| # Domain for peripheralman daemon. |
| type peripheralman, domain; |
| type peripheralman_exec, exec_type, file_type; |
| |
| brillo_domain(peripheralman) |
| allow peripheralman peripheralman_service:service_manager add; |
| |
| # Allow crash_reporter access to core dump files. |
| allow_crash_reporter(peripheralman) |
| |
| # Allow access to sysfs. |
| allow peripheralman sysfs:file rw_file_perms; |
| allow peripheralman sysfs:dir r_dir_perms; |
| |
| # Allow access to spidev devices. |
| allow peripheralman spi_device:chr_file rw_file_perms; |
| |
| # Allow access to i2cdev devices. |
| allow peripheralman i2c_device:chr_file rw_file_perms; |
| |
| # Allow access to uart devices. |
| allow peripheralman console_device:chr_file rw_file_perms; |