sepolicy/tcmd.te - device/moto/shamu - Git at Google


 type tcmd, domain;
 type tcmd_exec, exec_type, file_type;

 init_daemon_domain(tcmd)

 # Uses network sockets.
 net_domain(tcmd)

 # Set property.
 unix_socket_connect(tcmd, property, init)

 # Allow restart, fastboot, power off
 allow tcmd powerctl_prop:property_service set;

 # Uses /dev/ttydiag2
 allow tcmd diag_device:chr_file rw_file_perms;

 # Uses raw socket
 allow tcmd self:capability net_raw;

	type tcmd, domain;
	type tcmd_exec, exec_type, file_type;

	init_daemon_domain(tcmd)

	# Uses network sockets.
	net_domain(tcmd)

	# Set property.
	unix_socket_connect(tcmd, property, init)

	# Allow restart, fastboot, power off
	allow tcmd powerctl_prop:property_service set;

	# Uses /dev/ttydiag2
	allow tcmd diag_device:chr_file rw_file_perms;

	# Uses raw socket
	allow tcmd self:capability net_raw;