• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1type init-power-sh, domain, domain_deprecated;
2type init-power-sh_exec, exec_type, file_type;
3
4init_daemon_domain(init-power-sh)
5
6allow init-power-sh proc_kernel_sched:file w_file_perms;
7allow init-power-sh self:capability net_admin;
8allow init-power-sh shell_exec:file r_file_perms;
9allow init-power-sh sysfs_devices_system_cpu:file w_file_perms;
10allow init-power-sh sysfs_performance:dir search;
11allow init-power-sh sysfs_performance:file w_file_perms;
12allow init-power-sh sysfs_thermal:dir search;
13allow init-power-sh sysfs_thermal:file w_file_perms;
14allow init-power-sh sysfs_power_management:file w_file_perms;
15
16# interactive files in /sys receive the default sysfs context when created
17# after the restorecon of /sys/. Allow init-power-sh to restorecon sysfs files
18# and symlinks to sysfs_devices_system_cpu
19allow init-power-sh sysfs:{ dir file lnk_file } relabelfrom;
20allow init-power-sh sysfs_devices_system_cpu:{ dir file lnk_file } relabelto;
21
22# execute toybox/toolbox
23allow init-power-sh toolbox_exec:file rx_file_perms;
24