sepolicy: Fix some denials 2

Change-Id: Ic1c92ba6e902f208809cd10e106f8cd070642410
author: diegocr <diegocr@gmail.com> 2017-03-20 18:11:20 +0100
committer: davidevinavil <davidevinavil@gmail.com> 2017-04-07 13:32:26 +0200
commit: e0e3e7574e8329a91dbf7812c5d2aa70b35b95ef (patch)
tree: 7ae231f64dc274ff78c65e3f18e6544e879a93ff /sepolicy/sysinit.te
parent: 213d1db0f4d2acb5425bdb2ea673b42e39c5e022 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/sepolicy/sysinit.te b/sepolicy/sysinit.te
new file mode 100644
index 0000000..549fe58
--- /dev/null
+++ b/sepolicy/sysinit.te
@@ -0,0 +1,16 @@
+allow sysinit adsprpcd_file:dir getattr;
+allow sysinit cache_file:dir getattr;
+allow sysinit proc:file write;
+allow sysinit proc_dirty_ratio:file write;
+allow sysinit self:capability { dac_override dac_read_search };
+allow sysinit storage_file:dir getattr;
+allow sysinit system_block_device:blk_file read;
+allow sysinit proc:file open;
+allow sysinit proc_dirty_ratio:file open;
+allow sysinit system_block_device:blk_file open;
+allow sysinit proc:file read;
+allow sysinit proc_dirty_ratio:file read;
+allow sysinit system_block_device:blk_file ioctl;
+allow sysinit proc:file getattr;
+allow sysinit proc_dirty_ratio:file getattr;
+allow sysinit self:capability sys_admin;
author	diegocr <diegocr@gmail.com>	2017-03-20 18:11:20 +0100
committer	davidevinavil <davidevinavil@gmail.com>	2017-04-07 13:32:26 +0200
commit	e0e3e7574e8329a91dbf7812c5d2aa70b35b95ef (patch)
tree	7ae231f64dc274ff78c65e3f18e6544e879a93ff /sepolicy/sysinit.te
parent	213d1db0f4d2acb5425bdb2ea673b42e39c5e022 (diff)