c6f62897b6
1. Add SELinux permission MTK-Commit-Id: 49d711749e59016b1e46233c4569c9d22d957f3d Change-Id: If172698697fa5005f4548328665ea6c4739315c8 CR-Id: ALPS04721702 Feature: Modem Log Tool
40 lines
1.4 KiB
Plaintext
40 lines
1.4 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
# New added for move to /system
|
|
type cmddumper_exec, system_file_type, exec_type, file_type;
|
|
typeattribute cmddumper coredomain;
|
|
|
|
init_daemon_domain(cmddumper)
|
|
|
|
# cmddumper access on /data/mdlog
|
|
allow cmddumper system_data_file:dir { create_dir_perms relabelfrom relabelto};
|
|
|
|
# "mdl_serv_fifo" scontext=u:r:cmddumper:s0 tcontext=u:object_r:system_data_file
|
|
allow cmddumper system_data_file:fifo_file create_file_perms;
|
|
|
|
|
|
# for modem logging sdcard access
|
|
allow cmddumper sdcard_type:dir create_dir_perms;
|
|
allow cmddumper sdcard_type:file create_file_perms;
|
|
|
|
# modem logger socket access
|
|
allow cmddumper init:unix_stream_socket connectto;
|
|
allow cmddumper property_socket:sock_file { write read };
|
|
allow cmddumper platform_app:unix_stream_socket connectto;
|
|
allow cmddumper shell_exec:file { rx_file_perms };
|
|
allow cmddumper system_file:file x_file_perms;
|
|
|
|
|
|
# purpose: allow cmddumper to access storage in N version
|
|
allow cmddumper media_rw_data_file:file { create_file_perms };
|
|
allow cmddumper media_rw_data_file:dir { create_dir_perms };
|
|
|
|
# purpose: access plat_file_contexts
|
|
allow cmddumper file_contexts_file:file { read getattr open };
|
|
## Save C2K modem log into data
|
|
allow cmddumper debuglog_data_file:dir {relabelto create_dir_perms};
|
|
allow cmddumper debuglog_data_file:file create_file_perms;
|
|
allow cmddumper system_data_file:dir create_dir_perms;
|