1 # CAN service 2 type can, domain; 3 type can_exec, exec_type, file_type; 4 5 # Started by init 6 init_daemon_domain(can) 7 8 allow can self:capability net_admin; 9 10 allow can self:netlink_route_socket nlmsg_write; 11 12 allow can shell_exec:file r_file_perms; 13 14 # Allow execution of /system/bin/ip. 15 allow can system_file:file rx_file_perms; 16 17 # Allow can operations 18 allow can self:capability { net_raw }; 19
