These rules allow a default user, role, type and/or range to be used when computing a context for a new object. These require policy version 27 or 28 with kernels 3.5 or greater. Allows the default user to be taken from the source or target context when computing a new context for the object class identifier. Requires policy version 27. Statement definition: Where: defaultuser The defaultuser keyword. class_id A single previously declared class or classmap identifier, or a list of previously declared class or classmap identifiers enclosed within parentheses. default A keyword of either source or target. Example: When creating new binder, property_service, zygote or memprotect objects the user component of the new security context will be taken from the source context: Allows the default role to be taken from the source or target context when computing a new context for the object class identifier. Requires policy version 27. Where: defaultrole The defaultrole keyword. class_id A single previously declared class or classmap identifier, or a list of previously declared class or classmap identifiers enclosed within parentheses. default A keyword of either source or target. Example: When creating new binder, property_service or zygote objects the role component of the new security context will be taken from the target context: Allows the default type to be taken from the source or target context when computing a new context for the object class identifier. Requires policy version 28. Statement definition: Where: defaulttype The defaulttype keyword. class_id A single previously declared class or classmap identifier, or a list of previously declared class or classmap identifiers enclosed within parentheses. default A keyword of either source or target. Example: When creating a new socket object, the type component of the new security context will be taken from the source context: Allows the default level or range to be taken from the source or target context when computing a new context for the object class identifier. Requires policy version 27. Statement definition: Where: defaultrange The defaultrange keyword. class_id A single previously declared class or classmap identifier, or a list of previously declared class or classmap identifiers enclosed within parentheses. default A keyword of either source or target. range A keyword of either low, high or low-high. Example: When creating a new file object, the appropriate range component of the new security context will be taken from the target context: