Blame - target/board/generic/sepolicy/goldfish_setup.te - platform/build

blob: b8f121cda7feada7bdc7b5f0a9dd53820bc5c398 [file] [log] [blame]

Stephen Smalley	704744a	2014-09-03 11:07:03 -0400	[diff] [blame]	1	# goldfish-setup service: runs init.goldfish.sh script
Jeff Vander Stoep	7890fc4	2015-11-04 08:49:07 -0800	[diff] [blame]	2	type goldfish_setup, domain, domain_deprecated;
Stephen Smalley	704744a	2014-09-03 11:07:03 -0400	[diff] [blame]	3	type goldfish_setup_exec, exec_type, file_type;
Stephen Smalley	704744a	2014-09-03 11:07:03 -0400	[diff] [blame]	4
				5	init_daemon_domain(goldfish_setup)
				6
				7	# Inherit open file to shell (interpreter) for script.
Nick Kralevich	501c88c	2016-05-24 17:36:23 -0700	[diff] [blame]	8	allow goldfish_setup shell_exec:file rx_file_perms;
Stephen Smalley	704744a	2014-09-03 11:07:03 -0400	[diff] [blame]	9
				10	# Run ifconfig, route commands to configure interfaces and routes.
				11	allow goldfish_setup system_file:file execute_no_trans;
Stephen Smalley	75770de	2015-08-25 11:42:17 -0400	[diff] [blame]	12	allow goldfish_setup toolbox_exec:file rx_file_perms;
Stephen Smalley	704744a	2014-09-03 11:07:03 -0400	[diff] [blame]	13	allow goldfish_setup self:capability { net_admin net_raw };
				14	allow goldfish_setup self:udp_socket create_socket_perms;
				15
Miroslav Tisma	36a76ec	2015-12-10 12:23:40 +0100	[diff] [blame]	16	net_domain(goldfish_setup)
				17
Stephen Smalley	704744a	2014-09-03 11:07:03 -0400	[diff] [blame]	18	# Set net.eth0.dns*, debug.sf.nobootanimation
William Roberts	cccc901	2015-05-11 10:23:59 -0700	[diff] [blame]	19	set_prop(goldfish_setup, system_prop)
				20	set_prop(goldfish_setup, debug_prop)
Yu Ning	33dca80	2015-05-18 17:11:37 +0800	[diff] [blame]	21
				22	# Set ro.radio.noril
				23	set_prop(goldfish_setup, radio_noril_prop)
				24
				25	# Stop ril-daemon service (by setting ctl.stop to ril-daemon, which
				26	# transforms to a permission check on ctl.ril-daemon).
				27	set_prop(goldfish_setup, ctl_rildaemon_prop)