Home | History | Annotate | Download | only in sepolicy
      1 type init_foreground, domain;
      2 type init_foreground_exec, exec_type, file_type;
      3 
      4 init_daemon_domain(init_foreground)
      5 
      6 allow init_foreground proc:file getattr;
      7 allow init_foreground proc_iomem:file getattr;
      8 allow init_foreground proc_meminfo:file getattr;
      9 allow init_foreground proc_sysrq:file getattr;
     10 allow init_foreground shell_exec:file { getattr read };
     11 allow init_foreground toolbox_exec:file rx_file_perms;
     12 
     13 allow init_foreground domain:dir { getattr search };
     14 allow init_foreground domain:file { read open };
     15 
     16 allow init_foreground kernel:process setsched;
     17