bac9992e86
Initial policy for software watchdog daemon which is started by init. Change-Id: I042a5b1698bf53ce2e50ea06851c374e5123ee2c Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
8 lines
384 B
Text
8 lines
384 B
Text
# watchdogd seclabel is specified in init.<board>.rc
|
|
type watchdogd, domain;
|
|
allow watchdogd rootfs:file { entrypoint r_file_perms };
|
|
allow watchdogd self:capability mknod;
|
|
allow watchdogd device:dir { add_name write remove_name };
|
|
allow watchdogd watchdog_device:chr_file rw_file_perms;
|
|
# because of /dev/__kmsg__ and /dev/__null__
|
|
allow watchdogd device:chr_file create_file_perms;
|