5131ff6544
This prebuilt is based on the AOSP policy, but slightly manipulated so that the set of types and attributes are identical with R policy. Following types are removed. boot_status_prop dalvik_config_prop gnss_device surfaceflinger_color_prop surfaceflinger_prop systemsound_config_prop vold_config_prop vold_status_prop Following type is renamed. wificond_service -> wifinl80211_service Bug: 153661471 Test: N/A Change-Id: I018d5e43f53c2bf721db1d13f5f4be42b9782b29
18 lines
589 B
Text
18 lines
589 B
Text
#
|
|
# /system/bin/auditctl executed for logd
|
|
#
|
|
# Performs maintenance of the kernel auditing system, including
|
|
# setting rate limits on SELinux denials.
|
|
#
|
|
|
|
type auditctl, domain, coredomain;
|
|
type auditctl_exec, file_type, system_file_type, exec_type;
|
|
|
|
# Uncomment the line below to put this domain into permissive
|
|
# mode. This helps speed SELinux policy development.
|
|
# userdebug_or_eng(`permissive auditctl;')
|
|
|
|
init_daemon_domain(auditctl)
|
|
|
|
allow auditctl self:global_capability_class_set audit_control;
|
|
allow auditctl self:netlink_audit_socket { create_socket_perms_no_ioctl nlmsg_write };
|