1# rfs_access - rfs_access daemon 2type rfs_access, domain; 3type rfs_access_exec, exec_type, vendor_file_type, file_type; 4 5init_daemon_domain(rfs_access) 6 7allow rfs_access self:capability { setuid setgid chown setpcap }; 8allow rfs_access mpss_rfs_data_file:dir create_dir_perms; 9allow rfs_access mpss_rfs_data_file:file create_file_perms; 10allow rfs_access mnt_vendor_file:dir search; 11allow rfs_access persist_file:dir search; 12allow rfs_access persist_rfs_file:dir create_dir_perms; 13allow rfs_access persist_rfs_file:file create_file_perms; 14allow rfs_access persist_rfs_shared_hlos_file:dir create_dir_perms; 15allow rfs_access rfs_tombstone_data_file:dir create_dir_perms; 16allow rfs_access rfs_tombstone_data_file:file create_file_perms; 17allow rfs_access self:qipcrtr_socket create_socket_perms_no_ioctl; 18 19wakelock_use(rfs_access) 20 21dontaudit rfs_access self:capability { dac_override dac_read_search }; 22