| #Policy for start_hci_filter |
| type start_hci_filter, domain; |
| type start_hci_filter_exec, exec_type, file_type; |
| |
| init_daemon_domain(start_hci_filter); |
| |
| allow start_hci_filter self:capability { setuid setgid dac_override }; |
| |
| #HACK allow start_hci_filter default_prop:property_service set; |
| |
| allow start_hci_filter proc:file { read write open }; |
| allow start_hci_filter proc_sysrq:file { read write open }; |
| |
| allow start_hci_filter sysfs:file write; |
| |
| allow start_hci_filter property_socket:sock_file write; |
| allow start_hci_filter init:unix_stream_socket connectto; |
| |
| allow start_hci_filter ttyHS0_device:chr_file { open ioctl rw_file_perms }; |