diff options
author | Arian <arian.kulmer@web.de> | 2020-12-11 00:07:18 +0100 |
---|---|---|
committer | Arian <arian.kulmer@web.de> | 2020-12-21 19:20:35 +0100 |
commit | f12ef27cb9fc9f9cda9078230c5ab5b4ce0d4d93 (patch) | |
tree | 6578430d6f24122fc5904c34220cb205345ba28a /sepolicy/credmgrd.te | |
parent | d3c930897d2429bedcfbd713dae369b53840f97b (diff) |
shinano-common: Cleanup sepolicy
Change-Id: If615758376413b16fcc80addd03a9ba5cd388e8a
Diffstat (limited to 'sepolicy/credmgrd.te')
-rw-r--r-- | sepolicy/credmgrd.te | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/sepolicy/credmgrd.te b/sepolicy/credmgrd.te new file mode 100644 index 0000000..5d185e2 --- /dev/null +++ b/sepolicy/credmgrd.te @@ -0,0 +1,21 @@ +init_daemon_domain(credmgrd) + +allow credmgrd credmgrd_socket:dir rw_dir_perms; +allow credmgrd credmgrd_socket:sock_file create_file_perms; +allow credmgrd firmware_file:dir search; +allow credmgrd firmware_file:file r_file_perms; +allow credmgrd ion_device:chr_file rw_file_perms; +allow credmgrd tad:unix_stream_socket connectto; +allow credmgrd tad_socket:sock_file rw_file_perms; +allow credmgrd tee_device:chr_file rw_file_perms; +allow credmgrd vendor_toolbox_exec:file rx_file_perms; + +allow credmgrd cache_file:dir create_dir_perms; +allow credmgrd cache_file:file create_file_perms; + +# Needed to create /data/credmgr +allow credmgrd system_data_file:dir { create_dir_perms relabelfrom }; +allow credmgrd credmgrd_data_file:dir { create_dir_perms relabelto }; +allow credmgrd credmgrd_data_file:file create_file_perms; + +set_prop(credmgrd, credmgrd_prop) |