device/amlogic-o.git - Unnamed repository; edit this file 'description' to name the repository.

1 type vold_ext, domain;
2 type vold_ext_exec, exec_type, file_type;
3
4 init_daemon_domain(vold_ext)
5
6 allow vold_ext self:capability { setgid setuid };
7
8 allow vold_ext cpuctl_device:dir search;
9
10 allow vold_ext device:dir { open read };
11 allow vold_ext usb_device:dir { open read search };
12 allow vold_ext system_data_file:fifo_file { open read write };
13
14 allow vold_ext block_device:dir rw_dir_perms;
15 allow vold_ext fuseblk:filesystem mount;
16 allow vold_ext rootfs:dir mounton;
17 allow vold_ext self:capability { dac_override sys_admin };
18 allow vold_ext vold:fd use;
19 allow vold_ext vold:fifo_file { read write };
20 allow vold_ext vold:unix_stream_socket { read write };
21
22 allow vold_ext tmpfs:dir create_dir_perms;
23 allow vold_ext tmpfs:dir mounton;
24
25 allow vold_ext kernel:system module_request;
26 allow vold_ext mnt_media_rw_file:dir { r_dir_perms };
27 allow vold_ext mnt_media_rw_stub_file:dir { r_dir_perms mounton };
1	type vold_ext, domain;
2	type vold_ext_exec, exec_type, file_type;
3
4	init_daemon_domain(vold_ext)
5
6	allow vold_ext self:capability { setgid setuid };
7
8	allow vold_ext cpuctl_device:dir search;
9
10	allow vold_ext device:dir { open read };
11	allow vold_ext usb_device:dir { open read search };
12	allow vold_ext system_data_file:fifo_file { open read write };
13
14	allow vold_ext block_device:dir rw_dir_perms;
15	allow vold_ext fuseblk:filesystem mount;
16	allow vold_ext rootfs:dir mounton;
17	allow vold_ext self:capability { dac_override sys_admin };
18	allow vold_ext vold:fd use;
19	allow vold_ext vold:fifo_file { read write };
20	allow vold_ext vold:unix_stream_socket { read write };
21
22	allow vold_ext tmpfs:dir create_dir_perms;
23	allow vold_ext tmpfs:dir mounton;
24
25	allow vold_ext kernel:system module_request;
26	allow vold_ext mnt_media_rw_file:dir { r_dir_perms };
27	allow vold_ext mnt_media_rw_stub_file:dir { r_dir_perms mounton };