1# CAN service 2type can, domain; 3type can_exec, exec_type, file_type; 4 5# Started by init 6init_daemon_domain(can) 7 8allow can self:capability net_admin; 9 10allow can self:netlink_route_socket nlmsg_write; 11 12allow can shell_exec:file r_file_perms; 13 14# Allow execution of /system/bin/ip. 15allow can system_file:file rx_file_perms; 16 17# Allow can operations 18allow can self:capability { net_raw }; 19