diff options
author | Szymon Janc <szymon.janc@tieto.com> | 2014-12-23 12:46:21 +0100 |
---|---|---|
committer | Szymon Janc <szymon.janc@tieto.com> | 2014-12-24 11:01:53 +0100 |
commit | cba67bc1923a7701d70dd93944077e02b7504a03 (patch) | |
tree | c31bbccea5e3d85e9cb0f4ec641d32fabdcaf181 /android/bluetoothd_snoop.te | |
parent | 3fc5cbdaa01d7e00132f93e6acbfdb202539c6e5 (diff) | |
download | bluez-cba67bc1923a7701d70dd93944077e02b7504a03.tar.gz |
android: Provide SELinux policy files
This adds required policy files and updates documentation with more
SELinux information.
Diffstat (limited to 'android/bluetoothd_snoop.te')
-rw-r--r-- | android/bluetoothd_snoop.te | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/android/bluetoothd_snoop.te b/android/bluetoothd_snoop.te new file mode 100644 index 000000000..ef817b5bc --- /dev/null +++ b/android/bluetoothd_snoop.te @@ -0,0 +1,17 @@ +type bluetoothd_snoop, domain; +type bluetoothd_snoop_exec, exec_type, file_type; + +# Start bluetoothd_snoop from init +init_daemon_domain(bluetoothd_snoop) + +# directory search and read caps +allow bluetoothd_snoop self:capability dac_read_search; +# use raw and packet sockets caps +allow bluetoothd_snoop self:capability net_raw; + +# monitor socket access +allow bluetoothd_snoop self:socket { create bind setopt read }; + +# sdcard access +allow bluetoothd_snoop fuse:dir w_dir_perms; +allow bluetoothd_snoop fuse:file create_file_perms; |