Blame - target/board/generic/sepolicy/ipv6proxy.te - platform/build

blob: 22976fe9b62930b3f08a9f16438aaf31016a3922 [file] [log] [blame]

Bjoern Johansson	127395f	2017-02-09 22:28:47 -0800	[diff] [blame]	1	# IPv6 proxying
Bjoern Johansson	760871c	2017-08-31 12:57:18 -0700	[diff] [blame]	2	type ipv6proxy, domain;
				3	type ipv6proxy_exec, exec_type, vendor_file_type, file_type;
Bjoern Johansson	127395f	2017-02-09 22:28:47 -0800	[diff] [blame]	4
				5	init_daemon_domain(ipv6proxy)
				6	net_domain(ipv6proxy)
				7
				8	# Allow ipv6proxy to be run by execns in its own domain
				9	domain_auto_trans(execns, ipv6proxy_exec, ipv6proxy);
				10	allow ipv6proxy execns:fd use;
				11
				12	allow ipv6proxy self:capability { sys_admin sys_module net_admin net_raw };
				13	allow ipv6proxy self:packet_socket { bind create read };
				14	allow ipv6proxy self:netlink_route_socket nlmsg_write;
				15	allow ipv6proxy varrun_file:dir search;
Bjoern Johansson	760871c	2017-08-31 12:57:18 -0700	[diff] [blame]	16	allowxperm ipv6proxy self:udp_socket ioctl { SIOCSIFFLAGS SIOCGIFHWADDR };