• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2022-2025 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14binder_call(dcamera, accountmgr);
15
16#avc:  denied  { call } for  pid=2061 comm="ohos.dhardware." scontext=u:r:dcamera:s0 tcontext=u:r:camera_service:s0 tclass=binder permissive=1
17#avc:  denied  { transfer } for  pid=2061 comm="ohos.dhardware." scontext=u:r:dcamera:s0 tcontext=u:r:camera_service:s0 tclass=binder permissive=1
18allow dcamera camera_service:binder { call transfer };
19
20#avc:  denied  { search } for  pid=2040 comm="dcamera" name="/" dev="mmcblk0p11" ino=2 scontext=u:r:dcamera:s0 tcontext=u:object_r:data_file:s0 tclass=dir permissive=1
21allow dcamera data_file:dir { search };
22
23#avc:  denied  { bind } for  pid=3250 comm="Fillp_core_0" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
24#avc:  denied  { connect } for  pid=2344 comm="Fillp_core_0" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
25#avc:  denied  { create } for  pid=3250 comm="Fillp_core_0" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
26#avc:  denied  { getattr } for  pid=2344 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
27#avc:  denied  { read } for  pid=2040 comm="Fillp_core_94" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
28#avc:  denied  { setopt } for  pid=3250 comm="Fillp_core_0" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
29#avc:  denied  { write } for  pid=2040 comm="Fillp_core_94" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=udp_socket permissive=1
30allow dcamera dcamera:udp_socket { bind connect create getattr read setopt write };
31
32#avc:  denied  { getopt } for  pid=2051 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=unix_dgram_socket permissive=1
33#avc:  denied  { setopt } for  pid=2051 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=unix_dgram_socket permissive=1
34allow dcamera dcamera:unix_dgram_socket { getopt setopt };
35
36#avc:  denied  { call } for  pid=2178 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera_host:s0 tclass=binder permissive=1
37#avc:  denied  { transfer } for  pid=2429 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera_host:s0 tclass=binder permissive=1
38allow dcamera dcamera_host:binder { call transfer };
39
40#avc:  denied  { create } for  pid=2166 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=netlink_route_socket permissive=1
41#avc:  denied  { write } for  pid=2166 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=netlink_route_socket permissive=1
42#avc:  denied  { nlmsg_read } for  pid=2166 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=netlink_route_socket permissive=1
43#avc:  denied  { read } for  pid=2166 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:dcamera:s0 tclass=netlink_route_socket permissive=1
44allow dcamera dcamera:netlink_route_socket { create nlmsg_read nlmsg_readpriv read write };
45
46#avc:  denied  { search } for  pid=2047 comm="dcamera" name="socket" dev="tmpfs" ino=38 scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_unix_socket:s0 tclass=dir permissive=1
47allow dcamera dev_unix_socket:dir { search };
48
49#avc:  denied  { read write } for  pid=2520 comm="sa_main" path="/dev/console" dev="tmpfs" ino=19 scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_console_file:s0 tclass=chr_file permissive=0
50allow dcamera dev_console_file:chr_file { read write };
51
52#avc:  denied  { getattr } for  pid=2396 comm="dcamera" path="/dev/dri/renderD128" dev="tmpfs" ino=94 scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=1
53#avc:  denied  { read write } for  pid=2396 comm="dcamera" name="renderD128" dev="tmpfs" ino=94 scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=1
54#avc:  denied  { open } for  pid=2396 comm="dcamera" path="/dev/dri/renderD128" dev="tmpfs" ino=94 scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=1
