sys_pacct,
  }
  ^sys_admin {
    audit allow capability sys_admin,
  }
  ^sys_boot {
    audit allow capability sys_boot,
  }
  ^sys_nice {
    audit allow capability sys_nice,
  }
  ^sys_resource {
    audit allow capability sys_resource,
  }
  ^sys_time {
    audit allow capability sys_time,
  }
  ^sys_tty_config {
    audit allow capability sys_tty_config,
  }
  ^mknod {
    audit allow capability mknod,
  }
  ^lease {
    audit allow capability lease,
  }
  ^audit_write {
    audit allow capability audit_write,
  }
  ^audit_control {
    audit allow capability audit_control,
  }
}