| myfluxi | 12daaee | 2014-11-22 19:33:26 +0100 | [diff] [blame] | 1 | type sysinit, domain; |
| 2 | type sysinit_exec, exec_type, file_type; |
| 3 | |
| 4 | init_daemon_domain(sysinit) |
| 5 | |
| 6 | #============= sysinit ============== |
| 7 | allow sysinit devpts:chr_file { rw_file_perms }; |
| 8 | allow sysinit shell_exec:file { rx_file_perms }; |
| 9 | allow sysinit system_file:file { rx_file_perms }; |
| Steve Kondik | 0525ff2 | 2016-09-20 02:41:26 -0700 | [diff] [blame] | 10 | allow sysinit system_file:dir { r_dir_perms }; |
| 11 | allow sysinit toolbox_exec:file { rx_file_perms }; |
| myfluxi | 12daaee | 2014-11-22 19:33:26 +0100 | [diff] [blame] | 12 | allow sysinit self:process setcurrent; |
| 13 | |
| Emerson Pinter | dc699fb | 2015-02-12 19:20:19 -0200 | [diff] [blame] | 14 | userdebug_or_eng(` |
| 15 | allow sysinit userinit_data_exec:file { r_file_perms relabelto }; |
| 16 | allow sysinit property_socket:sock_file write; |
| 17 | allow sysinit init:unix_stream_socket connectto; |
| 18 | allow sysinit userinit_prop:property_service set; |
| 19 | allow sysinit sysfs:file rw_file_perms; |
| 20 | allow sysinit sysfs_devices_system_cpu:file write; |
| 21 | allow sysinit self:capability dac_override; |
| 22 | allow sysinit userinit_exec:file { rx_file_perms }; |
| 23 | ') |