device/amlogic-o.git - Unnamed repository; edit this file 'description' to name the repository.

1 #allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms };
2 #allow system_app subtitle_service:service_manager add;
3 #
4 ##added for atv remote
5 #allow system_app uhid_device:dir r_dir_perms;
6 #
7 #allow system_app dhcp_data_file:file { r_file_perms };
8 #allow system_app ppp_data_file:dir { create_dir_perms };
9 #allow system_app ppp_data_file:file { create_file_perms };
10 #allow system_app ppp_data_file:sock_file { create_file_perms };
11 #allow system_app pppoe_wrapper_socket:sock_file { write setattr };
12 #allow system_app pppoe_wrapper_socket:file { getattr write open };
13 #allow system_app pppoe_wrapper:unix_dgram_socket sendto;
14 #allow system_app dhcp_data_file:dir { r_dir_perms };
15 #allow system_app dhcp_data_file:fifo_file { r_file_perms };
16 #
17 #allow system_app vold:unix_stream_socket connectto;
18 #allow system_app pppoe_service:service_manager add;
19 #allow system_app dig_socket:sock_file write;
20 #
21 #allow system_app iso9660:dir { search read open };
22 #allow system_app unlabeled:dir { search read write getattr };
23 #allow system_app unlabeled:file { lock open read write getattr };
24 #
25 ## /cache_file for dvb app creat update.zip file at /cache  dir
26 #allow system_app cache_file:dir {create_dir_perms create_file_perms rw_file_perms};
27 #allow system_app cache_file:file {create_file_perms rw_file_perms};
28 #
29 #allow system_app log_file:dir { search read open getattr };
30 #allow system_app log_file:file { read open getattr };
31 #allow system_app tombstone_data_file:dir r_dir_perms;
32 #allow system_app tombstone_data_file:file r_file_perms;
33 #
34 #allow system_app shell_data_file:dir search;
35 #allow system_app graphics_device:dir search;
36 #allow system_app sysfs_xbmc:file {open read write};
37 #allow system_app media_prop:property_service set;
38 #allow system_app system_app:process setfscreate;
39 #allow system_app socket_device:sock_file setattr;
40 #allow system_app pppoe_wrapper_socket:sock_file create;
41 #allow system_app pppoe_wrapper_socket:sock_file unlink;
42 #allow system_app pppoe_wrapper_socket:file create;
43 #allow system_app cache_recovery_file:dir { search read open write add_name remove_name};
44 #allow system_app cache_recovery_file:file { create rw_file_perms unlink};
45
46 #allow system_app update_engine:binder {call transfer};
47 #
48 #allow system_app tv_prop:file {open read getattr};
49 #allow system_app tv_prop:property_service {set};
50
51 allow system_app rootfs:dir { getattr };
52
53 allow system_app vendor_file:file { read open getattr execute };
54
55 allow system_app system_app:netlink_kobject_uevent_socket { create };
56
57 allow system_app update_data_file:dir { getattr search read write open add_name remove_name };
58 allow system_app update_data_file:file { getattr write read create open unlink };
59
60 allow system_app { pppoe_service subtitle_service }:service_manager { add };
61
62 allow system_app system_app:netlink_kobject_uevent_socket { create setopt bind read getopt };
63
64 #allow system_app socket_device:sock_file { write };
65
66 allow system_app exfat:dir create_dir_perms;
67 allow system_app exfat:file create_file_perms;
68
69 allow system_app ntfs:dir create_dir_perms;
70 allow system_app ntfs:file create_file_perms;
71
72 allow system_app mnt_media_rw_file:dir r_dir_perms;
73 allow system_app { systemcontrol_hwservice hdmicecd_hwservice }:hwservice_manager { find };
74
75 allow system_app { system_control hdmicecd }:binder { call transfer };
76
77 allow system_app droidvold_hwservice:hwservice_manager { find };
78 allow system_app droidvold:binder { call transfer };
79
