1type init_foreground, domain; 2type init_foreground_exec, exec_type, file_type; 3 4init_daemon_domain(init_foreground) 5 6allow init_foreground proc:file getattr; 7allow init_foreground proc_iomem:file getattr; 8allow init_foreground proc_meminfo:file getattr; 9allow init_foreground proc_sysrq:file getattr; 10allow init_foreground shell_exec:file { getattr read }; 11allow init_foreground toolbox_exec:file rx_file_perms; 12 13allow init_foreground domain:dir { getattr search }; 14allow init_foreground domain:file { read open }; 15 16allow init_foreground kernel:process setsched; 17