1type aocd, domain; 2type aocd_exec, vendor_file_type, exec_type, file_type; 3init_daemon_domain(aocd) 4 5# access persist files 6allow aocd mnt_vendor_file:dir search; 7allow aocd persist_file:dir search; 8r_dir_file(aocd, persist_aoc_file); 9 10# sysfs operations 11allow aocd sysfs_aoc:dir search; 12allow aocd sysfs_aoc_firmware:file w_file_perms; 13 14# dev operations 15allow aocd aoc_device:chr_file rw_file_perms; 16 17# allow inotify to watch for additions/removals from /dev 18allow aocd device:dir r_dir_perms; 19 20# set properties 21set_prop(aocd, vendor_aoc_prop) 22