1# The memcgv2_activation_depth.sh script run by init. 2 3type memcgv2_activation_depth, domain, coredomain; 4type memcgv2_activation_depth_exec, system_file_type, exec_type, file_type; 5 6init_daemon_domain(memcgv2_activation_depth) 7 8# required permissions to run the script from init 9allow memcgv2_activation_depth shell_exec:file rx_file_perms; 10allow memcgv2_activation_depth system_file:file x_file_perms; 11allow memcgv2_activation_depth toolbox_exec:file rx_file_perms; 12 13# for system default max activation depth 14allow memcgv2_activation_depth cgroup_desc_file:file r_file_perms; 15 16# /metadata/libprocessgroup/* 17allow memcgv2_activation_depth libprocessgroup_metadata_file:dir rw_dir_perms; 18allow memcgv2_activation_depth libprocessgroup_metadata_file:file create_file_perms; 19 20# /sys/fs/cgroup/cgroup.controllers 21# /sys/fs/cgroup/**/cgroup.subtree_control 22allow memcgv2_activation_depth cgroup_v2:dir r_dir_perms; 23allow memcgv2_activation_depth cgroup_v2:file rw_file_perms; 24 25# For reboot, when reducing the depth override 26set_prop(memcgv2_activation_depth, powerctl_prop) 27