1 type time, domain; 2 type time_exec, exec_type, file_type; 3 4 # Started by init 5 init_daemon_domain(time) 6 7 allow time shared_log_device:chr_file rw_file_perms; 8 allow time alarm_device:chr_file rw_file_perms; 9 10 # Is r_file_perms sufficient for /dev/rtc0 ? 11 allow time rtc:chr_file r_file_perms; 12 13 allow time time_data_file:dir rw_dir_perms; 14 allow time time_data_file:file create_file_perms; 15 16 allow time self:socket *; 17 allow time self:capability { setuid setgid }; 18
