1# Domain to run ExperimentalCarService (com.android.experimentalcar) 2type experimentalcarservice_app, domain, coredomain; 3app_domain(experimentalcarservice_app); 4 5allow experimentalcarservice_app wifi_service:service_manager find; 6 7# Allow access certain to system services. 8# Keep alphabetically sorted. 9allow experimentalcarservice_app { 10 accessibility_service 11 activity_service 12 activity_task_service 13 audio_service 14 audioserver_service 15 autofill_service 16 bluetooth_manager_service 17 carservice_service 18 connectivity_service 19 content_service 20 deviceidle_service 21 display_service 22 graphicsstats_service 23 input_method_service 24 input_service 25 location_service 26 lock_settings_service 27 media_session_service 28 network_management_service 29 power_service 30 procfsinspector_service 31 sensorservice_service 32 surfaceflinger_service 33 telecom_service 34 tethering_service 35 uimode_service 36 voiceinteraction_service 37}:service_manager find; 38 39# Read and write /data/data subdirectory. 40allow experimentalcarservice_app system_app_data_file:dir create_dir_perms; 41allow experimentalcarservice_app system_app_data_file:{ file lnk_file } create_file_perms; 42# R/W /data/system/car 43allow experimentalcarservice_app system_car_data_file:dir create_dir_perms; 44allow experimentalcarservice_app system_car_data_file:{ file lnk_file } create_file_perms; 45 46net_domain(experimentalcarservice_app) 47 48allow experimentalcarservice_app cgroup:file rw_file_perms; 49