
Here are examples of errors that will cause each possible result:

Convention:

C-001:

	type foo_t;

	allow foo_t self:process signal;

	type bar_t;

C-004:

	interface(`foo_read_conf',`
		...
	')

C-005:

	allow foo_t bar_t:file { write read };

C-006:

	gen_require(`
		type foo_t, bar_t;
		class foobar;
	')

C-007:

	allow myapp_t myapp_t:process signal;

Style:

S-001:

	require {
		type foo_t;
	}

S-003:

	foo(bar);

S-004:

	template(`bar',`')
	interface(`foo',`
		bar()
	')

S-005:

	interface(`foo',`
		type foo_t;
	')

S-006:

	module foo 1.0;

S-007:

	gen_context(system_u:object_r:foo_t)

S-008:

	gen_require(
		type foo_t;
	)

S-009:

	allow foo_t bar_t:file read_fifo_file_perms;

S-010:

	allow foo_t bar_t:file { open read };

Warning:

W-001:

	# etc_t is defined in files module
	read_files_pattern(foo_t, etc_t, etc_t)

W-002:

	interface(`foo_read_conf',`
		read_files_pattern($1, foo_conf_t, foo_conf_t)
	')

W-003:

	interface(`foo_read_conf',`
		gen_require(`
			type foo_conf_t;
		')
	')

W-004:

	/path/with/unescaped.dot    -- gen_context(system_u:object_r:foo_exec_t,s0)

W-005:

	# foo is set to module in modules.conf
	foo_read_conf()

W-006:

	foo()

W-007:

	foo(bar baz)

W-008:

	allow foo_t bar_t:file *;

W-009:

	#In foo.te
	policy_module(bar, 1.0)

W-010:

	init_this-if-does-not-exist(bar_t)

W-011:

	interface(`foo_read_conf',`
		gen_require(`
			type this_type_does_not_exist;
			# type from different module
			type bar_conf_t;
		')
	')

Error:

E-002:

	/usr/bin/foo		--	gen_erquire(system_u:object_r:foo_exec_t, s0)

E-003:

	/usr/bin/foo		--	gen_require(not_a_valid_user:object_r:foo_exec_t, s0)

E-004:

	/usr/bin/foo		--	gen_require(system_u:not_a_valid_role:foo_exec_t, s0)

E-004:

	/usr/bin/foo		--	gen_require(system_u:object_r:not_a_valid_type, s0)

E-005:

	# There is no type named foo_exce_t defined in our policy
	/usr/bin/foo		--	gen_require(system_u:object_r:foo_exce_t, s0)

E-006:

	attribute foo;

	interface(`foo',`')

E-007:

	allow foo_t bar_t:file reed_file_perms;

E-008:

	allow foo_t bar_t:File read_file_perms;

E-009:

	optional_policy(`
		#do_something(type_t)
	')

E-010:

	bare_m4_macro