55#avc:  denied  { ioctl } for  pid=2396 comm="dcamera" path="/dev/dri/renderD128" dev="tmpfs" ino=94 ioctlcmd=0x641f scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=chr_file permissive=1
56allow dcamera dev_dri_file:chr_file { getattr ioctl open read write };
57
58#avc:  denied  { search } for  pid=2396 comm="dcamera" name="dri" dev="tmpfs" ino=93 scontext=u:r:dcamera:s0 tcontext=u:object_r:dev_dri_file:s0 tclass=dir permissive=1
59allow dcamera dev_dri_file:dir { search };
60
61#avc:  denied  { call } for  pid=2464 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:dhardware:s0 tclass=binder permissive=1
62allow dcamera dhardware:binder { call transfer };
63
64
65
66#avc:  denied  { call } for  pid=2061 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:allocator_host:s0 tclass=binder permissive=1
67allow dcamera allocator_host:binder { call };
68
69#avc:  denied  { use } for  pid=2033 comm="dcamera" path="/dmabuf:" dev="dmabuf" ino=29931 ioctlcmd=0x6200 scontext=u:r:dcamera:s0 tcontext=u:r:allocator_host:s0 tclass=fd permissive=1
70allow dcamera allocator_host:fd { use };
71
72#avc:  denied  { call } for  pid=2483 comm="ohos.dhardware." scontext=u:r:dcamera:s0 tcontext=u:r:foundation:s0 tclass=binder permissive=1
73allow dcamera foundation:binder { call };
74
75#avc:  denied  { get } for service=hdf_device_manager pid=2053 scontext=u:r:dcamera:s0 tcontext=u:object_r:hdf_device_manager:s0 tclass=hdf_devmgr_class permissive=1
76allow dcamera hdf_device_manager:hdf_devmgr_class { get };
77
78#avc:  denied  { get } for service=distributed_camera_provider_service pid=2053 scontext=u:r:dcamera:s0 tcontext=u:object_r:hdf_distributed_camera_provider_service:s0 tclass=hdf_devmgr_class permissive=1
79allow dcamera hdf_distributed_camera_provider_service:hdf_devmgr_class { get };
80
81
82allow dcamera hdf_allocator_service:hdf_devmgr_class { get };
83
84#avc:  denied  { call } for  pid=2040 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:hdf_devmgr:s0 tclass=binder permissive=1
85#avc:  denied  { transfer } for  pid=2464 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:hdf_devmgr:s0 tclass=binder permissive=1
86allow dcamera hdf_devmgr:binder { call transfer };
87
88#avc:  denied  { call } for  pid=2061 comm="ohos.dhardware." scontext=u:r:dcamera:s0 tcontext=u:r:media_service:s0 tclass=binder permissive=1
89#avc:  denied  { transfer } for  pid=2061 comm="ohos.dhardware." scontext=u:r:dcamera:s0 tcontext=u:r:media_service:s0 tclass=binder permissive=1
90allow dcamera media_service:binder { call transfer };
91
92#avc:  denied  { read } for  pid=3521 comm="sa_main" name="u:object_r:accessibility_param:s0" dev="tmpfs" ino=53 scontext=u:r:dcamera:s0 tcontext=u:object_r:accessibility_param:s0 tclass=file permissive=0
93allow dcamera accessibility_param:file { read open map };
94
95#avc:  denied  { use } for  pid=514 comm="media_service" path="/dev/ashmem" dev="tmpfs" ino=181 scontext=u:r:dcamera:s0 tcontext=u:r:media_service:s0 tclass=fd permissive=1
96allow dcamera media_service:fd { use };
97
98#avc:  denied  { get } for service=3002 pid=2053 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_media_service:s0 tclass=samgr_class permissive=1
99allow dcamera sa_media_service:samgr_class { get };
100
101#avc:  denied  { get } for service=3901 pid=2042 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_param_watcher:s0 tclass=samgr_class permissive=1
102allow dcamera sa_param_watcher:samgr_class { get };
103
104#avc: denied  { get } for service=4700 pid=2053 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_softbus_service:s0 tclass=samgr_class permissive=1
105allow dcamera sa_softbus_service:samgr_class { get };
106
107#avc:  denied  { add } for service=4803 pid=2068 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_dcamera_source_service:s0 tclass=samgr_class permissive=1
108allow dcamera sa_dcamera_source_service:samgr_class { add get_remote };
109
110#avc:  denied  { get_remote } for service=4804 pid=2068 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_dcamera_sink_service:s0 tclass=samgr_class permissive=1
