1# Add for bootctl 2#============= hal_bootctl_default ============== 3allow hal_bootctl_default rootfs:file { read getattr open }; 4allow hal_bootctl_default sysfs:dir { read open }; 5allow hal_bootctl_default sysfs_boot_type:file { read open }; 6allow hal_bootctl_default block_device:dir search; 7allow hal_bootctl_default misc_sd_device:chr_file rw_file_perms; 8allow hal_bootctl_default bootdevice_block_device:blk_file rw_file_perms; 9allowxperm hal_bootctl_default bootdevice_block_device:blk_file ioctl MMC_IOCTLCMD; 10allowxperm hal_bootctl_default bootdevice_block_device:blk_file ioctl UFS_IOCTLCMD; 11allow hal_bootctl_default proc_cmdline:file r_file_perms; 12allow hal_bootctl_default sysfs_boot_type:file r_file_perms; 13allow hal_bootctl_default self:capability sys_rawio; 14allow hal_bootctl_default para_block_device:blk_file rw_file_perms; 15