T.J. Mercier | 3cf9a7b | 2024-12-26 23:02:09 +0000 | [diff] [blame^] | 1 | # The memcgv2_activation_depth.sh script run by init. |
| 2 | |
| 3 | type memcgv2_activation_depth, domain, coredomain; |
| 4 | type memcgv2_activation_depth_exec, system_file_type, exec_type, file_type; |
| 5 | |
| 6 | init_daemon_domain(memcgv2_activation_depth) |
| 7 | |
| 8 | # required permissions to run the script from init |
| 9 | allow memcgv2_activation_depth shell_exec:file rx_file_perms; |
| 10 | allow memcgv2_activation_depth system_file:file x_file_perms; |
| 11 | allow memcgv2_activation_depth toolbox_exec:file rx_file_perms; |
| 12 | |
| 13 | # for system default max activation depth |
| 14 | allow memcgv2_activation_depth cgroup_desc_file:file r_file_perms; |
| 15 | |
| 16 | # /metadata/libprocessgroup/* |
| 17 | allow memcgv2_activation_depth libprocessgroup_metadata_file:dir rw_dir_perms; |
| 18 | allow memcgv2_activation_depth libprocessgroup_metadata_file:file create_file_perms; |
| 19 | |
| 20 | # /sys/fs/cgroup/cgroup.controllers |
| 21 | # /sys/fs/cgroup/**/cgroup.subtree_control |
| 22 | allow memcgv2_activation_depth cgroup_v2:dir r_dir_perms; |
| 23 | allow memcgv2_activation_depth cgroup_v2:file rw_file_perms; |
| 24 | |
| 25 | # For reboot, when reducing the depth override |
| 26 | set_prop(memcgv2_activation_depth, powerctl_prop) |