diff options
Diffstat (limited to 'healthd.te')
-rw-r--r-- | healthd.te | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/healthd.te b/healthd.te deleted file mode 100644 index f54d716..0000000 --- a/healthd.te +++ /dev/null @@ -1,48 +0,0 @@ -# healthd seclabel is specified in init.rc since -# it lives in the rootfs and has no unique file type. -type healthd, domain, domain_deprecated; - -# Write to /dev/kmsg -allow healthd kmsg_device:chr_file rw_file_perms; - -# Read access to pseudo filesystems. -r_dir_file(healthd, sysfs) - -allow healthd self:capability { net_admin sys_tty_config }; -wakelock_use(healthd) -allow healthd self:netlink_kobject_uevent_socket create_socket_perms; -binder_use(healthd) -binder_service(healthd) -binder_call(healthd, system_server) - -# Write to state file. -# TODO: Split into a separate type? -allow healthd sysfs:file write; - -allow healthd sysfs_batteryinfo:file r_file_perms; - -### -### healthd: charger mode -### - -# Read /sys/fs/pstore/console-ramoops -# Don't worry about overly broad permissions for now, as there's -# only one file in /sys/fs/pstore -allow healthd pstorefs:dir r_dir_perms; -allow healthd pstorefs:file r_file_perms; - -allow healthd graphics_device:dir r_dir_perms; -allow healthd graphics_device:chr_file rw_file_perms; -allow healthd input_device:dir r_dir_perms; -allow healthd input_device:chr_file r_file_perms; -allow healthd tty_device:chr_file rw_file_perms; -allow healthd ashmem_device:chr_file execute; -allow healthd self:process execmem; -allow healthd proc_sysrq:file rw_file_perms; -allow healthd self:capability sys_boot; - -allow healthd batteryproperties_service:service_manager { add find }; - -# Healthd needs to tell init to continue the boot -# process when running in charger mode. -set_prop(healthd, system_prop) |