1type init_foreground, domain; 2type init_foreground_exec, exec_type, vendor_file_type, file_type; 3 4init_daemon_domain(init_foreground) 5 6allow init_foreground proc:file getattr; 7allow init_foreground proc_iomem:file getattr; 8allow init_foreground proc_meminfo:file getattr; 9allow init_foreground proc_sysrq:file getattr; 10dontaudit init_foreground proc_interrupts:file getattr; 11dontaudit init_foreground proc_stat:file getattr; 12dontaudit init_foreground proc_timer:file getattr; 13dontaudit init_foreground proc_zoneinfo:file getattr; 14 15allow init_foreground vendor_shell_exec:file rx_file_perms; 16allow init_foreground vendor_toolbox_exec:file rx_file_perms; 17 18allow init_foreground domain:dir { getattr search }; 19allow init_foreground domain:file { read open }; 20 21allow init_foreground kernel:process setsched; 22