Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / build / e474297039cb2cae2b0e716c91dd26154d4cb958 / . / target / board / generic / sepolicy / dhcpclient.te
blob: df71fca386a548074d9373e6673c81a063be5f27 [file] [log] [blame]
Bjoern Johansson3c4b3422017-07-06 15:52:57 -0700[diff] [blame]1# DHCP client
Bjoern Johansson760871c2017-08-31 12:57:18 -0700[diff] [blame]2type dhcpclient, domain;
3type dhcpclient_exec, exec_type, vendor_file_type, file_type;
Bjoern Johansson3c4b3422017-07-06 15:52:57 -0700[diff] [blame]4
5init_daemon_domain(dhcpclient)
6net_domain(dhcpclient)
7
8allow dhcpclient execns:fd use;
9
10set_prop(dhcpclient, net_eth0_prop);
11allow dhcpclient self:capability { net_admin net_raw };
Bjoern Johansson760871c2017-08-31 12:57:18 -0700[diff] [blame]12allow dhcpclient self:udp_socket create;
Bjoern Johansson3c4b3422017-07-06 15:52:57 -0700[diff] [blame]13allow dhcpclient self:netlink_route_socket { write nlmsg_write };
14allow dhcpclient varrun_file:dir search;
Bjoern Johansson760871c2017-08-31 12:57:18 -0700[diff] [blame]15allow dhcpclient self:packet_socket { create bind write read };
16allowxperm dhcpclient self:udp_socket ioctl { SIOCSIFFLAGS
17 SIOCSIFADDR
18 SIOCSIFNETMASK
19 SIOCSIFMTU
20 SIOCGIFHWADDR };