111#avc:  denied  { add } for service=4804 pid=2068 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_dcamera_sink_service:s0 tclass=samgr_class permissive=1
112allow dcamera sa_dcamera_sink_service:samgr_class { add get_remote };
113
114#avc:  denied  { get } for service=5100 pid=2068 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_device_service_manager:s0 tclass=samgr_class permissive=1
115allow dcamera sa_device_service_manager:samgr_class { get };
116
117#avc:  denied  { get } for service=3008 pid=2475 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_camera_service:s0 tclass=samgr_class permissive=1
118allow dcamera sa_camera_service:samgr_class { get };
119
120#avc:  denied  { get } for service=401 pid=2490 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_foundation_bms:s0 tclass=samgr_class permissive=1
121allow dcamera sa_foundation_bms:samgr_class { get };
122
123#avc:  denied  { get } for service=4607 pid=1562 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_foundation_dms:s0 tclass=samgr_class permissive=1
124allow dcamera sa_foundation_dms:samgr_class { get };
125
126#avc:  denied  { get } for service=4606 pid=3551 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_foundation_wms:s0 tclass=samgr_class permissive=1
127allow dcamera sa_foundation_wms:samgr_class { get };
128
129#avc:  denied  { read } for  pid=2433 comm="THREAD_POOL" scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=tcp_socket permissive=1
130#avc:  denied  { setopt } for  pid=2047 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=tcp_socket permissive=1
131#avc:  denied  { shutdown } for  pid=2061 comm="THREAD_POOL" scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=tcp_socket permissive=1
132#avc:  denied  { write } for  pid=2047 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=tcp_socket permissive=1
133allow dcamera softbus_server:tcp_socket { read setopt write shutdown };
134
135#avc:  denied  { call } for  pid=2047 comm="DHEventbusHandl" scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=binder permissive=1
136#avc:  denied  { transfer } for  pid=2061 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=binder permissive=1
137allow dcamera softbus_server:binder { call transfer };
138
139#avc:  denied  { use } for  pid=586 comm="THREAD_POOL"  scontext=u:r:dcamera:s0 tcontext=u:r:softbus_server:s0 tclass=fd permissive=1
140allow dcamera softbus_server:fd { use };
141
142#avc:  denied  { read } for  pid=4773 comm="dcamera" name="online" dev="sysfs" ino=29986 scontext=u:r:dcamera:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=file permissive=1
143#avc:  denied  { open } for  pid=4773 comm="dcamera" path"sys/devices/system/cpu/" name="online" dev="sysfs" ino=29986 scontext=u:r:dcamera:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=file permissive=1
144allow dcamera sysfs_devices_system_cpu:file { read open };
145
146#avc:  denied  { read } for  pid=2020 comm="sa_main" name="u:object_r:ohos_dev_param:s0" dev="tmpfs" ino=30 scontext=u:r:dcamera:s0 tcontext=u:object_r:ohos_dev_param:s0 tclass=file permissive=0
147allow dcamera ohos_dev_param:file { read };
148
149#avc:  denied  { get } for service=3503 pid=2648 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_accesstoken_manager_service:s0 tclass=samgr_class permissive=1
150allow dcamera sa_accesstoken_manager_service:samgr_class { get };
151
152#avc:  denied  { node_bind } for  pid=2166 comm="Fillp_core_210" scontext=u:r:dcamera:s0 tcontext=u:object_r:node:s0 tclass=udp_socket permissive=1
153allow dcamera node:udp_socket { node_bind };
154allow dcamera init:binder { call transfer };
155debug_only(`
156    allow dcamera sh:binder { call transfer };
157')
158
159#avc:  denied  { get } for service=4803 pid=560 scontext=u:r:hidumper_service:s0 tcontext=u:object_r:sa_dcamera_source_service:s0 tclass=samgr_class permissive=0
