blob: 1ffe0b08e997dd27ddd69c17068fccc4e4bf7cad
1 | #allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms }; |
2 | #allow system_app subtitle_service:service_manager add; |
3 | # |
4 | ##added for atv remote |
5 | #allow system_app uhid_device:dir r_dir_perms; |
6 | # |
7 | #allow system_app dhcp_data_file:file { r_file_perms }; |
8 | #allow system_app ppp_data_file:dir { create_dir_perms }; |
9 | #allow system_app ppp_data_file:file { create_file_perms }; |
10 | #allow system_app ppp_data_file:sock_file { create_file_perms }; |
11 | #allow system_app pppoe_wrapper_socket:sock_file { write setattr }; |
12 | #allow system_app pppoe_wrapper_socket:file { getattr write open }; |
13 | #allow system_app pppoe_wrapper:unix_dgram_socket sendto; |
14 | #allow system_app dhcp_data_file:dir { r_dir_perms }; |
15 | #allow system_app dhcp_data_file:fifo_file { r_file_perms }; |
16 | # |
17 | #allow system_app vold:unix_stream_socket connectto; |
18 | #allow system_app pppoe_service:service_manager add; |
19 | #allow system_app dig_socket:sock_file write; |
20 | # |
21 | #allow system_app iso9660:dir { search read open }; |
22 | #allow system_app unlabeled:dir { search read write getattr }; |
23 | #allow system_app unlabeled:file { lock open read write getattr }; |
24 | # |
25 | ## /cache_file for dvb app creat update.zip file at /cache dir |
26 | #allow system_app cache_file:dir {create_dir_perms create_file_perms rw_file_perms}; |
27 | #allow system_app cache_file:file {create_file_perms rw_file_perms}; |
28 | # |
29 | #allow system_app log_file:dir { search read open getattr }; |
30 | #allow system_app log_file:file { read open getattr }; |
31 | #allow system_app tombstone_data_file:dir r_dir_perms; |
32 | #allow system_app tombstone_data_file:file r_file_perms; |
33 | # |
34 | #allow system_app shell_data_file:dir search; |
35 | #allow system_app graphics_device:dir search; |
36 | #allow system_app sysfs_xbmc:file {open read write}; |
37 | #allow system_app media_prop:property_service set; |
38 | #allow system_app system_app:process setfscreate; |
39 | #allow system_app socket_device:sock_file setattr; |
40 | #allow system_app pppoe_wrapper_socket:sock_file create; |
41 | #allow system_app pppoe_wrapper_socket:sock_file unlink; |
42 | #allow system_app pppoe_wrapper_socket:file create; |
43 | #allow system_app cache_recovery_file:dir { search read open write add_name remove_name}; |
44 | #allow system_app cache_recovery_file:file { create rw_file_perms unlink}; |
45 | |
46 | #allow system_app update_engine:binder {call transfer}; |
47 | # |
48 | #allow system_app tv_prop:file {open read getattr}; |
49 | #allow system_app tv_prop:property_service {set}; |
50 | |
51 | allow system_app rootfs:dir { getattr }; |
52 | |
53 | allow system_app vendor_file:file { read open getattr execute }; |
54 | |
55 | allow system_app system_app:netlink_kobject_uevent_socket { create }; |
56 | |
57 | allow system_app update_data_file:dir { getattr search read write open add_name remove_name }; |
58 | allow system_app update_data_file:file { getattr write read create open unlink }; |
59 | |
60 | allow system_app { pppoe_service subtitle_service }:service_manager { add }; |
61 | |
62 | allow system_app system_app:netlink_kobject_uevent_socket { create setopt bind read getopt }; |
63 | |
64 | #allow system_app socket_device:sock_file { write }; |
65 | |
66 | allow system_app exfat:dir create_dir_perms; |
67 | allow system_app exfat:file create_file_perms; |
68 | |
69 | allow system_app ntfs:dir create_dir_perms; |
70 | allow system_app ntfs:file create_file_perms; |
71 | |
72 | allow system_app mnt_media_rw_file:dir r_dir_perms; |
73 | allow system_app { systemcontrol_hwservice hdmicecd_hwservice }:hwservice_manager { find }; |
74 | |
75 | allow system_app { system_control hdmicecd }:binder { call transfer }; |
76 | |
77 | allow system_app droidvold_hwservice:hwservice_manager { find }; |
78 | allow system_app droidvold:binder { call transfer }; |
79 | |
80 | allow system_app droidmount_service:service_manager { add }; |
81 |