1 # touch_fusion 2 type touch_fusion, domain, domain_deprecated; 3 type touch_fusion_exec, exec_type, file_type; 4 5 # Why net_admin? 6 allow touch_fusion self:capability { net_admin sys_nice }; 7 8 allow touch_fusion graphics_device:dir r_dir_perms; 9 allow touch_fusion graphics_device:chr_file r_file_perms; 10 allow touch_fusion kmsg_device:chr_file { w_file_perms getattr }; 11 allow touch_fusion self:netlink_socket create_socket_perms; 12
