| type fp_misc_setup, domain, coredomain; |
| type fp_misc_setup_exec, exec_type, file_type; |
| |
| # Allow for transition from init domain to fp_misc_setup |
| init_daemon_domain(fp_misc_setup) |
| |
| # Allow executing a shell script |
| allow fp_misc_setup shell_exec:file { rx_file_perms entrypoint }; |
| allow fp_misc_setup toolbox_exec:file { rx_file_perms }; |
| |
| # Allow executing init.fp.* init scrips |
| allow fp_misc_setup system_file:file execute_no_trans; |
| |
| # Allow fp_misc_setup to set up files in /data/misc/fairphone |
| allow fp_misc_setup fp_misc_settings_file:dir w_dir_perms; |
| allow fp_misc_setup fp_misc_settings_file:file create_file_perms; |