# remote storage process | |
type rmt, domain; | |
type rmt_exec, exec_type, file_type; | |
init_daemon_domain(rmt) | |
allow rmt shared_log_device:chr_file rw_file_perms; | |
wakelock_use(rmt) | |
allow rmt self:capability { setuid setgid setpcap net_raw sys_admin }; | |
# Allow access to /dev/uio0. | |
allow rmt uio_device:chr_file rw_file_perms; | |
allow rmt self:socket create_socket_perms; | |
allow rmt root_block_device:blk_file r_file_perms; | |
allow rmt modem_block_device:blk_file rw_file_perms; | |
allow rmt block_device:dir search; |