160# avc:  denied  { get } for service=4804 pid=560 scontext=u:r:hidumper_service:s0 tcontext=u:object_r:sa_dcamera_sink_service:s0 tclass=samgr_class permissive=0
161allow hidumper_service sa_dcamera_source_service:samgr_class { get };
162allow hidumper_service sa_dcamera_sink_service:samgr_class { get };
163
164#avc:  denied  { get } for service=4801 pid=2892 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_dhardware_service:s0 tclass=samgr_class permissive=0
165allow dcamera sa_dhardware_service:samgr_class { get };
166
167#avc:  denied  { search } for  pid=3030 comm="sa_main" name="bin" dev="sdd72" ino=12 scontext=u:r:dcamera:s0 tcontext=u:object_r:vendor_bin_file:s0 tclass=dir permissive=1
168allow dcamera vendor_bin_file:dir { search };
169allow dcamera hdf_devhost_exec:dir { search };
170
171#avc:  denied  { call } for  pid=571 comm="msdp" scontext=u:r:dcamera:s0 tcontext=u:r:accesstoken_service:s0 tclass=binder permissive=1
172allow dcamera accesstoken_service:binder { call };
173
174#avc:  denied  { get } for service=4802 pid=3227 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_foundation_devicemanager_service:s0 tclass=samgr_class permissive=1
175allow dcamera sa_foundation_devicemanager_service:samgr_class { get };
176
177#avc:  denied  { call } for  pid=2169 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:device_manager:s0 tclass=binder permissive=0
178#avc:  denied  { transfer } for  pid=2712 comm="IPC_1_2732" scontext=u:r:dcamera:s0 tcontext=u:r:device_manager:s0 tclass=binder permissive=1
179allow dcamera device_manager:binder { call transfer };
180
181#avc:  denied  { get } for pid=1380 comm="dcamera" scontext=u:r:dcamera:s0 tcontext=u:r:sa_av_codec_service:s0 tclass=samgr_class permissive=1
182allow dcamera sa_av_codec_service:samgr_class { get };
183
184#avc:  denied  { call } for pid=6252 comm="SrcDevHandler" scontext=u:r:dcamera:s0 tcontext=u:r:av_codec_service:s0 tclass=binder permissive=0
185#avc:  denied  { transfer } for pid=4125 comm="ohos.dharfware." scontext=u:r:dcamera:s0 tcontext=u:r:av_codec_service:s0 tclass=binder permissive=0
186allow dcamera av_codec_service:binder { call transfer };
187
188#avc:  denied  { call } for pid=1544 comm="IPC_3_2014" scontext=u:r:foundation:s0 tcontext=u:r:dcamera:s0 tclass=binder permissive=0
189#avc:  denied  { call } for pid=1453 comm="av_codec_servic" scontext=u:r:av_codec_service:s0 tcontext=u:r:dcamera:s0 tclass=binder permissive=0
190allow foundation dcamera:binder { call transfer };
191
192#avc:  denied  { call } for pid=1380 comm="av_codec_servic" scontext=u:r:av_codec_service:s0 tcontext=u:r:dhardware:s0 tclass=binder permissive=1
193#avc:  denied  { transfer } for pid=1380 comm="av_codec_servic" scontext=u:r:av_codec_service:s0 tcontext=u:r:dhardware:s0 tclass=binder permissive=1
194allow av_codec_service dhardware:binder { call transfer };
195allow av_codec_service dcamera:binder { call transfer };
196
197allow dcamera sysfs_devices_system_cpu:file { read getattr };
198allow dcamera arkcompiler_param:file { map open read };
199allow dcamera ark_writeable_param:file { map open read };
200
201allow dcamera av_codec_service:fd { use };
202allow dcamera_host chip_prod_file:dir { search };
203
204#avc: denied  { call transfer } for pid=4202 comm="DRPC_4_6734" scontext=u:r:dcamera:s0 tcontext=u:r:dslm_service:s0 tclass=binder permissive=1;
205#avc: denied  { call transfer } for pid=3591 comm="dslm_service" scontext=u:r:dslm_service:s0 tcontext=u:r:dcamera:s0 tclass=binder permissive=1;
206#avc: denied  { call transfer } for pid=4202 comm="IPC_2_2923" scontext=u:r:camera_service:s0 tcontext=u:r:av_codec_service:s0 tclass=binder permissive=1;
207allow dcamera dslm_service:binder { call transfer };
208allow dslm_service dcamera:binder { call transfer };
209allow camera_service av_codec_service:binder { call transfer };
210
211#avc: denied  { write } for pid=5006 comm="sa_main" path="/dev/kmsg" dev = "tmpfs" ino=116 scontext=u:r:dcamera:s0 tcontext=u:r:dev_kmsg_file:s0 tclass=chr_file permissive=1;
