13 lines
448 B
Text
13 lines
448 B
Text
type hal_dice_default, domain;
|
|
hal_server_domain(hal_dice_default, hal_dice)
|
|
|
|
# Block crash dumps to ensure the DICE secrets are not leaked.
|
|
typeattribute hal_dice_default no_crash_dump_domain;
|
|
|
|
type hal_dice_default_exec, exec_type, vendor_file_type, file_type;
|
|
init_daemon_domain(hal_dice_default)
|
|
|
|
# hal_dice_default is using bootstrap bionic
|
|
use_bootstrap_libs(hal_dice_default)
|
|
|
|
allow hal_dice_default open_dice_device:chr_file rw_file_perms;
|