| Stephen Smalley | 2dd4e51 | 2012-01-04 12:33:27 -0500 | [diff] [blame] | 1 | type keystore, domain; |
| 2 | type keystore_exec, exec_type, file_type; |
| 3 | |
| 4 | # keystore daemon |
| 5 | init_daemon_domain(keystore) |
| Stephen Smalley | cdd83f4 | 2013-10-29 14:42:37 -0400 | [diff] [blame] | 6 | typeattribute keystore mlstrustedsubject; |
| 7 | binder_use(keystore) |
| 8 | binder_service(keystore) |
| 9 | allow keystore keystore_data_file:dir create_dir_perms; |
| 10 | allow keystore keystore_data_file:notdevfile_class_set create_file_perms; |
| 11 | allow keystore keystore_exec:file { getattr }; |
| 12 | allow keystore tee_device:chr_file rw_file_perms; |
| Nick Kralevich | b23d287 | 2014-01-08 11:47:00 -0800 | [diff] [blame] | 13 | allow keystore tee:unix_stream_socket connectto; |