diff options
Diffstat (limited to 'selinux/qcks.te')
| -rw-r--r-- | selinux/qcks.te | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/selinux/qcks.te b/selinux/qcks.te new file mode 100644 index 0000000..cb72379 --- /dev/null +++ b/selinux/qcks.te @@ -0,0 +1,23 @@ +type qcks, domain; +type qcks_exec, exec_type, file_type; + +init_daemon_domain(qcks) +domain_trans(init, rootfs, qcks) + +allow qcks efsks_exec:file { read getattr open execute execute_no_trans }; +allow qcks ks_exec:file { read getattr open execute execute_no_trans }; +allow qcks mmc_block_device:blk_file getattr; +allow qcks radio_device:chr_file { read getattr open ioctl }; +allow qcks self:capability setuid; +allow qcks serial_device:chr_file { read write getattr open ioctl }; +allow qcks shell_exec:file execute_no_trans; +allow qcks vfat:file { read getattr open }; +allow qcks mmc_block_device:blk_file { read open }; +allow qcks radio_data_file:dir search; +allow qcks radio_data_file:file { read write getattr open }; +allow qcks radio_data_file:file setattr; +allow qcks mmc_block_device:blk_file write; +allow qcks vfat:dir search; +allow qcks shell_exec:file { read execute open }; +allow qcks radio_device:dir search; +allow qcks unlabeled:dir search; |