1 unix_socket_connect(mediaserver, thermal, thermal-engine) 2 allow mediaserver thermal_socket:sock_file w_file_perms; 3 4 allow mediaserver camera:unix_dgram_socket sendto; 5 allow mediaserver camera_data_file:sock_file write; 6 7 # allow communication w/perfd 8 allow mediaserver perfd_data_file:dir search; 9 allow mediaserver perfd_data_file:sock_file write; 10 allow mediaserver perfd:unix_dgram_socket sendto; 11 allow mediaserver perfd:unix_stream_socket connectto; 12 13 # needed for widevine classic 14 allow mediaserver tee_device:chr_file { ioctl open read write }; 15
