v811_spc009/external/selinux/libsepol/tests/policies/test-deps/module.conf

module my_module 1.0;

require { 
	bool secure_mode;
	type system_t, sysadm_t, file_t;
	attribute domain;
	role system_r;
	class file {read write};
	
}

type new_t, domain;
role system_r types new_t;

allow system_t file_t : file { read write };

if (secure_mode)
{
	allow sysadm_t file_t : file { read write };
}