Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / sepolicy / 1c73a5cd9259f7ccc01d5a31a319ed24cc565ee8 / . / hostapd.te
blob: a5ed62a5b8c879b3ada7e1da024e1fdd2dec67b2 [file] [log] [blame]
Stephen Smalley945fb562013-10-29 14:42:36 -0400[diff] [blame]1# userspace wifi access points
Nick Kralevichdbd28d92013-06-27 15:11:02 -0700[diff] [blame]2type hostapd, domain;
Nick Kralevich623975f2014-01-11 01:31:03 -0800[diff] [blame]3permissive_or_unconfined(hostapd)
Nick Kralevichdbd28d92013-06-27 15:11:02 -0700[diff] [blame]4type hostapd_exec, exec_type, file_type;
5
Stephen Smalley945fb562013-10-29 14:42:36 -0400[diff] [blame]6allow hostapd self:capability { net_admin net_raw setuid setgid };
7allow hostapd self:netlink_socket create_socket_perms;
8allow hostapd self:packet_socket { create write read };
9allow hostapd self:netlink_route_socket { bind create write nlmsg_write read };
10allow hostapd self:udp_socket { create ioctl };
11
12allow hostapd wifi_data_file:file rw_file_perms;
13allow hostapd wifi_data_file:dir create_dir_perms;
Stephen Smalleyf2067372014-02-11 10:44:21 -0500[diff] [blame]14allow hostapd wpa_socket:dir create_dir_perms;
15allow hostapd wpa_socket:sock_file create_file_perms;
Stephen Smalley945fb562013-10-29 14:42:36 -0400[diff] [blame]16allow hostapd netd:fd use;
17allow hostapd netd:udp_socket { read write };
18allow hostapd netd:netlink_kobject_uevent_socket { read write };
19allow hostapd netd:netlink_nflog_socket { read write };
20allow hostapd netd:netlink_route_socket { read write };
21allow hostapd netd:unix_stream_socket { read write };
22allow hostapd netd:fifo_file { read write };