80 allow system_app droidmount_service:service_manager { add };
81
1	#allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms };
2	#allow system_app subtitle_service:service_manager add;
3	#
4	##added for atv remote
5	#allow system_app uhid_device:dir r_dir_perms;
6	#
7	#allow system_app dhcp_data_file:file { r_file_perms };
8	#allow system_app ppp_data_file:dir { create_dir_perms };
9	#allow system_app ppp_data_file:file { create_file_perms };
10	#allow system_app ppp_data_file:sock_file { create_file_perms };
11	#allow system_app pppoe_wrapper_socket:sock_file { write setattr };
12	#allow system_app pppoe_wrapper_socket:file { getattr write open };
13	#allow system_app pppoe_wrapper:unix_dgram_socket sendto;
14	#allow system_app dhcp_data_file:dir { r_dir_perms };
15	#allow system_app dhcp_data_file:fifo_file { r_file_perms };
16	#
17	#allow system_app vold:unix_stream_socket connectto;
18	#allow system_app pppoe_service:service_manager add;
19	#allow system_app dig_socket:sock_file write;
20	#
21	#allow system_app iso9660:dir { search read open };
22	#allow system_app unlabeled:dir { search read write getattr };
23	#allow system_app unlabeled:file { lock open read write getattr };
24	#
25	## /cache_file for dvb app creat update.zip file at /cache dir
26	#allow system_app cache_file:dir {create_dir_perms create_file_perms rw_file_perms};
27	#allow system_app cache_file:file {create_file_perms rw_file_perms};
28	#
29	#allow system_app log_file:dir { search read open getattr };
30	#allow system_app log_file:file { read open getattr };
31	#allow system_app tombstone_data_file:dir r_dir_perms;
32	#allow system_app tombstone_data_file:file r_file_perms;
33	#
34	#allow system_app shell_data_file:dir search;
35	#allow system_app graphics_device:dir search;
36	#allow system_app sysfs_xbmc:file {open read write};
37	#allow system_app media_prop:property_service set;
38	#allow system_app system_app:process setfscreate;
39	#allow system_app socket_device:sock_file setattr;
40	#allow system_app pppoe_wrapper_socket:sock_file create;
41	#allow system_app pppoe_wrapper_socket:sock_file unlink;
42	#allow system_app pppoe_wrapper_socket:file create;
43	#allow system_app cache_recovery_file:dir { search read open write add_name remove_name};
44	#allow system_app cache_recovery_file:file { create rw_file_perms unlink};
45
46	#allow system_app update_engine:binder {call transfer};
47	#
48	#allow system_app tv_prop:file {open read getattr};
49	#allow system_app tv_prop:property_service {set};
50
51	allow system_app rootfs:dir { getattr };
52
53	allow system_app vendor_file:file { read open getattr execute };
54
55	allow system_app system_app:netlink_kobject_uevent_socket { create };
56
57	allow system_app update_data_file:dir { getattr search read write open add_name remove_name };
58	allow system_app update_data_file:file { getattr write read create open unlink };
59
60	allow system_app { pppoe_service subtitle_service }:service_manager { add };
61
62	allow system_app system_app:netlink_kobject_uevent_socket { create setopt bind read getopt };
63
64	#allow system_app socket_device:sock_file { write };
65
66	allow system_app exfat:dir create_dir_perms;
67	allow system_app exfat:file create_file_perms;
68
69	allow system_app ntfs:dir create_dir_perms;
70	allow system_app ntfs:file create_file_perms;
71
72	allow system_app mnt_media_rw_file:dir r_dir_perms;
73	allow system_app { systemcontrol_hwservice hdmicecd_hwservice }:hwservice_manager { find };
74
75	allow system_app { system_control hdmicecd }:binder { call transfer };
76
77	allow system_app droidvold_hwservice:hwservice_manager { find };
78	allow system_app droidvold:binder { call transfer };
79
80	allow system_app droidmount_service:service_manager { add };
81