sepolicy/sysinit.te - platform_vendor_bliss - Gitiles

 type sysinit, domain;
 type sysinit_exec, exec_type, file_type;

 init_daemon_domain(sysinit)

 #============= sysinit ==============
 allow sysinit devpts:chr_file { rw_file_perms };
 allow sysinit shell_exec:file { rx_file_perms };
 allow sysinit system_file:file { rx_file_perms };
 allow sysinit system_file:dir { r_dir_perms };
 allow sysinit toolbox_exec:file { rx_file_perms };
 allow sysinit self:process setcurrent;

 userdebug_or_eng(`
     allow sysinit userinit_data_exec:file { r_file_perms relabelto };
     allow sysinit property_socket:sock_file write;
     allow sysinit init:unix_stream_socket connectto;
     allow sysinit userinit_prop:property_service set;
     allow sysinit sysfs:file rw_file_perms;
     allow sysinit sysfs_devices_system_cpu:file write;
     allow sysinit self:capability dac_override;
     allow sysinit userinit_exec:file { rx_file_perms };
 ')
	type sysinit, domain;
	type sysinit_exec, exec_type, file_type;

	init_daemon_domain(sysinit)

	#============= sysinit ==============
	allow sysinit devpts:chr_file { rw_file_perms };
	allow sysinit shell_exec:file { rx_file_perms };
	allow sysinit system_file:file { rx_file_perms };
	allow sysinit system_file:dir { r_dir_perms };
	allow sysinit toolbox_exec:file { rx_file_perms };
	allow sysinit self:process setcurrent;

	userdebug_or_eng(`
	allow sysinit userinit_data_exec:file { r_file_perms relabelto };
	allow sysinit property_socket:sock_file write;
	allow sysinit init:unix_stream_socket connectto;
	allow sysinit userinit_prop:property_service set;
	allow sysinit sysfs:file rw_file_perms;
	allow sysinit sysfs_devices_system_cpu:file write;
	allow sysinit self:capability dac_override;
	allow sysinit userinit_exec:file { rx_file_perms };
	')