212#avc: denied  { write } for pid=4861 comm="hdf_devhost" path="/dev/kmsg" dev = "tmpfs" ino=116 scontext=u:r:dcamera_host:s0 tcontext=u:r:dev_kmsg_file:s0 tclass=chr_file permissive=1;
213#avc: denied  { write } for pid=4861 comm="IPC_1_4881" name= dev = "tmpfs" ino=116 scontext=u:r:dcamera_host:s0 tcontext=u:r:chip_prod_file:s0 tclass=file permissive=1;
214#avc: denied  { get } for service=3511 pid=4213 scontext=u:r:dcamera:s0 tcontext=u:r:sa_device_security_level_manager_service:s0 tclass=samgr_class permissive=0;
215allow  dcamera dev_kmsg_file:chr_file { open write };
216allow  dcamera_host dev_kmsg_file:chr_file { open write };
217allow  dcamera_host chip_prod_file:file { open getattr write read };
218allow  dcamera sa_device_security_level_manager_service:samgr_class{ get };
219allow accessibility sa_powermgr_powermgr_service:samgr_class { get };
220
221allow dcamera dev_ashmem_file:chr_file { read open map };
222allow normal_hap sa_dhardware_service:samgr_class { get };
223allow normal_hap dhardware:binder { call };
224
225
226allow dcamera bootevent_param:file { map open read };
227allow dcamera bootevent_samgr_param:file { map open read };
228allow dcamera build_version_param:file { map open read };
229allow dcamera const_allow_mock_param:file { map open read };
230allow dcamera const_allow_param:file { map open read };
231allow dcamera const_build_param:file { map open read };
232allow dcamera const_display_brightness_param:file { map open read };
233allow dcamera const_param:file { map open read };
234allow dcamera const_postinstall_fstab_param:file { map open read };
235allow dcamera const_postinstall_param:file { map open read };
236allow dcamera const_product_param:file { map open read };
237allow dcamera dcamera_host:binder { transfer };
238allow dcamera debug_param:file { map open read };
239allow dcamera default_param:file { map open read };
240allow dcamera distributedsche_param:file { map open read };
241allow dcamera hilog_param:file { map open read };
242allow dcamera hw_sc_build_os_param:file { map open read };
243allow dcamera hw_sc_build_param:file { map open read };
244allow dcamera hw_sc_param:file { map open read };
245allow dcamera init_param:file { map open read };
246allow dcamera init_svc_param:file { map open read };
247allow dcamera input_pointer_device_param:file { map open read };
248allow dcamera net_param:file { map open read };
249allow dcamera net_tcp_param:file { map open read };
250allow dcamera ohos_boot_param:file { map open read };
251allow dcamera ohos_param:file { map open read };
252allow dcamera param_watcher:binder { call transfer };
253allow dcamera persist_param:file { map open read };
254allow dcamera persist_sys_param:file { map open read };
255allow dcamera security_param:file { map open read };
256allow dcamera startup_param:file { map open read };
257allow dcamera sys_param:file { map open read };
258allow dcamera system_bin_file:dir { search };
259allow dcamera sys_usb_param:file { map open read };
260allow dcamera tracefs:dir { search };
261allow dcamera tracefs_trace_marker_file:file { open write };
262allow dcamera sys_prod_file:dir { search };
263allow dcamera chip_prod_file:dir { search };
264allow dcamera data_data_file:dir { search write add_name search };
265allow dcamera data_data_file:file { create append open ioctl getattr };
266allow camera_service hdf_distributed_camera_provider_service:hdf_devmgr_class { get };
267allow dcamera_host render_service:binder { transfer };
268allow dcamera_host normal_hap_attr:binder { transfer };
269allow dcamera_host av_codec_service:binder { call transfer };
270allowxperm dcamera data_data_file:file ioctl { 0x5413 };
271
272#avc:  denied  { get } for service=200 sid=u:r:dcamera:s0 scontext=u:r:dcamera:s0 tcontext=u:object_r:sa_accountmgr:s0 tclass=samgr_class permissive=0
273allow dcamera sa_accountmgr:samgr_class { get };
274