Blame - hostapd.te - fp2-dev/platform/external/sepolicy

blob: 11145de93a668730aed07ca3020752047de59074 [file] [log] [blame]

Stephen Smalley	945fb56	2013-10-29 14:42:36 -0400	[diff] [blame]	1	# userspace wifi access points
Nick Kralevich	dbd28d9	2013-06-27 15:11:02 -0700	[diff] [blame]	2	type hostapd, domain;
Nick Kralevich	dbd28d9	2013-06-27 15:11:02 -0700	[diff] [blame]	3	type hostapd_exec, exec_type, file_type;
				4
Stephen Smalley	1601132	2014-02-24 15:06:11 -0500	[diff] [blame]	5	net_domain(hostapd)
				6
Stephen Smalley	945fb56	2013-10-29 14:42:36 -0400	[diff] [blame]	7	allow hostapd self:capability { net_admin net_raw setuid setgid };
				8	allow hostapd self:netlink_socket create_socket_perms;
Stephen Smalley	1601132	2014-02-24 15:06:11 -0500	[diff] [blame]	9	allow hostapd self:packet_socket create_socket_perms;
				10	allow hostapd self:netlink_route_socket nlmsg_write;
Stephen Smalley	945fb56	2013-10-29 14:42:36 -0400	[diff] [blame]	11
				12	allow hostapd wifi_data_file:file rw_file_perms;
				13	allow hostapd wifi_data_file:dir create_dir_perms;
Stephen Smalley	7ade68d	2014-02-21 11:28:20 -0500	[diff] [blame]	14	type_transition hostapd wifi_data_file:dir wpa_socket "sockets";
Stephen Smalley	5f8d9f8	2014-03-12 15:09:17 -0400	[diff] [blame]	15	type_transition hostapd wifi_data_file:dir wpa_socket "hostapd";
Stephen Smalley	f206737	2014-02-11 10:44:21 -0500	[diff] [blame]	16	allow hostapd wpa_socket:dir create_dir_perms;
				17	allow hostapd wpa_socket:sock_file create_file_perms;
Stephen Smalley	945fb56	2013-10-29 14:42:36 -0400	[diff] [blame]	18	allow hostapd netd:fd use;
				19	allow hostapd netd:udp_socket { read write };
Stephen Smalley	08461cb	2014-03-18 10:45:15 -0400	[diff] [blame]	20	allow hostapd netd:fifo_file { read write };
				21	# TODO: Investigate whether these inherited sockets should be closed on exec.
Stephen Smalley	945fb56	2013-10-29 14:42:36 -0400	[diff] [blame]	22	allow hostapd netd:netlink_kobject_uevent_socket { read write };
				23	allow hostapd netd:netlink_nflog_socket { read write };
				24	allow hostapd netd:netlink_route_socket { read write };
				25	allow hostapd netd:unix_stream_socket { read write };
Stephen Smalley	08461cb	2014-03-18 10:45:15 -0400	[diff] [blame]	26	allow hostapd netd:unix_dgram_socket { read write };