| Marko Man | e2e1d7e | 2018-08-26 23:15:26 +0200 | [diff] [blame] | 1 | r_dir_file(update_engine, mnt_user_file) |
| 2 | r_dir_file(update_engine, storage_file) |
| 3 | |
| Marko Man | f2b9bf9 | 2018-09-01 19:21:27 +0200 | [diff] [blame] | 4 | allow update_engine self:capability { chown fsetid }; |
| Marko Man | e2e1d7e | 2018-08-26 23:15:26 +0200 | [diff] [blame] | 5 | |
| 6 | allow update_engine labeledfs:filesystem { mount unmount }; |
| 7 | |
| Marko Man | e2e1d7e | 2018-08-26 23:15:26 +0200 | [diff] [blame] | 8 | allow update_engine { otapreopt_chroot_exec rootfs system_file toolbox_exec }:file rx_file_perms; |
| Marko Man | f2b9bf9 | 2018-09-01 19:21:27 +0200 | [diff] [blame] | 9 | |
| 10 | allow update_engine labeledfs:filesystem mount; |
| 11 | allow update_engine rootfs:dir { add_name write }; |
| 12 | allow update_engine storage_file:lnk_file read; |
| 13 | allow update_engine system_file:file execute_no_trans; |
| 14 | allow update_engine toolbox_exec:file { execute getattr }; |