| type bullhead-sh, domain; |
| type bullhead-sh_exec, exec_type, file_type; |
| |
| # Started by init |
| init_daemon_domain(bullhead-sh) |
| |
| # Access to /data/misc/radio/* |
| allow bullhead-sh radio_data_file:file create_file_perms; |
| allow bullhead-sh radio_data_file:dir create_dir_perms; |
| |
| # Chwon /data/misc/radio/modem_config |
| allow bullhead-sh self:capability chown; |
| |
| # Copy /firmware/image/modem_pr/mcfg/configs/ to /data/misc/radio/* |
| allow bullhead-sh firmware_file:file r_file_perms; |
| allow bullhead-sh firmware_file:dir r_dir_perms; |
| |
| allow bullhead-sh shell_exec:file r_file_perms; |
| |
| # execute toybox/toolbox |
| allow bullhead-sh toolbox_exec:file rx_file_perms; |